Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 27.11.2008, 12:35   #1
Lemuren-Frau
 
DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe - Standard

DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe



Hallo, ich bin jetzt das erste Mal hier und hatte beim googeln das Gefühl bekommen, hier Kompetenz antreffen zu können? (betrachtet mich wie im Titel gesagt einfach mal als DAU)
Es ging letzte Woche damit los, dass mein Avira AntiVir Personal -free antivirus diverse Fehlermeldungen machte, die offenbar mit defekten oder fehlenden .dll-Dateinen zusammenhingen, was mich schon stutzig machte, Avira hatte sich auch an diesem tag schon geupdatet.
Mit dem darauffolgenden Update schien aber wieder alles in Ordnung, auch das Avira-Rettungskit, dass mein Freund mal über das System hat laufen lassen kontne nix finden, sowie der komplete Systemscan den ich am 26.11. nochmal gemacht hatte
Jetzt allerdings, es geht soweit (noch???) alles normal, friert die Kiste für Zeiträume von bis zu 1 Minute ein, ohne dass die Festplatte aktiv ist (kein blinkendes Lämpchen) und hat sich bisher auch immer wieder gefangen. Das äußert sich darin, dass der Cursor und Videos festhängen, Musik hab ich net ausprobiert bisher.
Als absolut inkompetente Person fiel mir im Taskmanager auf, dass genau zu diesen Momenten die CPU-Auslastung meist in die Höhe schnellt und diverse mir nichts-sagende .exe's am laufen sind, sowie mind. 5x der svchost.
zur verdeutlichung poste ich mal nen screenshot davon(geschwärzt is nur mein Username):

das avira-log müsste ich auch noch haben, wenn mir jemand sagt wo? (habs nich gelöscht oder so) könnt ihr auch gerne haben.
googeln zu diesen .exe'n hat im Fazit ergeben, dass die meisten davon wohl normale systemprozesse sind, aber auch getarnte Viren/trojaner und der ganze shit sein können(vor allem hier hat sich letzteres herauskristallisiert ;-) ), weshalb ich jetzt etwas ratlos und nervös bin. Avira findet nix, weshalb ich gerne erstmal Tipps für ein gutes Diagnose-Programm hätte und Anweisungen für weitere Schritte (sowie zur Vorbeugung weiterer solcher unschönen Sachen).
Achso, ich habe Windows XP SP2, was sich, soweit ichs mitkriege auch regelmäßig aktualisiert...

Ich kann nicht ausschließen, dass mein System verseucht und "ungepflegt" ist, wie ich es hier auch schon gelesen hatte, aber würde trotzdem drum bitten, nach detaillierterer Diagnose Hilfe nicht zu verweigern

Alt 27.11.2008, 13:08   #2
Chris4You
 
DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe - Standard

DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe



Hi,

folge dem Link "HJ" in meiner Signatur und erstelle gemäß den Boardregeln ein HJ-Logfile;

Bitte dann auch gleich noch MAM und Prevx laufen lassen:
Malwarebytes Antimalware (MAM).
Anleitung&Download hier: http://www.trojaner-board.de/51187-malwarebytes-anti-malware.html
Fullscan und alles bereinigen lassen! Log posten.

Prevx:
http://www.prevx.com/freescan.asp

Poste auch diese Logs.

chris
__________________

__________________

Alt 30.11.2008, 18:56   #3
Lemuren-Frau
 
DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe - Standard

DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe



halloli! sorry, war 2 Tage spontan unterwegs und bin erst heut dazu gekommen (naja, is ja MEINE Kiste, ich glaub den helferchen hier is das ziemlich egal ;-))

hier das HJT-log:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:38:02, on 30.11.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Programme\buffed.de\Blasc\BLASC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Dropbox\Dropbox.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Dokumente und Einstellungen\XXX\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [BLASC] "C:\Programme\buffed.de\Blasc\BLASC.exe" silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Programme\Dropbox\Dropbox.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6148 bytes
         
hier von MAM:
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.30
Datenbank Version: 1437
Windows 5.1.2600 Service Pack 3

30.11.2008 17:54:16
mbam-log-2008-11-30 (17-54-16).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|E:\|)
Durchsuchte Objekte: 97157
Laufzeit: 1 hour(s), 10 minute(s), 1 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
geht gleich weiter...
__________________

Alt 30.11.2008, 19:07   #4
Lemuren-Frau
 
DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe - Standard

DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe



und hier auch prevx, da es leider deutlich zu lang war, etwas zerstückelt...(hoff, das is ok so)
Code:
ATTFilter
Prevx Scan Log - Version v3.0.0.188
Log Generated: 30/11/2008 18:42, Type: 0,0
Some non-malicious files are not included in this log.

Last Scan: Sun 2008-11-30 17:56:16 Westeuropäische Normalzeit. Number of Scans: 1. Last Scan Duration: 1 minute 15 seconds.
[G<R00000088>] C:\WINDOWS\System32\Drivers\sptd.sys	[PX5: BD6E5EC2F0328E87F1980A3577FE2A00CB8C0F3C]
[U] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\aegen.dll	[PX5: 0AD1767873B54AA0F11D0460A11E52007C2F034E]
[U] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\aecore.dll	[PX5: 141258B7751C34F2A1A302B776FDDC00635F5906]
[U] (ACTIVE) C:\Programme\buffed.de\Blasc\sqlite3.dll	[PX5: 2ABDBC0300D9AD69005E057471F5AC00FDE47791]
[U] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\aehelp.dll	[PX5: 21A5510977C58E21D1E6016864074E007A55699F]
[U] (ACTIVE) c:\programme\avira\antivir personaledition classic\ccgen.dll	[PX5: A0A6A92401CE36CA216C04AC8F483E00600DB702]
[U] (ACTIVE) C:\Programme\buffed.de\Blasc\Plugins\PWoW.dll	[PX5: 3AB3E53E00EB0929DA5318F867E1FD00D0B925E3]
[U] (ACTIVE) C:\Programme\buffed.de\Blasc\Plugins\PWoWAddOns.dll	[PX5: CF373E7400C3F9B918DB2195C7389900800D9DB1]
[UN] C:\Programme\FUJITSU SIEMENS\IH85\IH85.exe	[PX5: 2ECC093500E617F780920365DF498C009F2B0571]
[U] C:\Programme\Avira\AntiVir PersonalEdition Classic\aegen.dll.tmp	[PX5: F9EE42D87465F678F10E043838903800DB31A637]
[U] C:\Programme\Avira\AntiVir PersonalEdition Classic\aecore.dll.tmp	[PX5: 141258B776D1D5BAA11F02B776FDDC004C299AAB]
[U] C:\Programme\Dropbox\Uninstall.exe	[PX5: 99AF1DAF6978F791F25800630AB89D00F070D733]
[U] C:\Programme\buffed.de\Blasc\BLASC.exe	[PX5: 53F457BC003BE6E746B92266F2B63300A725CB59]
[U] C:\Programme\DAEMON Tools Toolbar\uninst.exe	[PX5: C9E1ACA7C8E7F06319F906EE2751BB00A7A6F8A0]
[G] (ACTIVE) C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll	[PX5: 4CBC19FB0092A5A476A30522BAD957002B8B558A]
[G] (ACTIVE) C:\Programme\OpenOffice.org 3\Basis\program\shlxthdl\stlport_vc7145.dll	[PX5: 497C2DCF0081828E1ABD099E8EA2FA00251D49C2]
[G] (ACTIVE) C:\WINDOWS\system32\advpack.dll	[PX5: DC4315B8008B9684E84501F479D3BA00F1D8E619]
[G] (ACTIVE) c:\programme\avira\antivir personaledition classic\cclicrc.dll	[PX5: 63EDF61201582C7F174200A7C38992009C65CA60]
[G] (ACTIVE) c:\windows\system32\CFGMGR32.dll	[PX5: 272F02CA00E3AFF442630050939AA3002C4BA733]
[G] (ACTIVE) C:\WINDOWS\system32\PROFMAP.dll	[PX5: 07FCFC7000CDCC066C2000894E4EFD003E257252]
[G] (ACTIVE) C:\WINDOWS\system32\Normaliz.dll	[PX5: E3FC1A7000BA1C775C420052AC60C600F74EBAFC]
[G] (ACTIVE) C:\WINDOWS\System32\winrnr.dll	[PX5: 468687C10004FECC421A00697B8182009B31EAD1]
[G] (ACTIVE) c:\windows\system32\dot3dlg.dll	[PX5: 3EEF7CC000420A93240400DE440E5B004CA90E99]
[G] (ACTIVE) C:\WINDOWS\system32\sfc.dll	[PX5: D093E86500CD4F7F14A5004526F09B00860EB37B]
[G] (ACTIVE) C:\WINDOWS\system32\WTSAPI32.dll	[PX5: B2CD3414004CDD7F48CB005616214100F48B11F2]
[G] (ACTIVE) C:\WINDOWS\system32\basesrv.dll	[PX5: 7D49093C00A64B1CCE2F0066A018EC0006ACFF57]
[G] (ACTIVE) C:\WINDOWS\System32\smss.exe	[PX5: FB45C9580064EFA6C69B00AD18ED0300012E4680]
[G] (ACTIVE) c:\windows\system32\WMI.dll	[PX5: EDD06271008F3ECC16E900F942A73D0055071478]
[G] (ACTIVE) C:\WINDOWS\System32\MSIDLE.DLL	[PX5: 8D9BC73A00FC50431AD0008F659B3F0037DD4CE8]
[G] (ACTIVE) C:\WINDOWS\system32\MSIMG32.dll	[PX5: 0067C3C80035875412DB00CC1C82B7003DBBB0CE]
[G] (ACTIVE) C:\WINDOWS\system32\NDdeApi.dll	[PX5: 6D123DD5004030CE48FF00F38B279F008421A864]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\schedr.dll	[PX5: 5DCA8EFB0150A4DF216800682761D1001054D847]
[G] (ACTIVE) C:\WINDOWS\system32\rasadhlp.dll	[PX5: 1685D8060035502F1E80003B3C2E07008B47C23F]
[G] (ACTIVE) C:\WINDOWS\system32\VERSION.dll	[PX5: 72DD0533003F26F04A6F00F9C3C0BF003B413586]
[G] (ACTIVE) C:\WINDOWS\system32\WS2HELP.dll	[PX5: AD124A0A009EF71D4EA700FE4A89D2005852AE59]
[G] (ACTIVE) C:\WINDOWS\system32\DCIMAN32.dll	[PX5: 688804750067BA2C22B100023FA008007A24570B]
[G] (ACTIVE) C:\WINDOWS\system32\PSAPI.DLL	[PX5: E35D9B0B00FEA8935A5E00283FFF70000A2B815C]
[G] (ACTIVE) C:\WINDOWS\system32\SensApi.dll	[PX5: 455F872300FC071D1CBC003301197800F642E234]
[G] (ACTIVE) C:\WINDOWS\system32\CSRSRV.dll	[PX5: 375E3F310082596D7E60004BC56D2200007617F0]
[G] (ACTIVE) C:\WINDOWS\system32\FLTLIB.DLL	[PX5: C919EAFD008A68E842D500011C74CC00E2E6E6B0]
[G] (ACTIVE) C:\WINDOWS\system32\csrss.exe	[PX5: BE8293BF00483640186400665DD0AE0034F49399]
[G] (ACTIVE) C:\WINDOWS\system32\cryptdll.dll	[PX5: 80ACCE7800B6D5B482590026E5E734008C217799]
[G] (ACTIVE) C:\WINDOWS\system32\WLDAP32.dll	[PX5: 49EEF90F005A3487A41A02DEA0C6E600A4CFEDEC]
[G] (ACTIVE) C:\WINDOWS\AppPatch\AcAdProc.dll	[PX5: 0C686A9B009AA14A9AEE002C692B9000F10AE61B]
[G] (ACTIVE) C:\WINDOWS\system32\msacm32.drv	[PX5: 9617902F00A2596F522700876A3BC900E9999C01]
[G] (ACTIVE) C:\WINDOWS\system32\Secur32.dll	[PX5: B6851599004C11B4DCA90060E400BA00A4E527B6]
[G] (ACTIVE) C:\WINDOWS\system32\NCObjAPI.DLL	[PX5: 01D4154100EB5CEB8E4000F24F2FFA00E332FA61]
[G] (ACTIVE) C:\WINDOWS\system32\pjlmon.dll	[PX5: DA0A31BF004022E93C5D007A98E64D00A45CED31]
[G] (ACTIVE) c:\windows\system32\dot3api.dll	[PX5: 71128D6F004CA248668C000DB250470033DEF747]
[G] (ACTIVE) C:\WINDOWS\system32\wdmaud.drv	[PX5: 7C29226C00CFB9ED5C2500DA53C34B009615E2D7]
[G] (ACTIVE) C:\WINDOWS\system32\mdimon.dll	[PX5: 4A580D5700F10E5846F3006043C178003D6E741C]
[G] (ACTIVE) C:\WINDOWS\system32\IMAGEHLP.dll	[PX5: 31EAA7E00066DD3B342C025E6B2639006AF91436]
[G] (ACTIVE) C:\WINDOWS\system32\AUTHZ.dll	[PX5: AEC5EF3300676DC7F465009F20FAD4005B215EA5]
[G] (ACTIVE) C:\WINDOWS\system32\ShimEng.dll	[PX5: 1C9AA7B7006D94B3FEA200EF5E2DC900079A41E3]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\AVPREF.DLL	[PX5: A35F45C701B8E20197C2009D4FEC220096A67B25]
[G] (ACTIVE) C:\WINDOWS\system32\NETRAP.dll	[PX5: 7BD47931004396CE2EEE00654B7F8500B8D88AD5]
[G] (ACTIVE) C:\WINDOWS\System32\HID.DLL	[PX5: 27345A4C004D2A5B5219007AE0F02D00D52DF24C]
[G] (ACTIVE) c:\programme\avira\antivir personaledition classic\ccgrdrc.dll	[PX5: 3F844311015D3C19559500A28E5DD600AFA6A874]
[G] (ACTIVE) C:\WINDOWS\System32\ntlsapi.dll	[PX5: 1E16247D006C52E520B8003B3C2E07009CDD41E6]
[G] (ACTIVE) C:\WINDOWS\system32\usbmon.dll	[PX5: C0F977570090645242A2001FC9FD440095E435FC]
[G] (ACTIVE) c:\programme\avira\antivir personaledition classic\ccupdrc.dll	[PX5: F41D4B9601F6037533F200E10A891B00E97F9C4C]
[G] (ACTIVE) C:\WINDOWS\system32\wdigest.dll	[PX5: F988CE02000F7D99C069008FD3C5EC00B0773B42]
[G] (ACTIVE) C:\Programme\iTunes\iTunesMiniPlayer.Resources\de.lproj\iTunesMiniPlayerLocalized.dll	[PX5: 630E36D60031DF15A85E004BF4B4EC00C816DB0A]
[G] (ACTIVE) C:\WINDOWS\System32\uniplat.dll	[PX5: 5B7464BC009D7920361E002562779F001178FB89]
[G] (ACTIVE) C:\WINDOWS\system32\SHFolder.dll	[PX5: E9FF9A7E00A5382262C4007711870C00FB010AE5]
[G] (ACTIVE) c:\windows\system32\POWRPROF.dll	[PX5: FB52B6EF002782D744D000ECE4E087002622F28D]
[G] (ACTIVE) c:\windows\system32\eappprxy.dll	[PX5: B5B118B100E1958BA0E000B6C12776002533ACE8]
[G] (ACTIVE) c:\windows\system32\EapolQec.dll	[PX5: 729DEDAE00DEA0D77890009BBC24A00092018B9C]
[G] (ACTIVE) C:\WINDOWS\system32\NTDSAPI.dll	[PX5: 07B48BBB0081D6640634017A9884350059F516B0]
[G] (ACTIVE) C:\WINDOWS\system32\comdlg32.dll	[PX5: DFEDBCC600D07DEE4CB204F8B09434007075F2D4]
[G] (ACTIVE) C:\WINDOWS\system32\wbem\wbemprox.dll	[PX5: 594EEB9300BADFCB4A7400EE068B8E00C16EF5E0]
[G] (ACTIVE) C:\WINDOWS\system32\MSACM32.dll	[PX5: 8C2F248D004E00D51AE10174AB0E1E00306145D9]
[G] (ACTIVE) C:\WINDOWS\system32\IMM32.DLL	[PX5: DE894E6A004C133EAE5F0127B1D37300A446BC45]
[G] (ACTIVE) C:\WINDOWS\system32\Apphelp.dll	[PX5: 7DD420CF00F6748FEC9D0116E0C40B00A325496B]
[G] (ACTIVE) C:\WINDOWS\system32\Wship6.dll	[PX5: A4306CB0008D3F7738790085CD064F00CCE57CAB]
[G] (ACTIVE) C:\WINDOWS\system32\MPR.dll	[PX5: 4BB7612A004791DCEAB900563FC45B0075C656B3]
[G] (ACTIVE) C:\WINDOWS\system32\eventlog.dll	[PX5: 7C69063F00BA2375DC74007BBE4EA800D23DC340]
[G] (ACTIVE) C:\WINDOWS\system32\msprivs.dll	[PX5: 10CAD90A00073085BC3600D4B298BF0006BB0264]
[G] (ACTIVE) c:\programme\avira\antivir personaledition classic\ccgenrc.dll	[PX5: 1D6A835D015D42F149B800BA66859B00C44D29D2]
[G] (ACTIVE) C:\WINDOWS\system32\REGAPI.dll	[PX5: E257AF2200174BFAC256002B1BA1D1008398C862]
[G] (ACTIVE) C:\WINDOWS\system32\WINSTA.dll	[PX5: E4556540006E880CD2DD007315E8F000277C5CC5]
[G] (ACTIVE) C:\WINDOWS\system32\BatMeter.dll	[PX5: 03B602730025CC1B723100F989DCB0000BBFA09C]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\SMTPLIB.DLL	[PX5: 875FB297016B68E5716800C6F106B600C50FD755]
[G] (ACTIVE) C:\Programme\buffed.de\Blasc\borlndmm.dll	[PX5: CEE031A10002171D7465008C96B07E00DFDED1FD]
[G] (ACTIVE) c:\windows\system32\WZCSAPI.DLL	[PX5: EAAA9185007EAF39CEFC00F785D6240006E94ACA]
[G] (ACTIVE) C:\WINDOWS\system32\WSOCK32.dll	[PX5: 45BA2927007169C960BA00C31EB3D1007AED61F7]
[G] (ACTIVE) C:\WINDOWS\system32\LINKINFO.dll	[PX5: 539681F400FCDCEB4E6600F551963000F272EF09]
[G] (ACTIVE) c:\windows\system32\ICAAPI.dll	[PX5: 8928CE3100EAC8F02C87008DAB5E1600161C7F05]
[G] (ACTIVE) C:\WINDOWS\system32\rtutils.dll	[PX5: 049A61CD00F34E57AC8300EE0FFA3000BD0AEFEA]
[G] (ACTIVE) C:\WINDOWS\system32\midimap.dll	[PX5: E37168F0002D88084A000079BA6DCB001B9B0AF3]
[G] (ACTIVE) C:\WINDOWS\system32\WS2_32.dll	[PX5: 81E3E33C008BA131420C0107E70611008B287080]
[G] (ACTIVE) C:\WINDOWS\system32\SAMLIB.dll	[PX5: 7E86234100ACD5EAFAE80049DF596300F893541C]
[G] (ACTIVE) C:\WINDOWS\system32\MSASN1.dll	[PX5: 46DF0ED40018FDFEE099001A630D94005AA44EAA]
[G] (ACTIVE) C:\WINDOWS\system32\sfc_os.dll	[PX5: 287A2FBA00DAE2732CCC02CA0CDC6C00AD0C14C0]
[G] (ACTIVE) C:\Programme\iPod\bin\iPodService.Resources\iPodService.DLL	[PX5: 630E36D60031DF15A65E004BF4B4EC002BE24EFC]
[G] (ACTIVE) C:\WINDOWS\system32\iertutil.dll	[PX5: 1954CD5600886212164A040782A731000490B9A7]
[G] (ACTIVE) c:\windows\system32\QUtil.dll	[PX5: C27F28110061D5042CC8013CAAB355001F75C49F]
[G] (ACTIVE) C:\WINDOWS\system32\umpnpmgr.dll	[PX5: F26B5FC800CD9457E63C01BA0719BB000ED1F250]
[G] (ACTIVE) C:\Programme\iTunes\iTunesHelper.Resources\iTunesHelper.DLL	[PX5: 630E36D60031DF15A65E004BF4B4EC008E73DA27]
[G] (ACTIVE) C:\WINDOWS\system32\ATL.DLL	[PX5: 91C463D0003E5DB4E61400DBA98FC500D3AE0C97]
[G] (ACTIVE) C:\WINDOWS\system32\MPRAPI.dll	[PX5: 5AD434F900DC05C1548501D46231C1006DA63F46]
[G] (ACTIVE) C:\WINDOWS\system32\WINMM.dll	[PX5: 64AE7BA100D255FEB85E022FF504C100BBAF28E2]
[G] (ACTIVE) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\1031\mdmui.dll	[PX5: B3E9819B0078472D602C00A964141A0065A341CA]
[G] (ACTIVE) C:\WINDOWS\system32\ntdll.dll	[PX5: 490F683C006E3FB12AE50B0B9F728800E55A6FA4]
[G] (ACTIVE) C:\WINDOWS\System32\ipconf.tsp	[PX5: 5739206800948E3844C300EB712199009C58B67E]
[GP] (ACTIVE) C:\WINDOWS\system32\SHLWAPI.dll	[PX5: EB207029008EC10A3E1007E66D5C9B00E3166ECE]
[G] (ACTIVE) C:\WINDOWS\system32\tcpmon.dll	[PX5: D5B87970002C2E3FB8D700587ACBD3005F80B05D]
[G] (ACTIVE) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll	[PX5: 6DA5BCE4007EBCEA6E41005A64E55E00E9442EE2]
[G] (ACTIVE) C:\WINDOWS\system32\WINIPSEC.DLL	[PX5: 8230C0BD009308737E250027020E0600F440DB9C]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\plds4.dll	[PX5: 092F5C700097CFB544A800B5EA10A9008B2FCB4A]
[G] (ACTIVE) C:\WINDOWS\system32\cnbjmon.dll	[PX5: D997FEC800F1AEB8CA9E008F576BDD00F60F908B]
[G] (ACTIVE) C:\WINDOWS\system32\pstorsvc.dll	[PX5: 2D6F1A5D003BAF8D88DB00EE09F32000EE1CA6F3]
[G] (ACTIVE) C:\WINDOWS\system32\msctfime.ime	[PX5: 5ED5136E000EAC65B44402319E5E5000B5E57813]
[G] (ACTIVE) C:\WINDOWS\system32\KERNEL32.dll	[PX5: 74382DCB004F949A3AA0100AF3F4F100C9852AF2]
[G] (ACTIVE) C:\WINDOWS\System32\hidphone.tsp	[PX5: 292033550089A325744B00A7927557004EBEEEC1]
[G] (ACTIVE) C:\WINDOWS\system32\schannel.dll	[PX5: 6362B6100094E25D348E02CF7F69F500AAFE5DA1]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\guardmsg.dll	[PX5: EF288B7201010401D1A2000965ABD5004B5A1C3B]
[G] (ACTIVE) C:\WINDOWS\system32\RPCRT4.dll	[PX5: 4DF9047C00234976EC8F081C474F67001CC7CEFE]
[G] (ACTIVE) C:\WINDOWS\system32\ODBC32.dll	[PX5: D9425BC300A20CECD09203E21CA1570048C3552F]
[G] (ACTIVE) C:\WINDOWS\system32\httpapi.dll	[PX5: CF02726200C6A2C1603A00CA651F5B0047673AF9]
[G] (ACTIVE) C:\WINDOWS\system32\GDI32.dll	[PX5: 1A0E4F430027C9985A7104DBB2C2BB00BE7E682A]
[G] (ACTIVE) C:\WINDOWS\system32\WINTRUST.dll	[PX5: 5E7560A700DC07F9B27E02AF374E86006F94FF62]
[G] (ACTIVE) C:\WINDOWS\system32\msvcrt.dll	[PX5: 6786FBCD00A604243CC605978A362F001BD3A2EF]
[G] (ACTIVE) C:\WINDOWS\system32\USER32.dll	[PX5: 2DA8671600E358F2DA0308CE4094B900A5DD0C3E]
[G] (ACTIVE) C:\WINDOWS\system32\NTMARTA.DLL	[PX5: 103F31EB005C7928D26401D253026600349DBBCC]
[G] (ACTIVE) C:\WINDOWS\System32\drprov.dll	[PX5: ECFB8E7F00FF7DB3380D00F1008EDD00B7BA4629]
[G] (ACTIVE) C:\WINDOWS\system32\OLEAUT32.dll	[PX5: 5BE4D86D00939B5B6CB5087362AE530076A78D0B]
[G] (ACTIVE) C:\Programme\iTunes\iTunesHelper.Resources\de.lproj\iTunesHelperLocalized.DLL	[PX5: 630E36D60031DF15AA5E004BF4B4EC00294EE567]
[G] (ACTIVE) C:\WINDOWS\system32\ole32.dll	[PX5: A75F0D6500863731A6D713E8E1EB5600BF16EBC2]
[G] (ACTIVE) C:\WINDOWS\system32\WINSCARD.DLL	[PX5: 2EFFA3490038778B886A011ECBF6F3001B3D44BA]
[G] (ACTIVE) C:\WINDOWS\system32\SSDPAPI.dll	[PX5: 3742A04B004E209788FA00CB5E48EB00CB2778D8]
[G] (ACTIVE) c:\programme\avira\antivir personaledition classic\cclic.dll	[PX5: 6A623A0F012A03CDD1F000219044290019BF39DC]
[G] (ACTIVE) C:\WINDOWS\system32\DNSAPI.dll	[PX5: AAB816C7003C4D3542E702845D4F1A00A4AA022E]
[G] (ACTIVE) C:\WINDOWS\System32\kmddsp.tsp	[PX5: C64D3EA900402D46821300D9EF24C400D4F1591B]
[G] (ACTIVE) C:\WINDOWS\System32\rasman.dll	[PX5: 8181A9B800E5FB53F01C00AE34FFD900E6C41C39]
[G] (ACTIVE) C:\WINDOWS\system32\wbem\wbemsvc.dll	[PX5: 8E6D204000CE40BCAA76006700EBC70003E3215C]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\unacev2.dll	[PX5: 39713B85000FE97F2E430131F74A9D001029A567]
[G] (ACTIVE) C:\WINDOWS\system32\winsrv.dll	[PX5: B457DDEA0035449E7C8C04797EE436002581862A]
[G] (ACTIVE) C:\WINDOWS\system32\iphlpapi.dll	[PX5: AF86EB500078A26F766401E3B6F17D0071B4C5F1]
[G] (ACTIVE) C:\WINDOWS\system32\uxtheme.dll	[PX5: E191505E00BBB03958B103BE7B8EFF00066F9B33]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\plc4.dll	[PX5: C8454CB6005857CB50680022F621E4003C2F75C6]
[G] (ACTIVE) C:\WINDOWS\system32\odbcint.dll	[PX5: 59E430A700DD1ACE905301F2FE4B8E00ADAFCBAA]
[G] (ACTIVE) C:\WINDOWS\System32\mspatcha.dll	[PX5: 314DAB670045199774E6004A1DC5D200E65DB9B0]
[G] (ACTIVE) C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll	[PX5: 90B16E50005219F14AEA007FE239C5004092D249]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\aebb.dll	[PX5: 18BC3638723DD02ED18F001F1F716A00015AC3D5]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\avevtlog.dll	[PX5: E4999D070107A0F8D11B01A88AF70D00E46ADB02]
[G] (ACTIVE) C:\WINDOWS\system32\MSVCP60.dll	[PX5: 090AF7DB0085FF5E50E7067651E60D003AC20489]
[G] (ACTIVE) C:\WINDOWS\system32\wbem\ncprov.dll	[PX5: B3F198FA00247EA8B87700EAF2009B003965E74F]
[G] (ACTIVE) C:\Programme\Bonjour\mdnsNSP.dll	[PX5: A46F2185008C67B6406E0296A9BB2F00A22A94DE]
[G] (ACTIVE) C:\WINDOWS\system32\USERENV.dll	[PX5: E7F19F8900EA6D073E8C0BF3FBEB9E000A8A5B95]
[G] (ACTIVE) C:\WINDOWS\system32\rsaenh.dll	[PX5: 47100BA200180DA62E1F0385EB4B3E0076D11132]
[G] (ACTIVE) C:\WINDOWS\system32\COMCTL32.dll	[PX5: A200C0680069F52E6CC909A0C42D3900F91D92D1]
[G] (ACTIVE) C:\WINDOWS\system32\ntshrui.dll	[PX5: F625A02F00C2B99B3A80022B6D036C00DA389D52]
[G] (ACTIVE) C:\WINDOWS\System32\TAPI32.dll	[PX5: 6747953E00D12E04C6C3028105804300C3C28A03]
[G] (ACTIVE) C:\WINDOWS\system32\winlogon.exe	[PX5: AA387905009EAAB8D41307D21BFA85009C7E313C]
[G] (ACTIVE) C:\WINDOWS\System32\davclnt.dll	[PX5: E78990D400F98A4F64DC00655BF9DD00D6D84DD5]
[G] (ACTIVE) C:\WINDOWS\system32\actxprxy.dll	[PX5: 65497B2000E9F863802F012F08B74A00A780959A]
[G] (ACTIVE) C:\WINDOWS\system32\netlogon.dll	[PX5: A5DD04C6004FDB6F360906B16CD04D00EFFB7529]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\components\browserdirprovider.dll	[PX5: 4CA5218500AE94405AE3007E1958B7009F60356E]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\avipc.dll	[PX5: 1D9A633A0191AE09215E013A325AB300C26116FB]
[G] (ACTIVE) C:\WINDOWS\system32\MSGINA.dll	[PX5: 5B6B1E6B0014E05B58060FEF3CD38900E70C5DDE]
[G] (ACTIVE) C:\WINDOWS\System32\ntlanman.dll	[PX5: 31A75778008AA2B7ACCF00C188BD500081D4B620]
[G] (ACTIVE) C:\WINDOWS\system32\adsldpc.dll	[PX5: EA0C258E0008FCEE30D50231EE163000A28BB096]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\AVGIO.DLL	[PX5: 192B2C4B01BADD4FE52501C1544ACD0039E655AA]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\xpcom.dll	[PX5: 81D085100012757D467E00FFF6B80A006800CEE0]
[G] (ACTIVE) C:\WINDOWS\system32\sxs.dll	[PX5: 89167B8100413314ECA50A88BCBCE40014660229]
[G] (ACTIVE) C:\WINDOWS\system32\SAMSRV.dll	[PX5: CB2FA7AF0028417D8EAD06FC703CDE008955CF74]
[G] (ACTIVE) C:\Programme\iPod\bin\iPodService.Resources\de.lproj\iPodServiceLocalized.DLL	[PX5: 630E36D60031DF15AA5E004BF4B4EC001F89ECBF]
[G] (ACTIVE) C:\WINDOWS\system32\MTXCLU.DLL	[PX5: 81050678004E17F2040801CA1F9EC40089D22505]
[G] (ACTIVE) c:\programme\avira\antivir personaledition classic\ccupdate.dll	[PX5: 973EDB9C01526883B1290119AB2922009DB20F23]
[G] (ACTIVE) C:\WINDOWS\system32\kerberos.dll	[PX5: D7193478007062089267042E84CF2D009870F055]
[G] (ACTIVE) C:\WINDOWS\system32\WININET.dll	[PX5: A1EDF5D900CBF48E9C730C937265010048DAB96F]
[G] (ACTIVE) C:\WINDOWS\system32\urlmon.dll	[PX5: DB02971700EBD324B21B11CA5820BE008643B8D2]
[G] (ACTIVE) C:\WINDOWS\System32\RESUTILS.DLL	[PX5: F2D36F49008D6958E69600F5D513D400CB703D24]
[G] (ACTIVE) C:\WINDOWS\system32\CRYPTUI.dll	[PX5: 5CBB9AE4002726441AB6089E6BE11100E8A81786]
         

Alt 30.11.2008, 19:11   #5
Lemuren-Frau
 
DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe - Standard

DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe



Code:
ATTFilter
[G] (ACTIVE) C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll	[PX5: D7B3752300A22AAC168F10E8A4E5E500891DF5E2]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\aescn.dll	[PX5: 9B81DCDB734835E4E18C015DEDC822006C470CFE]
[G] (ACTIVE) C:\WINDOWS\System32\CLUSAPI.DLL	[PX5: B291499B0034534BE4A9009BD1249B005B851E07]
[G] (ACTIVE) C:\Programme\iTunes\iTunesMiniPlayer.dll	[PX5: 29032D6528FCD361057D021120902900490B38AD]
[G] (ACTIVE) C:\WINDOWS\system32\SHDOCVW.dll	[PX5: 6685A3F4008C4BAFE0D616AF3E9B7500E8BF51F3]
[G] (ACTIVE) C:\WINDOWS\system32\ACTIVEDS.dll	[PX5: D700777A00DC016AF47A02BD2C239E00374E9363]
[G] (ACTIVE) C:\WINDOWS\system32\olepro32.dll	[PX5: 085F089B0040C9E44CF5016F0F338800AAE76EB6]
[G] (ACTIVE) C:\Programme\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll	[PX5: 630E36D60031DF15FA5E014BF4B4EC003FAA23DF]
[G] (ACTIVE) C:\WINDOWS\system32\NETAPI32.dll	[PX5: 7462A9A400E8222A267705499E2BE8002FA1E77A]
[G] (ACTIVE) C:\WINDOWS\system32\MSCTF.dll	[PX5: 9D20B65B00A516738C610420E8ED5800461CFF33]
[G] (ACTIVE) C:\WINDOWS\system32\SETUPAPI.dll	[PX5: 51C1A562001856B31AA00F7F17668400B9D79325]
[G] (ACTIVE) C:\WINDOWS\System32\Cabinet.dll	[PX5: 70818B4300A72F48EC3600BB4C69F100A03196E6]
[G] (ACTIVE) C:\WINDOWS\system32\OLEACC.dll	[PX5: DAC67D9C001AD2307E7802080A43C800D59DF1B7]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\aevdf.dll	[PX5: 3C37389574AA1471910D015F83B1170083ECD5F3]
[G] (ACTIVE) C:\WINDOWS\system32\colbact.DLL	[PX5: 36AFE03B0044534EEC0200549544D3007E5AD192]
[G] (ACTIVE) C:\WINDOWS\system32\SCESRV.dll	[PX5: 0EC9506E0005E759025F055D41E6A70089615DED]
[G] (ACTIVE) C:\WINDOWS\system32\LSASRV.dll	[PX5: 692BA195008867003A440B99F80427000134B5A0]
[G] (ACTIVE) C:\WINDOWS\system32\SPOOLSS.DLL	[PX5: 62D1B31E00EE8159263C018BE5239F00D0B96C98]
[G] (ACTIVE) c:\windows\system32\eappcfg.dll	[PX5: 2693409800D94666F010010EB1BC590026B05CF0]
[G] (ACTIVE) C:\WINDOWS\System32\RASQEC.DLL	[PX5: 53C6A0B6008F1934F21100FA8D119600BC4407AE]
[G] (ACTIVE) c:\windows\system32\credui.dll	[PX5: 16B4232A0039577A86D4026AB3E3C800B332B74D]
[G] (ACTIVE) C:\WINDOWS\system32\psbase.dll	[PX5: 2CF279C0002ADB4F84E701EE6403F00046EF149E]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\sqlite3.dll	[PX5: C028A8800040DCC9302C050FDBBC76001DFC5407]
[G] (ACTIVE) C:\WINDOWS\system32\inetpp.dll	[PX5: 826C00810085A7D4263C018F879DB800AD2A4437]
[G] (ACTIVE) C:\WINDOWS\System32\ndptsp.tsp	[PX5: 0A67D46200760302E0EB008DBDBE4700FAA9BEE9]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\MSVCP71.dll	[PX5: F133D4F000B92F08A0E107FD67B66E0015498C05]
[G] (ACTIVE) C:\WINDOWS\system32\COMRes.dll	[PX5: 98DADC0600EB0B1EECB90C7CE8FD78003B24F2AC]
[G] (ACTIVE) C:\WINDOWS\system32\wbem\wbemcons.dll	[PX5: 1BB7C3390069E1FB18EE014DE14F77007B476D77]
[G] (ACTIVE) C:\WINDOWS\System32\RASAPI32.dll	[PX5: 81938A77006AA0579EC20327E3F9F300A5E7DAB7]
[G] (ACTIVE) C:\WINDOWS\system32\wbem\wmiutils.dll	[PX5: A52A2E220075CB7386AB01C2FF7F2300D98F91B2]
[G] (ACTIVE) C:\WINDOWS\system32\CLBCATQ.DLL	[PX5: CF1F95BE004402F39C04073EB1C251003EA1BE05]
[G] (ACTIVE) C:\WINDOWS\system32\themeui.dll	[PX5: 10EC616000D813E8F212052F1F780400ECA8B36E]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll	[PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\shlext.dll	[PX5: FE997410012EA45B016301F2644AFF002A9A53D4]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\cclib.dll	[PX5: 17ACDE3301AF7B3B7116025F2CA25F00EB4DFD85]
[G] (ACTIVE) C:\WINDOWS\system32\NVRSDE.DLL	[PX5: 3B971DBE009FD22F402E0435B79B39007CD64CCB]
[G] (ACTIVE) C:\WINDOWS\system32\stobject.dll	[PX5: BEC0C4FD00E8AA93DE3E011031D9FC00E6488D0C]
[G] (ACTIVE) C:\WINDOWS\system32\xpsp2res.dll	[PX5: 8567541700904EB980392D6118710400AB65737C]
[G] (ACTIVE) C:\WINDOWS\system32\dbghelp.dll	[PX5: 91B5A18F00966143C46309486170A800AD4F4C92]
[G] (ACTIVE) C:\WINDOWS\System32\rastapi.dll	[PX5: DA53DCCE0038C241E48C00017D49170074BAF733]
[G] (ACTIVE) C:\WINDOWS\System32\strmfilt.dll	[PX5: 07F25EE80085918828010181325424001FA00848]
[G] (ACTIVE) C:\WINDOWS\AppPatch\AcGenral.DLL	[PX5: 5DCF1420002F50A046C31CA2E1097600283E731D]
[G] (ACTIVE) C:\WINDOWS\system32\MLANG.dll	[PX5: FA800C5B000E39E7F2A5081BB23083005059BB14]
[G] (ACTIVE) c:\windows\system32\OneX.DLL	[PX5: 7E9435BE00CA20B5386A023B7D6A72009623FDB5]
[G] (ACTIVE) C:\WINDOWS\system32\win32spl.dll	[PX5: 9E3DE8EF00A8987690D901D2FE148400F964A1DD]
[G] (ACTIVE) C:\WINDOWS\System32\NETUI0.dll	[PX5: AC7B8BD900170E0D405501B8EB643B00994E9ED1]
[G] (ACTIVE) c:\windows\system32\mscms.dll	[PX5: 35E0CEA200497CAF221B011739894D002FD2E99B]
[G] (ACTIVE) c:\windows\system32\mstlsapi.dll	[PX5: 4B8C1F2A0066862BC683018DF5C29C003827A5F4]
[G] (ACTIVE) C:\Programme\Dropbox\DropboxExt.dll	[PX5: E29E5E7900BC1DD5301E020CD8B230008404A2DC]
[G] (ACTIVE) C:\WINDOWS\system32\dssenh.dll	[PX5: 852136D500ADC2641E2C02C25D98CE00E20035FE]
[G] (ACTIVE) c:\windows\system32\ESENT.dll	[PX5: 4F9A0C2300B9848CB2D310B15E9BF500D8248434]
[G] (ACTIVE) C:\WINDOWS\system32\hnetcfg.dll	[PX5: DFF404EF00D5216252CA0593B29571006A8F0068]
[G] (ACTIVE) C:\Programme\Dropbox\MSVCR71.dll	[PX5: 3FEE1145002F2EB8504E05ED76DA9100776D97E7]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\smime3.dll	[PX5: EC11C83D00BB751C960501110CD3270069F50660]
[G] (ACTIVE) C:\WINDOWS\system32\ipsecsvc.dll	[PX5: B3292B4D00DA3D2FD4AB0232C541B2005344BE09]
[G] (ACTIVE) C:\WINDOWS\System32\unimdm.tsp	[PX5: 14083CE000C882AC2ADE0300545DFA008D5180D9]
[G] (ACTIVE) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MSDBG2.DLL	[PX5: F2337AB200FE47FFB09F029EF85AC3003A9783CA]
[G] (ACTIVE) C:\WINDOWS\system32\webcheck.dll	[PX5: 388257FA00192D7A90D0031FCD39D300AC9DC6B5]
[G] (ACTIVE) C:\WINDOWS\system32\wbem\wbemcomn.dll	[PX5: B9266543001A677146DB033616DE1B00978F0FE9]
[G] (ACTIVE) C:\WINDOWS\system32\wbem\wbemess.dll	[PX5: 5480DC92002C7BB42E1804DE84259E006627EC72]
[G] (ACTIVE) C:\WINDOWS\system32\upnp.dll	[PX5: BA462CD500A38FFD0AC00202E8E8690077D8640B]
[G] (ACTIVE) C:\WINDOWS\system32\oakley.DLL	[PX5: C70A272600FBC2D8246004A3D277A0009CCF96C3]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\aerdl.dll	[PX5: 77AC0D37750439F0B1B9067478853300ADAFDF39]
[G] (ACTIVE) C:\WINDOWS\system32\asycfilt.dll	[PX5: E0E5E94A00A45089FE7E008423E99900BD499E77]
[G] (ACTIVE) c:\programme\avira\antivir personaledition classic\ccguard.dll	[PX5: FD16253F01001A87412D035FB0D3E8003BD97831]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\aescript.dll	[PX5: D3C69E797C60AC31115405C46A896800655C26D1]
[G] (ACTIVE) C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\MSVCR80.dll	[PX5: 4B6AF860005E2DB6B4260971351F230010BD1760]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\nssutil3.dll	[PX5: 11F439A3001A7A6D5650019B574341002937E22E]
[G] (ACTIVE) C:\WINDOWS\system32\ddraw.dll	[PX5: 2E9F116C00BCCD84447A043780B00B00BCF3B0BD]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\aeemu.dll	[PX5: 9512BD83748EE606010B067179C2FF008879FDB3]
[G] (ACTIVE) C:\WINDOWS\system32\DSOUND.dll	[PX5: E7FECCA200E133FF9CF505CDEDCE150078286FC4]
[G] (ACTIVE) C:\WINDOWS\system32\MSUTB.dll	[PX5: 0583ADBA001BA329FE4002AE00DBE5001CCA9FC0]
[G] (ACTIVE) C:\WINDOWS\system32\nvapi.dll	[PX5: 86211B3500CD4817805406DEF21D88008AEA06D8]
[G] (ACTIVE) C:\WINDOWS\System32\h323.tsp	[PX5: DBC63E5500803FCF10D404ECB82ACC00DAA1DC86]
[G] (ACTIVE) C:\WINDOWS\System32\Wbem\esscli.dll	[PX5: CF7EB821009C2A45C883036D945A7800629D79E0]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL	[PX5: 037598C700D68B82FC2F0F8DECC9D10082E94C28]
[G] (ACTIVE) C:\Programme\7-Zip\7-zip.dll	[PX5: 98C116BB00C1B9741E7C02308518A300BD437AB4]
[G] (ACTIVE) c:\windows\system32\certcli.dll	[PX5: E7C594D500C2E884068C0387EBA55E00ADF9B8EA]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\aeoffice.dll	[PX5: A12729377A345CD101A903A23672FC0042EC343F]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\aepack.dll	[PX5: 0226F08F77B6EE81012606E2FC2B3A004AE6F2D9]
[G] (ACTIVE) C:\WINDOWS\system32\BROWSEUI.dll	[PX5: C773CBCA0000412DA44A0F9F1F568600A46B1A60]
[G] (ACTIVE) C:\WINDOWS\system32\wbem\repdrvfs.dll	[PX5: 40E1983B00E85A10B80202084D5F760001704E69]
[G] (ACTIVE) C:\Programme\Dropbox\MSVCP71.dll	[PX5: F133D4F000B92F08A0E107FD67B66E0015498C05]
[G] (ACTIVE) C:\WINDOWS\System32\Wbem\wbemcore.dll	[PX5: 90531C5F00AAB9241C4608EC2A1F9700C3A36AF1]
[G] (ACTIVE) C:\WINDOWS\System32\WINHTTP.dll	[PX5: BB651ADA00B3C5C6685A0559638A010018141823]
[G] (ACTIVE) C:\WINDOWS\system32\msxml3.dll	[PX5: 3F4B0D090073985EE41610582F5A9C00153AA322]
[G] (ACTIVE) C:\WINDOWS\System32\RASDLG.dll	[PX5: E2092F8B00A01AAD7C3B0A5BDCAC8A001E91975C]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\PNRComponent.dll	[PX5: 0BA3487D28BCAE7B3570030685E3670076E19452]
[G] (ACTIVE) C:\Programme\Avira\AntiVir PersonalEdition Classic\aeheur.dll	[PX5: E62DA04A769C17F4B130161ECA1AA50007B79E05]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\nssdbm3.dll	[PX5: CAA16E3800B18F0F962501C585F85800DD713E52]
[G] (ACTIVE) C:\WINDOWS\system32\netcfgx.dll	[PX5: EFBC0C4E00C4B16BAC9209872C35B200C9845BA7]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\ssl3.dll	[PX5: 04F1CADC003EC9CD166B02F0EA086D004E957655]
[G] (ACTIVE) C:\WINDOWS\system32\localspl.dll	[PX5: 0EB138870041769146F80591CFED9500E68D84A5]
[G] (ACTIVE) C:\WINDOWS\system32\VSSAPI.DLL	[PX5: 6557221700972B6F92EF06D590C2BA00CCD6BC35]
[G] (ACTIVE) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll	[PX5: B0A951DA00C2E650F0A21133A9A2DD005068DD3C]
[G] (ACTIVE) C:\WINDOWS\system32\comsvcs.dll	[PX5: 3799621700BF391356BD13C3A2BA720041748BBA]
[G] (ACTIVE) C:\WINDOWS\system32\nvshell.dll	[PX5: 2371381B0051C449206907CC2BD4670094A48BBD]
[G] (ACTIVE) C:\WINDOWS\system32\wbem\wmiprvsd.dll	[PX5: 21FB34940058F5F3AC26060BFCD3790099B384A7]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\softokn3.dll	[PX5: 22B1C4BE00BE00D4500D02BD679E870036D17BA2]
[G] (ACTIVE) C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll	[PX5: D40D77690095FE6250A31A5EAC36480049B9DCB5]
[G] (ACTIVE) C:\WINDOWS\system32\USP10.dll	[PX5: E2105C2C00E0804132C2069936D4B600079B0920]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\nss3.dll	[PX5: D25AD7BA0026B19AA67C0A63FBD49A0091A2F218]
[G] (ACTIVE) C:\WINDOWS\System32\Wbem\FastProx.dll	[PX5: 967DD85A0003775C345B070E48234400FEC90A67]
[G] (ACTIVE) c:\windows\system32\netshell.dll	[PX5: DD9C9FFA00054A0A4A1D1ADE20BD7C0071329D37]
[G] (ACTIVE) C:\WINDOWS\system32\wuapi.dll	[PX5: FE6A27ECC84EE0C79A4B086FFBD8350080D1B17F]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\components\brwsrcmp.dll	[PX5: EA8C17E8005ECC650E84023855F0ED0073D331F3]
[G] (ACTIVE) C:\WINDOWS\System32\NETUI1.dll	[PX5: 51414B620008B511C00603D770750A0085F5E4AA]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\nspr4.dll	[PX5: 1692218D00E80891066F039E9379F500EB857B56]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\freebl3.dll	[PX5: E755870B00FA669A90BE03FD27F4F300E103BCBD]
[G] (ACTIVE) C:\Programme\Dropbox\PYTHON25.DLL	[PX5: 352DB7EB00CBA119506620CF148E3C00721DF62E]
[G] (ACTIVE) C:\Programme\Skype\Toolbars\Shared\SPhoneParser.dll	[PX5: E8692B2E28BDFE7485F6163E7149DB002A8C50A2]
[G] (ACTIVE) C:\WINDOWS\system32\wuaueng.dll	[PX5: 2DF531D9C890A8E9A4F01BFEDA36D40091700053]
[G] (ACTIVE) C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.dll	[PX5: 8C22B1270080452CB0520538F9A2700042807472]
[G] (ACTIVE) c:\windows\system32\msi.dll	[PX5: 5E723F4A008F80A262032B270B9C1B009FDADDF5]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\js3250.dll	[PX5: 9EA6BBE7002492AEA4890AAE324F31009BFBAB8B]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\xul.dll	[PX5: 2FCCEC7A00D94207768E947D03373C00C038CC29]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\MOZCRT19.dll	[PX5: 7FE9272D00C862D3D6D40A7D01277700D62F40A6]
[G] (ACTIVE) C:\Programme\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll	[PX5: 06C54AEE006B813380400C1AA57D600032407762]
[G] (ACTIVE) C:\WINDOWS\system32\ieframe.dll	[PX5: 701C70C600893B92901F5CD0F9577200B45445AD]
[G] (ACTIVE) C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU	[PX5: F72304EE00ACA291C020047F39292200A0688922]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\sqlite3.dll	[PX5: E8F90401006EBA2E0A2A06B39D6AD400659503C7]
[G] (ACTIVE) C:\WINDOWS\system32\security.dll	[PX5: D587419D00FD90FA160D007F8D738E00C52A2494]
[G] (ACTIVE) C:\WINDOWS\system32\msv1_0.dll	[PX5: 3CD0C8FC008A58EA065402F6DD6A1C00360929DB]
[G] (ACTIVE) C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\MSVCR90.dll	[PX5: 1BBB144B00175D8E02B20A1557CAF5004A87A04E]
[G] (ACTIVE) c:\programme\avira\antivir personaledition classic\ccmsg.dll	[PX5: 1A3A755C01F877C26158020312C16E0021599483]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\nssckbi.dll	[PX5: 04F3D2ED00913186A6F2046369AF160060EC7594]
[G] (ACTIVE) C:\Programme\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll	[PX5: 12C0173900A7A51490D701140B19200060280F7F]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\GRPHFLT\GIFIMP32.FLT	[PX5: 1AFC15B74018C35CBC32022DB710D4006CD1306D]
[G] D:\Programme\ICQ6\ICQ.exe	[PX5: 3FA9C493F824BE71A4E5025EB0295700711885A5]
[G] C:\WINDOWS\system32\drivers\atv01nt5.dll	[PX5: A94A4696BFCAC54652B100A888619100994DDD6E]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\GRPHFLT\PNG32.FLT	[PX5: 41F3277C382B7705807402C1B6DDD1006450149D]
[G] C:\WINDOWS\system32\format.com	[PX5: EDA0EAD700A7F67D74C700F808956B00024FC7F9]
[G] C:\WINDOWS\system32\ddeml.dll	[PX5: 87F926CB00F2CB349A1200182C741300BAE396F9]
[G] C:\WINDOWS\system32\drivers\adv09nt5.dll	[PX5: E173D95F7FF335B60E3300DD69199800B79BCD14]
[G] C:\Programme\OpenOffice.org 3\program\scalc.exe	[PX5: 8DBB2896002CB3FDA4AA0421405A9C00A570969D]
[G] C:\WINDOWS\system32\drivers\adv02nt5.dll	[PX5: 861945D37F6CE6440F3500984FB4FE00B79BCD14]
[G] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll	[PX5: E2013C5B089BFF1A8CEF0C4A6B2DEC00D18DCB05]
[G] D:\Programme\World of Warcraft\Repair.exe	[PX5: 3E083A4590C2163992790D6518DF72008BEF348D]
[G] C:\WINDOWS\system32\avifile.dll	[PX5: 4ED3A0D9C077CED2ABD5016052733100D7A4582F]
[G] C:\WINDOWS\system32\drivers\atmuni.sys	[PX5: 92E7BF650082565E607E05AD216E0900953642D5]
[G] C:\Programme\OpenOffice.org 3\program\sdraw.exe	[PX5: 8DBB2896002CB3FDA4AA0421405A9C001688F9AD]
[G] C:\Programme\Microsoft Office\OFFICE11\MSQRY32.EXE	[PX5: 742FB872380EAE8EBA4809A85C15F50021837323]
[G] C:\WINDOWS\system32\drivers\adv01nt5.dll	[PX5: F3CEDD4B9F8B578F10D400C06F170800891B8370]
[G] C:\WINDOWS\system32\drivers\adv07nt5.dll	[PX5: A921A5C03FFE4E930E2D00DEA00D0C00B79BCD14]
[G] C:\WINDOWS\system32\rshx32.dll	[PX5: 8B7909D5006C06E99ECF006D2B1208006987F845]
[G] C:\WINDOWS\Fonts\vgaoem.fon	[PX5: 6CA95C4D3080777B140100C1C8350800A078F465]
[G] C:\WINDOWS\system32\chcp.com	[PX5: 62142BAC004172551EE000230CC13000F18FD81F]
[G] C:\Programme\OpenOffice.org 3\program\simpress.exe	[PX5: 5816A477000B4331A4A304B1BC4CAE0014BACDBE]
[G] C:\WINDOWS\system32\avicap.dll	[PX5: 6D67EC12E084E54E124201FFF5F62900B422894F]
[G] C:\WINDOWS\system32\msdtcuiu.DLL	[PX5: 7847D9250018EFEB78A002A17015FF001CDF7F68]
[G] C:\WINDOWS\system32\drivers\watv06nt.sys	[PX5: D04CA646FF640CF256F2007383ABD9003A191E15]
[G] C:\Programme\OpenOffice.org 3\program\smath.exe	[PX5: 8DBB2896002CB3FDA4AA0421405A9C00F296511E]
[G] C:\WINDOWS\system32\ctl3dv2.dll	[PX5: C84734B440655DC66A4D00304EF8AC0014627D07]
[G] C:\WINDOWS\system32\drivers\adv08nt5.dll	[PX5: FE00241D3F1E00A10CCF000606C17100B79BCD14]
[G] C:\WINDOWS\System32\msgsvc.dll	[PX5: 5E02C29800B6B931848C0041CB447100259D104B]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\TextConv\WPFT532.CNV	[PX5: 923DBD7838D7A7439A38025CE44456005A8A3D08]
[G] C:\WINDOWS\system32\drivers\hidir.sys	[PX5: 385910E500491C2A4B2500B2238855006E25FC7E]
[G] C:\WINDOWS\system32\drivers\wadv08nt.sys	[PX5: 4CF103A01F6123B62CFA0037B0C1FD00836A25AA]
[G] C:\WINDOWS\system32\drivers\atv10nt5.dll	[PX5: 8814C54C7F821B6843840006D80676002F5F56FB]
[G] C:\WINDOWS\system32\netfxperf.dll	[PX5: 1A2876B000187B0FA4C400FED64B190026A3520D]
[G] C:\Dokumente und Einstellungen\XXX\Desktop\mbam-setup.exe	[PX5: 14A6205A784CA6053365247FD347C700DDB760CC]
[G] C:\Programme\OpenOffice.org 3\program\sbase.exe	[PX5: 8DBB2896002CB3FDA4AA0421405A9C0068E6FB5E]
[G] C:\WINDOWS\system32\drivers\smbali.sys	[PX5: 12482C94000568C617170054DB39780005417B03]
[G] C:\Programme\OpenOffice.org 3\program\swriter.exe	[PX5: EDCBF0EF00684533A4A20417F52FEB001F78DD6D]
[G] C:\WINDOWS\system32\drivers\mbamswissarmy.sys	[PX5: 980187E66004A2499637002917ED420048D12749]
[G] C:\WINDOWS\system32\drivers\siint5.dll	[PX5: F141B3BE3D6D02440F8A00D5CEF19500B79BCD14]
[G] C:\WINDOWS\system32\drivers\adv05nt5.dll	[PX5: 5D753EE01F6F42CF0E95003194A3FE00B79BCD14]
[G] C:\WINDOWS\system32\compobj.dll	[PX5: DA21156DD0BCD8E77562007DCF26A600F4FFDA3F]
[G] C:\WINDOWS\system32\comm.drv	[PX5: 0D8B262B3068553F296F004B25B4F300F3172575]
[G] C:\WINDOWS\system32\drivers\wadv09nt.sys	[PX5: 5DB73A5C5FAB7A1D2EB000A4DD02C800BA660E95]
[G] C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe	[PX5: 0B79358100442047E06C01F0E7ED00004891594A]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\TextConv\MSWRD832.CNV	[PX5: 6C2F7F9440015FF64E040324CD763100560F8A2D]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\GRPHFLT\EPSIMP32.FLT	[PX5: 32EC21B04088A41B7E7F0662DE1C0A00D4DD3EE4]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\GRPHFLT\PICTIM32.FLT	[PX5: 168D41BF40C98F78F08400114D3B660085EFA7F6]
[G] C:\WINDOWS\system32\drivers\cbidf2k.sys	[PX5: 7B8DA5F780B7DA7536FE00ABA71B6C00B12776D7]
[GP] C:\Dokumente und Einstellungen\Svenja\Desktop\HijackThis.exe	[PX5: 44C120F738065514211C067B4ABA7A00E4635499]
[G] D:\Programme\DAEMON Tools Lite\daemon.exe	[PX5: 12CB0C34C838A12E7DEB07667FADCB00370957F4]
[G] C:\Programme\Gemeinsame Dateien\System\MSMAPI\1031\MSMAPI32.DLL	[PX5: 2102B4E2406E900DAC4F14346227380077939227]
[G] C:\WINDOWS\system32\drivers\adv11nt5.dll	[PX5: 7673ED26BF9B09EC0EC100AA8F307F00B79BCD14]
[G] C:\WINDOWS\system32\deskadp.dll	[PX5: 7A38AB6600182B994245005EACC722004D7AB589]
[G] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_perf.dll	[PX5: D02390E008FB20CA826900411A055A001971C16C]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\TextConv\WPFT632.CNV	[PX5: 56A8074B385454D6267C03466E1D9E003A4F97E7]
[G] C:\Programme\Adobe\Reader 8.0\Reader\pdfprevhndlrshim.exe	[PX5: D64B58E780614F3D051A01CB4B8F080090E529DA]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\GRPHFLT\JPEGIM32.FLT	[PX5: 561D8D31404D74297C1F02EBE625B60058210F09]
[G] C:\WINDOWS\system32\drivers\bthusb.sys	[PX5: 44B073E300227E634AF300C25065D300C03386E0]
         


Alt 30.11.2008, 19:14   #6
Lemuren-Frau
 
DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe - Icon17

DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe



*ächz* is das wirklich richtig???
Code:
ATTFilter
[G] C:\WINDOWS\Temp\ChCfg.exe	[PX5: C72A025700A98D81C045002B8A363B00E1D790AD]
[G] C:\WINDOWS\Temp\RtlCPAPI.dll	[PX5: 3CA7E4E90052A9914051029C05318100021E77EE]
[GP] C:\Dokumente und Einstellungen\XXX\Desktop\AE3CAE6CE2D8437CA8F5.EXE	[PX5: A2E11EDF38B0A6820CBE0EE1744D9C00E27A54E4]
[G] D:\Programme\World of Warcraft\Launcher.exe	[PX5: ECC011229090225B127325E1B994E40089CD27A3]
[G] C:\Programme\OpenOffice.org 3\program\soffice.exe	[PX5: 946C12B4006701B648B8711E165EC000F6F003B4]
[G] C:\WINDOWS\system32\DRIVERS\asyncmac.sys	[PX5: 8BD45D2B002F3B40389D007E91CC5900FB93CEA1]
[G] C:\Programme\Microsoft Office\OFFICE11\MLSHEXT.DLL	[PX5: 0091C8B33890487E7441005EBAC683003FAF2F5F]
[G] D:\Programme\DAEMON Tools Lite\uninst.exe	[PX5: 53CB81C1C8695ED4C7F40521E4A6000082C8E34F]
[G] C:\WINDOWS\system32\dfshim.dll	[PX5: 5D816A89F88B3539795201C0903C31004ADCA8C6]
[G] C:\WINDOWS\system32\drivers\bthenum.sys	[PX5: 67DA124780F37F2D4207001BE7C4FB00803D6E14]
[G] C:\WINDOWS\system32\drivers\wadv11nt.sys	[PX5: 3270838B9F1CA4BC2ECD00F52065DC007F926E55]
[G] C:\WINDOWS\system32\drivers\atmepvc.sys	[PX5: 7363E81E80EDA4EC7A0200CE34E22400450A279B]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\GRPHFLT\WPGIMP32.FLT	[PX5: 0482384B40B5A2FFB88401F208DE1300C2F44335]
[G] C:\Programme\Microsoft Office\OFFICE11\OLKFSTUB.DLL	[PX5: F83A17B8406E6E31922F03C00831BB00DE8F4C3C]
[G] C:\WINDOWS\system32\drivers\cpqdap01.sys	[PX5: C60D75F500CE16D02E4100D9B4337E008A228DE3]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\GRPHFLT\CGMIMP32.FLT	[PX5: 2EA2961840E7075058DC0406A6CCE0008E22AD8C]
[G] C:\WINDOWS\system32\drivers\cinemst2.sys	[PX5: 7C4B5F6480542F0A010D0467679A3400E2B14447]
[G] C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys	[PX5: E130718C809C039180F700DA0AC8EE00F2B31814]
[G] C:\WINDOWS\system32\system.drv	[PX5: D4BD27742043BEDB0DB0000478EA5C00B79BCD14]
[G] C:\WINDOWS\system32\drivers\smclib.sys	[PX5: 8A9722BD003AC63939580092009AC20088FC78D8]
[G] C:\WINDOWS\system32\mciwave.drv	[PX5: 4D15592B0006473D6E3900034B93AF002C41B6EA]
[G] C:\WINDOWS\system32\ole2.dll	[PX5: F2FC4A2A40B7B6B59BDF00629364AB00A54AED31]
[G] C:\WINDOWS\system32\diskcomp.com	[PX5: FD83E24A00E33AB824A100536EC85C00ACA1D94F]
[G] C:\WINDOWS\system32\drivers\tsbvcap.sys	[PX5: 87882BA880A89CF8537500BE0BB03800CD0425CD]
[G] C:\WINDOWS\System32\drivers\pxark.sys	[PX5: D076AA7838DB721B680900755BE35D001F1A8ACE]
[G] C:\WINDOWS\system32\win87em.dll	[PX5: 22C03F9D0005E87A34B40075B0F00E00517D625F]
[G] C:\WINDOWS\system32\deskperf.dll	[PX5: B2508B8100733CAC4876006C35B4E700DCAEC44A]
[G] C:\WINDOWS\System32\ipxrtmgr.dll	[PX5: 5953F71D007462269CAE00DA44218A00935EB80C]
[G] C:\WINDOWS\System32\mprddm.dll	[PX5: 1E87929000E2C2940E20019F10EC7C002A004CC0]
[G] C:\WINDOWS\system32\docprop.dll	[PX5: 5AEBC5B500133D42BA050002FAF14D00FA76FAEE]
[G] C:\WINDOWS\system32\lanman.drv	[PX5: 979919E9109F8F89739803C59F91BE005572B13A]
[G] C:\WINDOWS\system32\drivers\rio8drv.sys	[PX5: 689BF8B80051228F2F8000540597A5009049C8B5]
[G] C:\WINDOWS\system32\msacm.dll	[PX5: 9509859960B48961EF3C0048E192C7001E1E2D02]
[G] C:\WINDOWS\system32\pmspl.dll	[PX5: 98CDEBDE0094268EB67200C1C6BF85009014DA93]
[G] C:\WINDOWS\system32\ntsd.exe	[PX5: 3A2AF65D002D211C7C10004432E9BD00A739BA2A]
[G] C:\WINDOWS\system32\drivers\atinttxx.sys	[PX5: 4D021E9A00CC1BA9364D00987AB05B00A6802140]
[G] C:\WINDOWS\system32\drivers\vdmindvd.sys	[PX5: 5DFBB3300012B79DE3E300778EC928004FCDB2AF]
[G] C:\WINDOWS\system32\drivers\rndismpx.sys	[PX5: 120F9F0E8086D832779500950845710052090A7D]
[G] C:\WINDOWS\system32\shell.dll	[PX5: CE2E2C35000BF1E3147B0046192BB900FA35E49E]
[G] C:\WINDOWS\system32\wfwnet.drv	[PX5: E9641F0220200734353000D28FC59A003BEC664C]
[G] C:\WINDOWS\system32\drivers\ip6fw.sys	[PX5: 93047826004370A18F5A0004B987DC008A8F55C7]
[G] C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys	[PX5: A826BA3A803B83AE30C000488911C200DC3CA878]
[G] C:\WINDOWS\system32\diskcopy.com	[PX5: 9F11BE870016CEF71C05003B3C2E0700C99A33B9]
[G] C:\WINDOWS\system32\olesvr.dll	[PX5: CE221EF60049CF2B5E3B009B247C6A00F018477F]
[G] C:\WINDOWS\System32\rasrad.dll	[PX5: 9C52DCEB003455235C82002AF9A1AB0080B59E34]
[G] C:\WINDOWS\system32\mciseq.drv	[PX5: 29BE5A79D02501D962B1006D9F644A004DC598FB]
[G] C:\WINDOWS\system32\drivers\rawwan.sys	[PX5: 3623B25780ED679386B1006F511AA700A8DBED63]
[G] C:\WINDOWS\system32\drivers\bthprint.sys	[PX5: 15F50C358083D21A8E0C007F137244008C573A12]
[G] C:\WINDOWS\system32\drivers\atinxbxx.sys	[PX5: D3D6841600E9C8A17C9D00EE54392C008BFD8C61]
[G] C:\WINDOWS\system32\drivers\oprghdlr.sys	[PX5: 691E96B980EF4DD30D2300DD63265E00B79BCD14]
[G] C:\WINDOWS\system32\graftabl.com	[PX5: 0FE61FD6007A5D06668800223CE439009567DF04]
[G] C:\WINDOWS\system32\drivers\nikedrv.sys	[PX5: 31AFD82600B7B0E92F3400332F79D6008B90E2A9]
[G] C:\WINDOWS\system32\timer.drv	[PX5: 02AC84D6D0483D2F0F9400A4426B8E001D5BAD12]
[G] C:\WINDOWS\system32\drivers\vchnt5.dll	[PX5: 0ED594033D76220A2CCA00C298481800F7EE2D11]
[G] C:\WINDOWS\system32\drivers\riodrv.sys	[PX5: 31AFD82600B7B0E92F3400332F79D600DA0E26E7]
[G] C:\WINDOWS\system32\perfts.dll	[PX5: AE9073F600B211AB30C8004AEAD2430041B25501]
[G] C:\WINDOWS\System32\rasctrs.dll	[PX5: 7B40074900CC7ADA3009003B3C2E070046B8FF7A]
[G] C:\WINDOWS\system32\drivers\acpiec.sys	[PX5: F21BE3DC800E8A0A2F3C009238A73C00223D7063]
[G] C:\WINDOWS\system32\tapiperf.dll	[PX5: 0EC337E800BC7520160C0089D5B62C00FD76F1A6]
[G] C:\WINDOWS\system32\drivers\ati1ttxx.sys	[PX5: 9031E7695FDBA0F15365004FF9F694004110881D]
[G] C:\WINDOWS\system32\drivers\rootmdm.sys	[PX5: F3E7979300A8EEA3177100743639FF0080591A18]
[G] C:\WINDOWS\system32\netapi.dll	[PX5: 3B2621E2C04DF3B2A77E0156CAF52A00A1424563]
[G] C:\WINDOWS\system32\sound.drv	[PX5: E70CAE91D00DCE52067C00647C846400B79BCD14]
[G] C:\WINDOWS\system32\mciavi.drv	[PX5: FD5C7DEA20EEA2C72056011DA830F200A7FFE5D6]
[G] C:\WINDOWS\System32\rsvpperf.dll	[PX5: 751D458900EFCBBC26D2003B3C2E070032CD163F]
[G] C:\WINDOWS\system32\drivers\nwlnknb.sys	[PX5: 04BB889700AAB944F73D0096D8122400A0912260]
[G] C:\WINDOWS\system32\drivers\watv10nt.sys	[PX5: BC7A9CF57F55E4C36384008A4A3A0700A414BF9F]
[G] C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys	[PX5: B9B73139006979BB7FBC0031EA7E320032D237D0]
[G] C:\WINDOWS\system32\mouse.drv	[PX5: D9EA0CB2F0FB384407BE00D28D0C0C00B79BCD14]
[G] C:\WINDOWS\system32\drivers\hidbth.sys	[PX5: C468F04A00AB923165CD0019D9EDE70098F4ADD1]
[G] C:\WINDOWS\system32\msvideo.dll	[PX5: 0BB88544806833B9F080012F00509C00B96AD7CE]
[G] C:\WINDOWS\system32\ole2nls.dll	[PX5: 09B13294B021FA9E558F026E08072F00900228B5]
[G] C:\WINDOWS\system32\typelib.dll	[PX5: C0620321C004C14EB60D020DCCE16200701F9AEA]
[G] C:\WINDOWS\system32\mode.com	[PX5: 2E93A30400625BBF4CE400E712EA2900571D8A05]
[G] C:\WINDOWS\system32\drivers\mcd.sys	[PX5: 874B185900D5916B1EF900C2FE181D00136FAB22]
[G] C:\WINDOWS\system32\icmui.dll	[PX5: C81096D600DADF76D847006AF0AEED0042A28F75]
[G] C:\WINDOWS\system32\winoldap.mod	[PX5: E19A53B2202676D208C7002132DA8800B79BCD14]
[G] C:\WINDOWS\system32\drivers\tosdvd.sys	[PX5: 628D18D7002B7E40CAFC00177DE27100B717B0CE]
[G] C:\WINDOWS\system32\keyboard.drv	[PX5: 159F7A82D0C5E0D3077700FE801B1000B79BCD14]
[G] C:\WINDOWS\system32\olecli.dll	[PX5: F5FB40F500858B0244DF0121D0BC3200B432085A]
[G] C:\WINDOWS\system32\win.com	[PX5: 4E1E179E00A1B00F481B003D92602E007B8F5F12]
[G] C:\WINDOWS\system32\winsock.dll	[PX5: FCF9BBDC30E28D0D0BF200D9F4D9CD00B79BCD14]
[G] C:\WINDOWS\system32\drivers\tunmp.sys	[PX5: CBD0AEE30035D6A5300B00CF5C41910059532CD5]
[G] C:\WINDOWS\system32\ipxrip.dll	[PX5: CD9AADBA00C352F754B30034163CEA000C139306]
[G] C:\WINDOWS\system32\ipxsap.dll	[PX5: FAD746B9007BD227043401F58EDD66009BF1A3C3]
[G] C:\WINDOWS\system32\storage.dll	[PX5: 60BAD4D270E3252C10B800A49D4C780095AFB292]
[G] C:\WINDOWS\system32\toolhelp.dll	[PX5: 87219368400265353643009B30E21C003936EBD7]
[G] C:\WINDOWS\system32\drivers\sffp_sd.sys	[PX5: 2962F907000470602BFC005958959E005F3F9EDD]
[G] C:\WINDOWS\system32\ole2disp.dll	[PX5: 3E66404830EBCC7296B902E3361C6400BE12EFF7]
[G] C:\WINDOWS\omniuns.exe	[PX5: AB106A170031E2ED909A00800561AD00D82DC19A]
[G] C:\WINDOWS\system32\ntlanui2.dll	[PX5: 31B28537003D84B73AA5000A7557EF00D6C5C63D]
[G] C:\WINDOWS\system32\drivers\nwlnkspx.sys	[PX5: 38D410228045AB3DDA820098A4E752008EA9780C]

[G] C:\WINDOWS\system32\drivers\wadv07nt.sys	[PX5: 1E0FE3D21FE339D22E2B008596227200617F8D26]
[G] C:\WINDOWS\system32\drivers\atinpdxx.sys	[PX5: 56DABC9E00199F9D38D000631CEE050045090A25]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\TEXTCONV\works632.cnv	[PX5: D77CAA94A8086C398A38002DDDE82A0023C9226D]
[G] C:\WINDOWS\system32\drivers\ati1tuxx.sys	[PX5: 6F56F7AF6FA57A868E0B00B0DBF03B006604A40C]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\TextConv\mswrd632.wpc	[PX5: 255241CE4A8E0D0D40E903D813E15E00082B1C8A]
[G] C:\WINDOWS\system32\drivers\atintuxx.sys	[PX5: 9CDDA52F00E9E7A81E4101F1C5DBF60019525D37]
[G] C:\WINDOWS\system32\DRIVERS\usbccgp.sys	[PX5: D222D7908042C86E7D3300BF92539B00369250E9]
[G] C:\Programme\Malwarebytes' Anti-Malware\mbam.exe	[PX5: EF759AD990C48E6F3E8413A1A443BB006185BE47]
[G] C:\WINDOWS\system32\drivers\bthmodem.sys	[PX5: C7B309490098C8E694F000B44D666B00097E910F]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\TextConv\write32.wpc	[PX5: 71A6A3C449C4AC08B01A01656F55D1003BF2D4E6]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\TextConv\html32.cnv	[PX5: 4D9506A93851A104C41B044B3348F800866F87E0]
[G] C:\WINDOWS\vidcap32.exe	[PX5: 0C975A26003C384DB09C04DF162E4B00DDC96415]
[G] C:\WINDOWS\system32\drivers\scsiport.sys	[PX5: 5DC8AF70801E084478BD01B28E7A760029179ED8]
[G] C:\WINDOWS\system32\odbcad32.exe	[PX5: 17F26BA200E9D72D8056002DDDE82A0023E704D8]
[G] C:\WINDOWS\system32\drivers\gagp30kx.sys	[PX5: 642F878C801E7D44B50600016FDC9C0046817CE7]
[G] C:\WINDOWS\system32\shscrap.dll	[PX5: 03DBCB6C003C209D6E710057E4BF38005981B31E]
[G] C:\WINDOWS\system32\drivers\usb8023x.sys	[PX5: 3E77E626002C4E4732F6001737A36500BD2ED064]
[G] C:\WINDOWS\system32\drivers\amdk7.sys	[PX5: 0601E31D804CB085A3E4003936D92B0047400BB9]
[G] C:\WINDOWS\system32\drivers\intelppm.sys	[PX5: 39699AD400D9AE559E810028B2FB85001494EA9F]
[G] C:\WINDOWS\system32\drivers\wacompen.sys	[PX5: BD7D24B780B23628379400D942852C00086B47B3]
[G] C:\WINDOWS\system32\drivers\usbcamd2.sys	[PX5: 2C68E76080C0840A6439007754862A00AB77FF15]
[G] C:\Programme\Outlook Express\wabfind.dll	[PX5: 0442061800C19A9380580042741F6000B701FBE7]
[G] C:\WINDOWS\system32\sclgntfy.dll	[PX5: B7AE331900B0655F5AC000FE3D9C0B004B0D353F]
[G] C:\WINDOWS\system32\drivers\sffp_mmc.sys	[PX5: 0D9613CE000C9FDF284300164391810062DCB727]
[G] C:\WINDOWS\system32\drivers\atv02nt5.dll	[PX5: 2CF903F35FE772BB2CB900906A3B9C00B64531A8]
[G] C:\WINDOWS\system32\mmsystem.dll	[PX5: B5997EF700CA605710E601C8EB6DD70066F2F55A]
[G] C:\WINDOWS\system32\drivers\ati1raxx.sys	[PX5: D7E83838CFFBCC21778E006C6ECA69008610B277]
[G] C:\WINDOWS\system32\netdde.exe	[PX5: 1F9E723900C79A35BED30180B0E270001C295367]
[G] C:\WINDOWS\system32\drivers\agpcpq.sys	[PX5: 3C2A452B80CBBE67AF240060110ED70068FEC41D]
[G] C:\WINDOWS\system32\drivers\fsvga.sys	[PX5: 78ACD409008333CF30C90046F776F800DD6B1647]
[G] C:\WINDOWS\System32\wshnetbs.dll	[PX5: 0B83A119000A99EB1CE9006990E88A003BE97930]
[G] C:\WINDOWS\System32\rasauto.dll	[PX5: 11EB74EB00C81E315A980140CAE22100E577557B]
[G] C:\WINDOWS\system32\drivers\ati1snxx.sys	[PX5: B555A9DCFFB1FA6F666D00BC1653D600EE3B9E3F]
[G] C:\WINDOWS\system32\drivers\viaagp.sys	[PX5: D6E79603001AC593A55800BA66876F00A4E86821]
[G] C:\WINDOWS\system32\drivers\ati1xsxx.sys	[PX5: 725DA013AF89D09387CF00DFF7253B006BDDF179]
[G] C:\WINDOWS\system32\drivers\atinrvxx.sys	[PX5: B2CFA5AF0036DB7A9A1C01285BA8AA00C6DEC091]
[G] C:\WINDOWS\system32\drivers\atinraxx.sys	[PX5: FEA5AA1600EC2AE1CC0900185C854A00422223CC]
[G] C:\WINDOWS\system32\utilman.exe	[PX5: B9D56641005C0FE1C43100A2BB056500AEACD58E]
[G] C:\WINDOWS\system32\DRIVERS\atmarpc.sys	[PX5: C41A09F600246E0AEA81009B2DE4BF0010DB722C]
[G] C:\WINDOWS\system32\wowdeb.exe	[PX5: C1613D5DB0A80A260ABB006471357400B79BCD14]
[G] C:\WINDOWS\system32\drivers\amdk6.sys	[PX5: D629DD7000980835A20200E8789C9F00FF9CB74E]
[G] C:\WINDOWS\system32\drivers\rndismp.sys	[PX5: 120F9F0E8086D8327795009508457100EA4A9887]
[G] C:\WINDOWS\system32\drivers\p3.sys	[PX5: BBAD548C00B89633B7F100DD557C7000FCC8487D]
[G] C:\WINDOWS\system32\drivers\atinmdxx.sys	[PX5: F01147EA00BE7AB736CC00E44C302A00BEEA352D]
[G] C:\WINDOWS\system32\drivers\sonydcam.sys	[PX5: 7C98490200F27A6F636900C11EF4E300DD4774BE]
[G] C:\WINDOWS\system32\DRIVERS\usbprint.sys	[PX5: 7960B0440094064A6580004CDAAF0B00A19B6FCE]
[G] C:\WINDOWS\system32\drivers\agp440.sys	[PX5: 92796BB0806349F8A56F00F55D76CD005A64789A]
[G] C:\WINDOWS\system32\drivers\ati1pdxx.sys	[PX5: E991404B0FFD6FF82F7000461A312B002816CEC0]
[G] C:\WINDOWS\system32\drivers\stream.sys	[PX5: FDEA7CEA00E734D3C1DE0004BF4241007DE59088]
[G] C:\WINDOWS\system32\drivers\uagp35.sys	[PX5: 9D095C07801C22E3AE6600D63D61E600782D745D]
[G] C:\WINDOWS\system32\drivers\mdmxsdk.sys	[PX5: F550CBF45C4DEEBE2EDE0064049C6200A1C01EF8]
[G] C:\WINDOWS\system32\drivers\sisagp.sys	[PX5: 67D98FA600CA352AA02400A357FF240007CD1A59]
[G] C:\Programme\Java\jre1.6.0_07\bin\npjpi160_07.dll	[PX5: B593EB2E90871CEA05FD02BFFC7D1B0085986292]
[G] C:\WINDOWS\system32\drivers\alim1541.sys	[PX5: 9F57E1E200726D99A7A3005976AF0500D3B95DEC]
[G] C:\WINDOWS\system32\rcimlby.exe	[PX5: D799DE4F00C4E8218CF9005304D1CF0044C5E5FA]
[G] C:\WINDOWS\system32\krnl386.exe	[PX5: 0363E948E0B228E169DC012D6A7C590010AD67B4]
[G] C:\WINDOWS\Temp\alcrmv.exe	[PX5: 0D50D28F00FD85BA509203963A6A3F00A212638C]
[G] C:\WINDOWS\system32\drivers\nvtcp.sys	[PX5: F013953A009CB6AB8E71019D33F1BD0052FD5DC1]
[G] C:\WINDOWS\system32\drivers\ati1btxx.sys	[PX5: 9CA86B132F837EAADD9A003E210F24004C5E2C40]
[G] C:\WINDOWS\system32\SlayerXP.dll	[PX5: FAC2ED310070C9AE64380036AB5FCC0089903415]
[G] C:\WINDOWS\system32\drivers\amdagp.sys	[PX5: E6EB08360057179FA86C00430CC301004CB71E2C]
[G] C:\WINDOWS\system32\osk.exe	[PX5: CBB8A2A8003F814F4E8B03D4BA13D200C687D5AF]
[G] C:\WINDOWS\system32\drivers\usbcamd.sys	[PX5: 2C68E76000C0840A6439007754862A00090E71FE]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\GRPHFLT\CDRIMP32.FLT	[PX5: 08219BE240C6598FDAA4068E99590D000C696554]
[G] C:\WINDOWS\system32\drivers\atv04nt5.dll	[PX5: 3A7C21F37F7A525863F4009E8193B800B057BF4C]
[G] C:\WINDOWS\system32\RDPCFGEX.DLL	[PX5: BC51E2AB00FD6DEA12E800C1F661D90061E914A0]
[G] C:\WINDOWS\system32\drivers\mtlmnt5.sys	[PX5: FE91AA0DDE37188CEE5701B0C30E4C00F5593D00]
[G] C:\WINDOWS\system32\docprop2.dll	[PX5: 8E82DE1F00AADC85BEE4005581292C00CECF402D]
[G] C:\WINDOWS\system32\drivers\ws2ifsl.sys	[PX5: E3FE23AC0026FAFE2FF10052E88519002DA1A545]
[G] C:\WINDOWS\system32\rdpwsx.dll	[PX5: 789D96CB884F68D4543F012785E3EC00D5A13194]
[G] C:\WINDOWS\system32\drivers\ati1xbxx.sys	[PX5: 50BEFAA40FC66AE3731C0014DEE71F00327B8872]
[G] C:\WINDOWS\system32\Perfctrs.dll	[PX5: EAB3F414002ADE89A4FE0036DB397400969D2200]
[G] C:\WINDOWS\system32\perfdisk.dll	[PX5: 8440AB7D009F91A86A460075B75083005DEE8F02]
[G] C:\Programme\Adobe\Reader 8.0\Reader\pdfprevhndlr.dll	[PX5: 3BD592F470063CF846ED01556DDA8700DCEF7EC5]
[G] C:\WINDOWS\system32\edit.com	[PX5: B542A12F6E6E0DA415520148D1845800ED9F60B4]
[G] C:\WINDOWS\system32\perfproc.dll	[PX5: 78DFA9F200CE69AD8A650088744CE300483CFB80]
[G] C:\WINDOWS\system32\drivers\atinsnxx.sys	[PX5: B12DD4A0005F1C4B7090009378B5920090FEE997]
[G] C:\WINDOWS\system32\drivers\sffdisk.sys	[PX5: BCD0F07C80BDA6002E68000865B1AD002DF173D8]
[GP] C:\Programme\PrevxCSI\prevxcsi.exe	[PX5: A2E11EDF38B0A6820CBE0EE1744D9C00E27A54E4]
[G] C:\WINDOWS\system32\tree.com	[PX5: 734B6CB6006AF7FF3248003E203A110024D98C11]
[G] C:\WINDOWS\system32\dsuiext.dll	[PX5: D89119F400524A6FBCAA013BC61AF40090B77AB2]
[G] C:\Programme\Malwarebytes' Anti-Malware\unins000.exe	[PX5: 7CABF2D39064C37182CF0A561A0FFB004BB782D6]
[G] C:\WINDOWS\system32\drivers\recagent.sys	[PX5: 8230DA32D0FF3CCB359200458A49D1005077BCC7]
[G] C:\WINDOWS\system32\ntbackup.exe	[PX5: 54AE54EE003EE690C26B12529D4ED500DD6D2A9B]
[G] C:\WINDOWS\system32\drivers\MSPCLOCK.sys	[PX5: E3D3244C00A7CE72157A001337247B008F8E8497]
[G] C:\WINDOWS\system32\drivers\MSPQM.sys	[PX5: E79874108063B1F513260078C414AC00D0AB678F]
[G] C:\WINDOWS\System32\mmcshext.dll	[PX5: 5948CFBE0081997CF09A00154A627D0075954BB2]
[G] C:\WINDOWS\system32\wmpshell.dll	[PX5: 0A366402001F08BF90E5011E9D1B630081B39E30]
[G] C:\WINDOWS\system32\drivers\avgntdd.sys	[PX5: 4FDDF02D4079335D9FA90087A8D32500ECC7975A]
[G] C:\WINDOWS\system32\drivers\tape.sys	[PX5: 1278B1EF80B32A683A3F0096934CD200CD93C3A7]
[G] C:\WINDOWS\system32\drivers\arp1394.sys	[PX5: 7E81EB6A803135EBEDB20074BBAF54000B42EB7B]
[G] C:\WINDOWS\system32\DRIVERS\StreamIP.sys	[PX5: 37C869AE80A1D1423BD000F9D6694800DEF3C0AC]
[G] C:\WINDOWS\system32\msieftp.dll	[PX5: 28CAA45D00E765D0DC37038003089A00026BEFDB]
[G] C:\WINDOWS\system32\wuaueng.dll.mui	[PX5: 94DBD4FFC8FC882352D000668064F8009D5B0CD5]
[G] C:\WINDOWS\system32\drivers\ati2mtag.sys	[PX5: C185A3E2009B7986B6DD0A998E71E700044A0DCE]
[G] C:\WINDOWS\system32\drivers\sdbus.sys	[PX5: 12F9511E8033D35E354601CEF3B0FF0072197919]
[G] C:\WINDOWS\system32\wbem\wmiaprpl.dll	[PX5: F4C3195000E647D75A47012FE129F7006FC03698]
[G] C:\WINDOWS\system32\mspmsnsv.dll	[PX5: F36CC8AD00A28FA7CEB800C2B340630002F7BDCB]
[G] C:\WINDOWS\system32\drivers\imagedrv.sys	[PX5: E383C2F480AFC2491541008E40C3620095FC446B]
[G] C:\WINDOWS\system32\rdpclip.exe	[PX5: 28E9F670009AF4A4F6E6004A66FE4E007F33E5C6]
[G] C:\WINDOWS\system32\drivers\rfcomm.sys	[PX5: 0E12D86100621870E7AC00D7154E22001793DABF]
[G] C:\WINDOWS\system32\drivers\crusoe.sys	[PX5: DD5C92A780A171379F24001BB46BB9007EDAD51E]
[G] C:\WINDOWS\system32\drivers\tdpipe.sys	[PX5: 3FCBC6C1086354332FFD003DE3512D00E0553E49]
[G] C:\WINDOWS\system32\drivers\nwlnkipx.sys	[PX5: B455E8AE00B6DCC159C401E18C4FD600E4472A6B]
[G] C:\WINDOWS\system32\drivers\MSTEE.sys	[PX5: EF9F4FE18003FE44154E00AC0DDE680015F5CFF9]
[G] C:\WINDOWS\system32\advpack.dll.mui	[PX5: 8EA2349D00EE752F300900BE3B1D080091D368DA]
[G] C:\WINDOWS\system32\more.com	[PX5: 496131F100912B7542E2005C7E1CE100C6B7D270]
[G] C:\WINDOWS\system32\clipsrv.exe	[PX5: AA6A22C300FC51CC827400A5E8550500B195D2BB]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\TextConv\WRD6ER32.CNV	[PX5: C3C71C92400AE19A461E003B3C2E07005391A6FD]
[G] C:\WINDOWS\system32\DRIVERS\usbscan.sys	[PX5: A345B33E004758873B29000DE02C9B00FEA79BC2]
[G] C:\WINDOWS\system32\remotepg.dll	[PX5: 0ADF9AFA004986FAF08A00BD5618C100F6DCFF42]
[G] C:\WINDOWS\system32\cleanmgr.exe	[PX5: 1DFB49E000389E7F00100105A3F022009EA097BD]
[G] C:\WINDOWS\system32\drivers\atinbtxx.sys	[PX5: 734A4454007FFA55E29F00FF52B7680047F5F3B1]
[G] C:\WINDOWS\system32\mshta.exe	[PX5: E471D23E00EB3DB3B2DC00A2C177ED0052C33CB2]
[G] C:\WINDOWS\system32\drivers\slnthal.sys	[PX5: 4125157DC0CA9DDC747D01DF9E13BE000301B563]
[G] C:\WINDOWS\system32\netplwiz.dll	[PX5: 7066B7A6006BA6CB7C370D6D761E9400DB7EE16D]
[G] C:\WINDOWS\system32\drivers\mqac.sys	[PX5: EAEA039A80F16E11699801DE4E83680080DEFF6E]
[G] C:\WINDOWS\system32\drivers\atinxsxx.sys	[PX5: CEDD5F03008A5FA5F8E5006BA33674000902F33E]
[G] C:\WINDOWS\system32\drivers\usbintel.sys	[PX5: 46A2709400A8B9863E99007B5ED70B00A3584D07]
[G] C:\WINDOWS\system32\DRIVERS\SLIP.sys	[PX5: C05453A580D50DE62B1A00E6C96F3800A046263E]
[G] C:\WINDOWS\system32\drivers\tdtcp.sys	[PX5: 8942980688A6EF76558200032BC6D800DD26DD28]
[G] C:\WINDOWS\system32\drivers\bthpan.sys	[PX5: 5BE273B80025E0C98B4301B3B287960093A3D165]
[G] C:\WINDOWS\system32\drivers\MSKSSRV.sys	[PX5: 1206502B8070367E1DC0005B0E279D003A9EE63B]
[G] C:\WINDOWS\system32\drivers\s3gnbm.sys	[PX5: 61E69E1D00FCADE18C3D02DB5DBD000075CEE0EF]
[G] C:\WINDOWS\system32\drivers\modem.sys	[PX5: F22F2ACE8067686F7617004AA04CD4006926539B]
[G] C:\WINDOWS\system32\drivers\irbus.sys	[PX5: F2826D6200C57828B62F004A2636B3005BFDCEA1]
[G] C:\WINDOWS\system32\rsvpsp.dll	[PX5: 207DDCE400DFBAF46A9901E930F30400B01B2AF5]
[G] C:\WINDOWS\system32\sendmail.dll	[PX5: 8088824600394EBAD8B8000ECF53A80050A09EDB]
[G] C:\WINDOWS\system32\drivers\usb8023.sys	[PX5: 3E77E626002C4E4732F6001737A36500DF1D4C45]
[G] C:\WINDOWS\system32\drivers\pcmcia.sys	[PX5: E57DBA640058975ED777010270809800FCD4E5A8]
[G] C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS	[PX5: B2CFBF060074D4084BB4001A2B9A350050720EA5]
[G] C:\WINDOWS\system32\drivers\mutohpen.sys	[PX5: F0516BDE807DC7ED312D00118D1A3F00F3D76BCF]
[G] C:\WINDOWS\system32\cabview.dll	[PX5: A51B5F1E005CD2A84CA3017840ED7F000F7C10FB]
[G] C:\WINDOWS\system32\dfsshlex.dll	[PX5: 6935BB0F004A750A70830023BC27D6007F3E5BBF]
[G] C:\WINDOWS\system32\drivers\ati1rvxx.sys	[PX5: 791DC4AAAF43CE30F814008CD5B52900B5EE141F]
[G] C:\WINDOWS\system32\drivers\nic1394.sys	[PX5: 6A6B604D8063736BF1A600F2F0678F005B5068A6]
[G] C:\WINDOWS\system32\drivers\ati1mdxx.sys	[PX5: 9A0348305FAB82F42D270060B8503E0045CF641B]
[G] C:\WINDOWS\system32\drivers\ati2mtaa.sys	[PX5: 0FF8649100F26F76FEF504C73380B9002E57B758]
[G] C:\WINDOWS\system32\drivers\slwdmsup.sys	[PX5: 16863D5CB8EACC283314005DED01E500658864AF]
[G] C:\WINDOWS\system32\dot3gpclnt.dll	[PX5: 55E7E93B0015BDC99C0300EE727DCA000ECED423]
[G] C:\WINDOWS\system32\cryptext.dll	[PX5: 2D486C1500171D51D61500F532FE7C00678D22EB]
[G] C:\WINDOWS\system32\drivers\mf.sys	[PX5: 3D97E98E00A086C1F9650053183C0E004DCD4DB3]
[G] C:\WINDOWS\system32\dssec.dll	[PX5: 082A2FB500F7D81FCC3800C338A20A00EADBD389]
[G] C:\WINDOWS\amcap.exe	[PX5: 63B4E50310BD5E7E7FB5004D3754B20023E13408]
[G] C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys	[PX5: 37E661E8003A144B4DFD01732787D60045EBBBCB]
[G] C:\WINDOWS\system32\drivers\nmnt.sys	[PX5: 4F6E51DE803D5E299DD30090E390240049FFAF2D]
[G] C:\WINDOWS\System32\mprdim.dll	[PX5: 9A6C9B7E00FD4834D0D2009663D73D00F21E858F]
[G] C:\WINDOWS\system32\drivers\hsfbs2s2.sys	[PX5: AF892C8C80AD05195B84032B43A9B8008B0F4B6A]
[G] C:\WINDOWS\system32\drivers\atmlane.sys	[PX5: 0680DC6000035655DA6F006BFFA72D00CBE1BD17]
[G] C:\WINDOWS\system32\drivers\avgntmgr.sys	[PX5: ACFEEBF140BFB8705331007B127CAA0020F6F7C9]
[G] C:\WINDOWS\System32\eapsvc.dll	[PX5: 55C4B6D70041A858842400698E9354000D94173B]
[G] C:\WINDOWS\Temp\soundman.exe	[PX5: D201120B003ED584D0B70850E2D418008F3014FE]
[G] C:\WINDOWS\system32\mmc.exe	[PX5: BB63859C0072C504981A15CD595BC900ED685C37]
[G] C:\Programme\Java\jre1.6.0_07\bin\regutils.dll	[PX5: FEA8AD1200F75EBCA06F03CC5A44B300600C4F43]
         

Alt 30.11.2008, 19:15   #7
Lemuren-Frau
 
DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe - Icon17

DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe



Code:
ATTFilter
[G] C:\WINDOWS\System32\DRIVERS\RDPCDD.sys	[PX5: 14FCFAAE80A686EB103300CFAE183900CB624D74]
[G] C:\WINDOWS\system32\drivers\partmgr.sys	[PX5: 08883A9F007E19614D7C0086612781001871B4FA]
[G] C:\WINDOWS\system32\drivers\ntmtlfax.sys	[PX5: F44616B18898348BC05502B7489AC100042E0B8E]
[G] C:\WINDOWS\system32\DRIVERS\ndistapi.sys	[PX5: C3A695B380E30CC02755009BF4479D00BD860124]
[G] C:\WINDOWS\NOTEPAD.EXE	[PX5: 0BE996480094FF11128201400A0F9A00E19129AE]
[G] C:\WINDOWS\system32\drivers\volsnap.sys	[PX5: AC3AFD0E00294768D23200EE1153E40094C74ECD]
[G] C:\WINDOWS\system32\DRIVERS\disk.sys	[PX5: BABEC76A00F1DE6C8E6B006300D7C000C740F7FB]
[G] C:\WINDOWS\system32\DRIVERS\serenum.sys	[PX5: 8F9437AF80598D773D59000B93D44F00C050B469]
[G] C:\WINDOWS\system32\drivers\usbd.sys	[PX5: F328D8568037A02F12FA00A0B0E095005A1BACA9]
[G] C:\WINDOWS\system32\dskquoui.dll	[PX5: E90D5479001E1F8D74BE02604EC81300E42BCE79]
[G] C:\WINDOWS\system32\drivers\tdi.sys	[PX5: 336A5FFA806BA4D04A25002F94650D00FA2EE7F1]
[G] C:\WINDOWS\system32\drivers\hsfdpsp2.sys	[PX5: 8779C2C980FAE868E48B0FB35EB4640037393C0C]
[G] C:\WINDOWS\System32\WScript.exe	[PX5: CE0E9EB100A54CB560AF0200882A3D0036934A94]
[G] C:\WINDOWS\system32\DRIVERS\audstub.sys	[PX5: C910D030000E35B30CDC00441BDEF300B79BCD14]
[G] C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL	[PX5: A83FCF6640922AC79E180079D56A39000F46AC8A]
[G] C:\WINDOWS\system32\drivers\cdfs.sys	[PX5: 32BC87EC00259579F9BB00FE0592C600D2487863]
[G] C:\WINDOWS\system32\drivers\rdpwd.sys	[PX5: DECD2AFD8815523621B402D8A9AF870061A5ECED]
[G] C:\WINDOWS\system32\drivers\mountmgr.sys	[PX5: F625E60D80ACD1DFA5CD0007C352D300C526628E]
[G] C:\WINDOWS\system32\drivers\beep.sys	[PX5: F62FA4F780D77A5110B2005CD7507900637E04C1]
[G] C:\WINDOWS\system32\drivers\fs_rec.sys	[PX5: 2E3179C900CB71741FBA004F645EEB00865149D3]
[G] C:\WINDOWS\system32\drivers\wmilib.sys	[PX5: 7A1B707D0098974111DB00C8E2E10C00FCC422B3]
[G] C:\WINDOWS\system32\drivers\usbvideo.sys	[PX5: FA7006EB805F52DBDCF201809943FE006A5457D5]
[G] C:\WINDOWS\system32\drivers\ksecdd.sys	[PX5: E4281EC0805FE5A768F601501D293C0073A2B968]
[G] C:\WINDOWS\system32\logon.scr	[PX5: 6F31F42E006933485E7103A2253C210016761ECE]
[G] C:\WINDOWS\system32\drivers\sfloppy.sys	[PX5: 7E9124058071CAC72C6F00EC709F9800B81B6135]
[G] C:\WINDOWS\system32\DRIVERS\atapi.sys	[PX5: 7EFDCA54002458B979D801FAFEE1BA00D9C1C0F3]
[G] C:\WINDOWS\system32\DRIVERS\ftdisk.sys	[PX5: D543638280F1FAF5EDA30154BD3E77000D1BD1CA]
[G] C:\WINDOWS\system32\drivers\pciidex.sys	[PX5: DD4713DB80668128615F00A6F0879B00ABFB7BA6]
[G] C:\WINDOWS\system32\gptext.dll	[PX5: 70FC943600915BE3164F034BD8B48200786F7111]
[G] C:\WINDOWS\system32\ieframe.dll.mui	[PX5: C7309432003A2589E08A0FD0A1722500867CCE79]
[G] C:\WINDOWS\system32\photowiz.dll	[PX5: 4155ACBB00BE82B2A069026A61F21C00985C0859]
[G] C:\WINDOWS\System32\drivers\dmio.sys	[PX5: 33A7916100B2EE7E5AC702A49AA6DC0023D8BC9A]
[G] C:\WINDOWS\system32\drivers\diskdump.sys	[PX5: 6D7A5F848072A37B37EB00C342763700A71B4DD2]
[G] C:\WINDOWS\system32\DRIVERS\irenum.sys	[PX5: EFF123FF009559F82C9800EF91504100B6FCDE09]
[G] C:\WINDOWS\system32\drivers\mup.sys	[PX5: 82B83CA280B2FE349BD401F92F115C0088A9D676]
[G] C:\WINDOWS\system32\printui.dll	[PX5: 97CB8B660040C004CC7D08875CC70E00727655E7]
[G] C:\WINDOWS\system32\DRIVERS\pciide.sys	[PX5: 826808EE00CFD8500D55002AE8E7E200B79BCD14]
[G] C:\WINDOWS\system32\drivers\nwrdr.sys	[PX5: 1CC957CA005466707FF2024CA9B3BA00D89CE518]
[G] C:\WINDOWS\system32\drivers\ntfs.sys	[PX5: 68B8CB9A00DB8C31C6650828ECB5D000D907D29A]
[G] C:\WINDOWS\system32\DRIVERS\usbohci.sys	[PX5: FFC6A1880085CDB043890072FE7BF30079BAA707]
[G] C:\WINDOWS\system32\drivers\hdaudbus.sys	[PX5: 73D184090042DDE5345C02650DBE220005836311]
[G] C:\WINDOWS\system32\dsquery.dll	[PX5: EBA9AA4600349117AAFF03C1CF990D00FD32123A]
[G] C:\WINDOWS\system32\mspaint.exe	[PX5: 4681FADB00DE6E434A4605477AA9580065AB6E3B]
[G] C:\WINDOWS\system32\wiaacmgr.exe	[PX5: 5904590D00EA98ABAEC6062E4D77BF003561C61D]
[G] C:\WINDOWS\system32\drivers\mnmdd.sys	[PX5: 33A41DEC8064684210700001C4EA1400320E2D4F]
[G] C:\Programme\Malwarebytes' Anti-Malware\mbamext.dll	[PX5: 2636393D903EDB421E1701B5D563E60036B137C9]
[G] C:\WINDOWS\system32\DRIVERS\nvnetbus.sys	[PX5: 08708151008B63BC33960072C323FD003D9F5C44]
[G] C:\WINDOWS\system32\DRIVERS\isapnp.sys	[PX5: 058FA73D0024005F9313009604518D00E0966DA4]
[G] C:\WINDOWS\system32\fontext.dll	[PX5: 1A64F5B3003541FBE667056357AD1B00588719DF]
[G] C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys	[PX5: AFAB540028C51F8D3F8C00462ED662001B4ADE66]
[G] C:\WINDOWS\system32\drivers\null.sys	[PX5: 7047032880E19D2B0B4300F23A496700B79BCD14]
[G] C:\WINDOWS\system32\drivers\ndis.sys	[PX5: 66FD69E280C0307CC99502059A6E1F00A3DC5047]
[G] C:\WINDOWS\system32\DRIVERS\nvata.sys	[PX5: 86027BDE80619374893501E23C23E0009EDA2EDA]
[G] C:\WINDOWS\system32\DRIVERS\rdbss.sys	[PX5: DDFA4CB7805D697DAE6F022E35C3740009720658]
[G] C:\WINDOWS\system32\wuapi.dll.mui	[PX5: B3A56118C82AF264748B0055EDD88100F6980864]
[G] C:\WINDOWS\system32\DRIVERS\ACPI.sys	[PX5: 6EB7D7248014C2CFE16D029EF0BB70003EC8805D]
[G] C:\WINDOWS\system32\DRIVERS\netbios.sys	[PX5: 23DB0EFF80B83ECF873100DB571168001F4F3EBE]
[G] C:\WINDOWS\system32\drivers\bridge.sys	[PX5: 5952BE348035D33F17AC01C9641C24008927A6E8]
[G] C:\WINDOWS\system32\drivers\npfs.sys	[PX5: B43BD59880189C23783E008E44C90300668CF774]
[G] C:\WINDOWS\system32\sndrec32.exe	[PX5: D145BD9900829EAD08FB028084249300ADCF9CE7]
[G] C:\WINDOWS\system32\DRIVERS\pci.sys	[PX5: 70ABBFD580C14EBE0A2401AA543AE400297E960D]
[G] C:\WINDOWS\system32\DRIVERS\sr.sys	[PX5: 4D90659E00D8A4771F1A013E6E421F00D4858A91]
[G] C:\WINDOWS\system32\drivers\classpnp.sys	[PX5: DABB94D3808B9CD2C1E700433F343C002A376870]
[G] C:\WINDOWS\system32\rdpsnd.dll	[PX5: 94F25505005176F04E5600D81110B8003A89EAE3]
[G] C:\WINDOWS\system32\DRIVERS\swenum.sys	[PX5: FDB253C8004ADC8E110200CB82EF3C007DFF1D3C]
[G] C:\WINDOWS\System32\drivers\dmload.sys	[PX5: FC216AA0003B46A9171D00359F9C1600E909FEB4]
[G] C:\WINDOWS\system32\DRIVERS\srv.sys	[PX5: 550DD09B002185AA185F05793A7CD300768EB1C6]
[G] C:\WINDOWS\system32\drivers\fltmgr.sys	[PX5: D4102B44002D99F7FBD9017938FF2E006FE1A407]
[G] C:\WINDOWS\system32\DRIVERS\ipinip.sys	[PX5: 9655BFAF8030F62E513A00C352D24800CFB42084]
[G] C:\WINDOWS\system32\occache.dll	[PX5: 2B6F8D7F009CF7B292AE019174B6F100101D1E60]
[G] C:\WINDOWS\system32\drivers\imagesrv.sys	[PX5: 765B695900F122C8E91A01E15C4A6300587F7CC0]
[G] C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe	[PX5: FE28283000FE7477B0170573B2632E00E44273A4]
[G] C:\Programme\Windows NT\Pinball\PINBALL.EXE	[PX5: 496A0F6900E473C5504E04A5A0555A007344FA31]
[G] C:\WINDOWS\system32\DRIVERS\mrxdav.sys	[PX5: 86A7BD6A80472829C1AA02C410774F00921E43D8]
[G] C:\WINDOWS\system32\DRIVERS\CCDECODE.sys	[PX5: 4E4CADF380552430426F00BC05FF9D002AA63938]
[G] C:\WINDOWS\system32\drivers\dxgthk.sys	[PX5: 0164AB8900598A330DE900E4FEF37900B79BCD14]
[G] C:\WINDOWS\system32\drivers\msfs.sys	[PX5: 075BA4B3803111464A9700E6E20263002BA4C5C1]
[G] C:\WINDOWS\system32\DRIVERS\mouhid.sys	[PX5: 2301F35000287EAB3080000FDBBFFD00616C946A]
[G] C:\WINDOWS\system32\DRIVERS\ssmdrv.sys	[PX5: 195D2E3C0086DC0A53A20026A9CC7D006E7734E1]
[G] C:\WINDOWS\system32\drivers\drmk.sys	[PX5: 73B664550055CFD9EB9800CC44976A00817D1F0B]
[G] C:\WINDOWS\system32\DRIVERS\ndiswan.sys	[PX5: 8EBDB6FD80F9F2E2651A01DE3D64ED007AF52054]
[G] C:\WINDOWS\system32\DRIVERS\termdd.sys	[PX5: A51ACDC18840AF6D9F64006193DC6900F22BC047]
[G] C:\WINDOWS\system32\drivers\hidparse.sys	[PX5: 202AE5AF805FDB4161470039E900C000FE5D1DA2]
[G] C:\WINDOWS\system32\drivers\cdaudio.sys	[PX5: 7D0D30B9001A5352491B006D9C79D000079079B1]
[G] C:\WINDOWS\system32\DRIVERS\kbdclass.sys	[PX5: 294697E880A9284062B000EC87665B00FEFDB27B]
[G] C:\WINDOWS\system32\DRIVERS\rasl2tp.sys	[PX5: 04361C2480BC21BEC86000FE8376D300F6D5AE51]
[G] C:\WINDOWS\system32\DRIVERS\NVENETFD.sys	[PX5: 96B2B3E38041D6BA8525005E9B84560030A3E7A8]
[G] C:\WINDOWS\system32\watchdog.sys	[PX5: A5490EC7005C2AF84570001E79455E00E3F49155]
[G] C:\WINDOWS\system32\DRIVERS\serial.sys	[PX5: 00865C28000F2474001F01FA052025002BDC02B0]
[G] C:\WINDOWS\system32\drivers\flpydisk.sys	[PX5: 60E1171000EEA79E50BF00391F7EE0003B4C37EA]
[G] C:\WINDOWS\system32\drivers\videoprt.sys	[PX5: 377F3A12008678163F89010948A33F00D705246B]
[G] C:\WINDOWS\Fonts\vgafix.fon	[PX5: 91E18BC7F0A0037314FB006B55157F001FC9364C]
[G] C:\WINDOWS\system32\DRIVERS\cdrom.sys	[PX5: C199071200DE4547F6A400CF6EE9C000D563E181]
[G] C:\WINDOWS\system32\drivers\hidclass.sys	[PX5: 58962C52003149AD90AA00A3D0DBC5000F414D33]
[G] C:\WINDOWS\system32\DRIVERS\msgpc.sys	[PX5: A6DC8C520088C979894600B57B2B1A003DB240E9]
[G] C:\WINDOWS\system32\drivers\drmkaud.sys	[PX5: E77F06BC803B27C80BA600EB22B53D00B79BCD14]
[G] C:\WINDOWS\system32\DRIVERS\hidusb.sys	[PX5: 0884A76A809785C2288500710D0CA8002206DE99]
[G] C:\WINDOWS\system32\svchost.exe	[PX5: 23F40507005527D0384D00B1B671830018931878]
[G] C:\WINDOWS\system32\DRIVERS\processr.sys	[PX5: BB2A3C640003321C9C3A006C7B5F3B00A7B85A69]
[G] C:\WINDOWS\system32\lsass.exe	[PX5: 4D36D1B500AF6D2D3445003B3C2E0700CA6A49F7]
[G] C:\WINDOWS\system32\DRIVERS\rasacd.sys	[PX5: EF519CA180B540A42200002C4F06E3005372DD33]
[G] C:\WINDOWS\system32\drivers\splitter.sys	[PX5: 249A00638095166C184E008C6AC358001B15C957]
[G] C:\WINDOWS\system32\DRIVERS\usbhub.sys	[PX5: 028A9D718013183EE8C20091B9A9DF00B4FA14E0]
[G] C:\WINDOWS\system32\drivers\portcls.sys	[PX5: 4063DAA88063A56E3A31026918DD9D00E5A06C42]
[G] C:\WINDOWS\system32\drivers\ndproxy.sys	[PX5: 0529FE4980554C459E7D0017155F0300464A72C9]
[G] C:\WINDOWS\Fonts\vgasys.fon	[PX5: 374F9840707DD0451C8100F3EB938400C3FB24D8]
[G] C:\WINDOWS\system32\DRIVERS\wanarp.sys	[PX5: D61BDDFF00BF41D487E5002B87E949000AB1F829]
[G] C:\WINDOWS\System32\drivers\vga.sys	[PX5: 14B18202007EA0B752C8003693833D008EAD2108]
[G] C:\WINDOWS\system32\DRIVERS\fdc.sys	[PX5: 030113CC009ED3836B77000B64308F00665FD179]
[G] C:\WINDOWS\system32\DRIVERS\ptilink.sys	[PX5: F96F182D805891FA452B007EBD870E004C25BA07]
[G] C:\WINDOWS\system32\drivers\fips.sys	[PX5: 744A974780158591AEE700FCB47CB0001FAA6C45]
[G] C:\WINDOWS\system32\DRIVERS\mouclass.sys	[PX5: 3C924CE100C24F275C2F002C47B756000147A884]
[G] C:\WINDOWS\System32\lmhsvc.dll	[PX5: 2AB202DB0019635B3662003C19BD720087B3000C]
[G] C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys	[PX5: 9E7183A14012359F2ECF00C7B7B63000D208526F]
[G] C:\WINDOWS\system32\DRIVERS\ndisuio.sys	[PX5: 2EA05445002F5FBA39F20007FCC82A00618DCF3E]
[G] C:\WINDOWS\system32\drivers\dxapi.sys	[PX5: D0E069F50027643C29470029619BD400B7B7054A]
[G] C:\WINDOWS\system32\DRIVERS\ipsec.sys	[PX5: 79A0224700FAFF4326830149CF7DA0000DFE2E8B]
[G] C:\WINDOWS\system32\DRIVERS\redbook.sys	[PX5: B8EFDA0A80279C0DE1A3008649095C00E720695B]
[G] C:\WINDOWS\system32\DRIVERS\psched.sys	[PX5: C7C1320E008655110E77011715C66E007F5FF524]
[G] C:\WINDOWS\system32\DRIVERS\raspppoe.sys	[PX5: A8F2C94800B2E031A21A00F0EC682E00315F4F25]
[G] C:\WINDOWS\system32\DRIVERS\raspptp.sys	[PX5: B1A119FE00E7C604BDD8000AFFA89E000AC425E1]
[G] C:\WINDOWS\system32\drivers\ks.sys	[PX5: 87503DB3004DD623274B02500D0F0100F925AF13]
[G] C:\WINDOWS\system32\wuauserv.dll	[PX5: 6E4DF50C003CF3B11A9900AA1DD8A100AFA4DFF1]
[G] C:\WINDOWS\system32\DRIVERS\imapi.sys	[PX5: 3B4CF15D80843BB7A4700016353E4C009D72AA2C]
[G] C:\WINDOWS\system32\DRIVERS\usbehci.sys	[PX5: B7CF4A1F000610EE76A700C59AB11800317C3739]
[G] C:\WINDOWS\system32\drivers\usbport.sys	[PX5: 2DE2E261000BE51B321102D489119600D037C29D]
[G] C:\WINDOWS\system32\DRIVERS\parport.sys	[PX5: F776B5280062C9553A840181DB20C8009086DF67]
[G] C:\WINDOWS\system32\DRIVERS\i8042prt.sys	[PX5: DA98A4B800100080CF5600D07A196E0012DC36B4]
[G] C:\WINDOWS\System32\wshtcpip.dll	[PX5: D704C9EE007FFFDA4C6000FDD398D5002E1D5805]
[G] C:\WINDOWS\system32\drivers\parvdm.sys	[PX5: D78233F280E873FD1B40001BF0D2FD00BACAF8B2]
[G] C:\WINDOWS\system32\DRIVERS\raspti.sys	[PX5: 506F10F380FEE57C406900BE351741009F00F0DE]
[G] C:\WINDOWS\system32\CTFMON.EXE	[PX5: 02B11A6700E5509F3C0D00C310E233008C09757E]
[G] C:\WINDOWS\system32\rundll32.exe	[PX5: 044EF60A00BCA32984A2003396ABA600BF975B81]
[G] C:\WINDOWS\System32\w3ssl.dll	[PX5: 6C3C5B0A003E1F303E1E00FA8E0DA50013697EFD]
[G] C:\WINDOWS\system32\dllhost.exe	[PX5: F5448B0200285373141000811EF2280045FF800F]
[G] C:\WINDOWS\system32\drivers\nvsnpu.sys	[PX5: CECC06C700A6AF4766060333227CC700CEB507B5]
[G] C:\WINDOWS\system32\cisvc.exe	[PX5: 5B1FCEE900C604831646004596EDB600A74ED4C6]
[G] C:\WINDOWS\system32\userinit.exe	[PX5: 1BA14B0F00B667846885004BBE2CC4009C7E4B62]
[G] C:\WINDOWS\system32\drivers\dxg.sys	[PX5: 44B3ED82006E893D169701DEBB322F00F12E58E5]
[G] C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys	[PX5: A02427CF4057DAD3CB63006855908300150E1ED0]
[G] C:\WINDOWS\system32\DRIVERS\tcpip.sys	[PX5: 7425FFD4801F976C845E057FA12DE300FB2DB5ED]
[G] C:\WINDOWS\system32\drivers\nvnrm.sys	[PX5: 00F4FDA5002F3F5BA8B704A00FFEAC008BC52919]
[G] C:\WINDOWS\system32\control.exe	[PX5: F0C9BB9B00D7FEE920C900E6B3BA7000AAC311FC]
[G] C:\WINDOWS\System32\dnsrslvr.dll	[PX5: 910D50C10000EEFBB2E500A7F82E690041FDEC4C]
[G] C:\WINDOWS\system32\DRIVERS\rdpdr.sys	[PX5: 82D5CECB80D432D9FE04025BA4D770006B8DDA66]
[G] C:\WINDOWS\system32\DRIVERS\netbt.sys	[PX5: 10240F6500B6E3837C9E02C94F390000DA1650D3]
[G] C:\WINDOWS\system32\drivers\udfs.sys	[PX5: 988B7E82003617020237016FD9022800564BB7C4]
[G] C:\WINDOWS\System32\seclogon.dll	[PX5: D77875A8006032A84A84008952AB3A00A54EF6C3]
[G] C:\WINDOWS\System32\audiosrv.dll	[PX5: 336CD329007E399FA66A001955599B003F02C33C]
[G] C:\WINDOWS\system32\DRIVERS\Dr71WU.sys	[PX5: D43FC3A1000BE02DBFFF0303854CF2002BEF085A]
[G] C:\WINDOWS\system32\DRIVERS\ipnat.sys	[PX5: 1F7F2BD10003DE0655BE02D5B028F400DFB3DD71]
[G] C:\WINDOWS\system32\DRIVERS\update.sys	[PX5: 355F58320023AEC7DF8C05CE3C3D20001B8BA7AA]
[G] C:\WINDOWS\System32\dimsntfy.dll	[PX5: DBF0C3DD005DD11C4C7F008B844693006D77A380]
[G] C:\WINDOWS\system32\DRIVERS\avipbb.sys	[PX5: 1CE3C4D840973638258A01E4C3EEF5001983B698]
[G] C:\WINDOWS\system32\regsvr32.exe	[PX5: 074A2CA30086912530FD002A160A72000E162B7C]
[G] C:\WINDOWS\system32\drivers\ALCXWDM.SYS	[PX5: 4CEAB620004D16B6FB263EFF50501300079C8CDE]
[G] C:\WINDOWS\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe	[PX5: 5DDA7F3F000D13566AA0008016B27F001CFEBC4F]
[G] C:\WINDOWS\System32\shsvcs.dll	[PX5: 3D95376200A15CFA100D02B62AC38B00D7CA9FE6]
[G] C:\WINDOWS\system32\autochk.exe	[PX5: 2C2391C300F62E748E7B091CADAC9C00F66023A8]
[G] C:\WINDOWS\system32\drivers\swmidi.sys	[PX5: 2892580B00DCE1F2DD42008A125D7D002F2F9BB3]
[G] C:\WINDOWS\system32\cryptnet.dll	[PX5: A57ED01300CE9F74FCCC00FFBB207800DBB299E0]
[G] C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS	[PX5: ABA065AC00509344675C00C0C2499A00F9776F56]
[G] C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe	[PX5: C7DF4D8770F70EDD9BCB004605B38200E373D9BE]
[G] C:\WINDOWS\system32\services.exe	[PX5: 763655A60066FD4CAA5C016C25DE39003120232A]
[G] C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll	[PX5: 545F60810028DF8D96A3008682229100C9AD93F1]
[G] C:\WINDOWS\System32\dmserver.dll	[PX5: 041131C900AC1BCB5E89005708E5AC00E51DD398]
[G] C:\WINDOWS\system32\wlnotify.dll	[PX5: 87C08A54002825B86E3201B3A4D52F00AB98A10D]
[G] C:\WINDOWS\system32\drivers\sysaudio.sys	[PX5: 2926AFDF803A44F7ED6500393AED6500DE71464F]
[G] C:\WINDOWS\system32\drivers\DMusic.sys	[PX5: 64B493018066E6FACEE6008D21636D0042F7754A]
[G] C:\WINDOWS\System32\drivers\afd.sys	[PX5: D0DAC555003648FC1D6402AEB1A30300B6AA81C4]
[G] C:\WINDOWS\system32\vga.drv	[PX5: 8D38D13480CC42FA089200F6F3895F00B79BCD14]
[G] C:\WINDOWS\system32\ntvdm.exe	[PX5: 1F085E250012DE38723C06242FF6B200AD76E526]
[G] C:\WINDOWS\system32\msdtc.exe	[PX5: 88D0F19B006CE4E51899006A47ED38009E2E8BFD]
[G] C:\WINDOWS\System32\ersvc.dll	[PX5: 14FB847100A1ED335ACE00FD240D4000FB85E5D2]
[G] C:\Programme\Outlook Express\wab.exe	[PX5: 0F0E376900814DFFB49D004825D9CA00F5D3B1D8]
[G] C:\WINDOWS\system32\spoolsv.exe	[PX5: 1A02614C00AFB573E240000320EF83001BE39EF3]
[G] C:\WINDOWS\system32\oobe\msoobe.exe	[PX5: 975B9C0E0021535772D50037D7F932005C7A9B3A]
[G] C:\WINDOWS\System32\raschap.dll	[PX5: 486A2A4D00B5078F38B4017E09C4C5007847813C]
[G] C:\WINDOWS\System32\webclnt.dll	[PX5: 49436B970016094F0A1C01BA0E43FD003B87CCDB]
[G] C:\WINDOWS\System32\advapi32.dll	[PX5: 947B2B9D002FA3F95A710A2418F5D300538CB934]
[G] C:\WINDOWS\system32\sens.dll	[PX5: 4DFC29C200DE985D9A8800DB33C47B000C58EE54]
[G] C:\WINDOWS\system32\cscdll.dll	[PX5: B055F3B8004D4CE292C901E605CCB70009C8A5DF]
[G] C:\WINDOWS\system32\alrsvc.dll	[PX5: 9C99AFC00034923E44BE0046754A0A0044098BCC]
[G] C:\WINDOWS\system32\drivers\wdmaud.sys	[PX5: E126BB778045B8DA444001D16C1BB100FFD9144B]
[G] C:\WINDOWS\system32\DRIVERS\mrxsmb.sys	[PX5: 24D415A780CEFA02F2BA06AE34390000BAECA386]
[G] C:\WINDOWS\system32\drivers\fastfat.sys	[PX5: F0856C7A80397A29311C02813B3DA50014641845]
[G] C:\WINDOWS\system32\scecli.dll	[PX5: C63474AF00CE9DE8DE570212E35009004DB9DFD6]
[G] C:\WINDOWS\system32\rpcss.dll	[PX5: CCA6393600C47965186E069EF8124900F40F461E]
[G] C:\WINDOWS\System32\cryptsvc.dll	[PX5: A9ECD31000C862BDF455008851C14F00E011E670]
[G] C:\WINDOWS\system32\win32k.sys	[PX5: C85FC27D006E5E9F2D1B1C34F271D7006BBE20B0]
[G] C:\WINDOWS\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\mspicons.exe	[PX5: 596308E9002398902C89003B3C2E0700602924D1]
[G] C:\WINDOWS\system32\winspool.drv	[PX5: D94C6AFE002731653E3C025309A75300F10EADF8]
[G] C:\WINDOWS\System32\alg.exe	[PX5: 7AA6FE1600A84BB2AEC2005EDE65FA00E84456F3]
[G] C:\WINDOWS\system32\tssoft32.acm	[PX5: 321787E40078F5BA20E000C38B02C600C7705B34]
[G] C:\WINDOWS\system32\NvMcTray.dll	[PX5: 88809440007F0A5B50B50127F1180A00F9387457]
[G] C:\WINDOWS\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\cagicon.exe	[PX5: 596308E9002398903089003B3C2E0700CD2F1CEB]
[G] C:\WINDOWS\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\opwicon.exe	[PX5: 596308E9002398901089003B3C2E0700B79BCD14]
[G] C:\WINDOWS\System32\dhcpcsvc.dll	[PX5: 1AD42F070071C261F2F501D644C43A00D155CE42]
[G] C:\WINDOWS\system32\regsvc.dll	[PX5: 672432AD0063855FEA66000C9ADB4C00F7BBE50C]
[G] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe	[PX5: 700BB9B808038308846600EF74731100EEABDE2B]
[G] C:\WINDOWS\System32\mswsock.dll	[PX5: 324B0F6D00270B46C67D033E5ED3540041E7B38A]
[G] C:\WINDOWS\system32\schedsvc.dll	[PX5: 2BCE40A600185F3CF4AD0296AFCFF2004C5CBA98]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\MSInfo\msinfo32.exe	[PX5: DCC20BBB0036A3BB9EFA00953DF8F2002A7A563C]
[G] C:\WINDOWS\System32\wkssvc.dll	[PX5: 5FA7F74C000A8629045E02F45C18540004D4AE63]
[G] C:\WINDOWS\System32\rastls.dll	[PX5: 0DA5D27300B02B604EBB02646517D90041655BA4]
[G] C:\WINDOWS\system32\tsbyuv.dll	[PX5: 6075581A0019522320A100B4BB4D9000D485EA17]
[G] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe	[PX5: 31115ECC48CCB130C502016A8CB8BE00D57CAC4D]
[G] C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe	[PX5: 87A4DC6F010FA0CB4FDB02E2FA80BA00336555A0]
[G] C:\WINDOWS\system32\mydocs.dll	[PX5: C47F0FE700FE6D8764D20180D1DB9B00D45ADD80]
[G] C:\WINDOWS\system32\drivers\ovtcamd.sys	[PX5: F55B706276F147DC5F46000036878B000101F24E]
[G] C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe	[PX5: AB8ED87E010A3A5B0DE20105AC451D004FD09A13]
[G] C:\WINDOWS\system32\w32time.dll	[PX5: 08F5F8FA008F188FB49F02358C891A0074A48A5E]
[G] C:\WINDOWS\system32\crypt32.dll	[PX5: A6C312EA00438F913834098A41A95200EFD3D159]
[G] C:\WINDOWS\system32\notepad.exe	[PX5: 0BE996480094FF11128201400A0F9A00E19129AE]
[G] C:\WINDOWS\SOUNDMAN.EXE	[PX5: D201120B003ED584D0B70850E2D418008F3014FE]
[G] C:\WINDOWS\system32\wshext.dll	[PX5: 2D05224B0041D5AE60CC01A28C59E90092B18148]
[G] C:\WINDOWS\System32\browser.dll	[PX5: FD404509003324FF30C601BBE56DAF005BF8823F]
[G] C:\Programme\MSN Gaming Zone\Windows\bckgzm.exe	[PX5: 9D474397512091ACA65800E4BD9348002DEB4659]
[G] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe	[PX5: 20C22ECF485688CEC53E014D32F31100C911AE36]
[G] C:\Programme\MSN Gaming Zone\Windows\hrtzzm.exe	[PX5: 37D621194D2091ACA65800E4BD934800005AA1EA]
[G] C:\Programme\Microsoft Office\OFFICE11\msohev.dll	[PX5: 9A454C88383E02BC06ED01134822DA00C01DA356]
[G] C:\WINDOWS\system32\imaadp32.acm	[PX5: CFF281E600E15C3540BF008C0AEE8500F7CD85C1]
[G] C:\WINDOWS\system32\logonui.exe	[PX5: 4536BA0000DFE871DCC607CB179E3F001B9DE7B1]
[G] C:\WINDOWS\system32\ieudinit.exe	[PX5: C0E7DA1A00728720360A0021165ED30006613E5B]
[G] C:\WINDOWS\system32\lhacm.acm	[PX5: 2F1B723C10937A6E85C600809B7FD70006B32C74]
[G] C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe	[PX5: 210428CD00C50AB4906700015847AC003733BE1F]
[G] C:\WINDOWS\system32\drivers\aec.sys	[PX5: E884BE24008C5EEB2D92028B46462900B520927C]
[GP] C:\Programme\IrfanView\iv_uninstall.exe	[PX5: 106F6B5C00053242723900407DDACC003ABFCFD4]
[G] C:\Programme\MSN Gaming Zone\Windows\chkrzm.exe	[PX5: 4E0F72B34F2091ACA65800E4BD9348001EF42528]
[G] C:\WINDOWS\system32\drivers\kmixer.sys	[PX5: 1C3250A68067C4B7A11302D8512D9900630738EA]
[G] C:\WINDOWS\system32\wscsvc.dll	[PX5: 78F1DFDE00EB98993CDE01DCD15D0F003BE1F243]
[G] C:\WINDOWS\System32\ups.exe	[PX5: EB0902AB000750CB4840003FB8388C00F3DC32AA]
[G] C:\WINDOWS\system32\mnmsrvc.exe	[PX5: 09A774C800D71BFC80AE005F190EAC002F974098]
[G] C:\WINDOWS\system32\msrle32.dll	[PX5: 41502798008293D12C2D0048B9FD2B00B443C5E1]
[G] C:\WINDOWS\system32\NeroCheck.exe	[PX5: 0A1755890076B4FC600C028A81C92900BA5A263E]
[G] C:\WINDOWS\system32\digest.dll	[PX5: 08468C0300236E9E0CD401E9C8A943000EDED7F1]
[G] C:\WINDOWS\System32\cscui.dll	[PX5: C45B2A420054D6DF1CE505FB897263007DF47C7A]
[G] C:\WINDOWS\system32\msyuv.dll	[PX5: 2688110800DB9BE5420C00F9DB325D00611C9D0B]
[G] C:\WINDOWS\system32\wuaucpl.cpl.mui	[PX5: 23505EA3C85AF20E74BA003E5F84D800843421E5]
[G] C:\WINDOWS\system32\nvsvc32.exe	[PX5: AE8F1EF04434269F70FB020BBDF3EA00271DC922]
[G] C:\WINDOWS\Installer\{3DE0053C-FD9A-483E-B7C9-B06E4392206E}\iTunesIco.exe	[PX5: 50047256005E8C6690340159196C83009E48060F]
[G] C:\WINDOWS\explorer.exe	[PX5: CD746763002B8BEED2F00FDC583A42003E38EFDB]
[S] C:\WINDOWS\system32\wupdmgr.exe	[PX5: 2DBB84FC007ACE3C7EB800E67887040034897091]
[G] C:\Programme\Java\jre1.6.0_07\bin\jusched.exe	[PX5: 6ECF162C90DB2F503505026809A8340059C6E1E1]
[G] C:\WINDOWS\system32\NetSetup.cpl	[PX5: 5FA7F8E900713E1F6403003320F5960059DC849D]
[G] C:\WINDOWS\system32\pschdprf.dll	[PX5: BDA233CF00383C012A6B003B039D1D00917FAFF1]
[G] C:\WINDOWS\System32\wzcsvc.dll	[PX5: 353E5380002DAAAF623407425B91DD002BFFB7B8]
[G] C:\WINDOWS\system32\wbem\WMIsvc.dll	[PX5: 87C4FEDC00E4FC7538DF022F3EAE900086E02453]
[G] C:\WINDOWS\System32\ssdpsrv.dll	[PX5: 20ACE76A00AAEB08183201E9D4E1D0002C1330BE]
[G] C:\WINDOWS\System32\srvsvc.dll	[PX5: 8A95D495000C14E47AF201B8964130008AFD24C1]
[G] C:\Programme\Windows NT\hypertrm.exe	[PX5: 9157360300680C046EEE004E48378400C29252C2]
[G] C:\WINDOWS\system32\drivers\mbam.sys	[PX5: 9D85F0E290EA43593C6000FF35635F009D9D6602]
[G] C:\WINDOWS\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\oisicon.exe	[PX5: 596308E9002398906A89003B3C2E0700A91DD3A8]
[G] C:\WINDOWS\system32\trkwks.dll	[PX5: A580162700AA9655604F01315F2A980043FE24A9]
[G] C:\WINDOWS\System32\Drivers\CBPSp50.sys	[PX5: A557114F80B4160C4EF200390E098700DDDCF01D]
[G] C:\WINDOWS\system32\msgsm32.acm	[PX5: 3B6B5DA400BD651B4E78005CEA8BB800E1579172]
[G] C:\WINDOWS\system32\msg711.acm	[PX5: 290EEC75004AAB9324510012D62AF30037DC8D77]
[G] C:\WINDOWS\system32\msadp32.acm	[PX5: CD5B425B003A7B4A3AD600CBC478F100F3BB8372]
[G] C:\WINDOWS\system32\wucltui.dll.mui	[PX5: 92B5E9A1C8BD2EA284E600698ED5AF00750FCFB4]
[G] C:\WINDOWS\system32\msapsspc.dll	[PX5: 2CF43D1700C4CDB8503401567665CE00EC1542F9]
[G] C:\Programme\VideoLAN VLC\vlc.exe	[PX5: D174EFFD008602BE78CB013B3C2E0700C253CAE3]
[G] C:\WINDOWS\System32\rasmans.dll	[PX5: B8BF754E00C4CA47D81F021838A8E900259B37E4]
[G] C:\WINDOWS\system32\msiexec.exe	[PX5: 33B5463D0024726334560107FE07E900E509458B]
[G] C:\WINDOWS\system32\iyuv_32.dll	[PX5: 020CDC52000F6953BA8B00D2FABD9200FE68AF6F]
[G] C:\WINDOWS\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\pubs.exe	[PX5: C71AFF7200E4C034F07F002DDDE82A006A6278F4]
[G] C:\Programme\QuickTime\QTTask.exe	[PX5: 51BD83BA00465D345078066C89D3EB008570B4B3]
[G] C:\WINDOWS\system32\VfWWDM32.dll	[PX5: 93286F1F00EE93D8D40900C65BAA3E0060927A04]
         

Alt 30.11.2008, 19:18   #8
Lemuren-Frau
 
DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe - Icon35

DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe



und TADAA! der gute Rest
Code:
ATTFilter
[G] C:\WINDOWS\system32\sl_anet.acm	[PX5: 08D4B7BF007AFC06505101CC8DFD3F00EA554C75]
[G] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe	[PX5: 6EFAD9B8005FFA1B128A0113E3634300FEFA54C7]
[G] C:\WINDOWS\Resources\themes\Luna\Luna.msstyles	[PX5: D10EDF5990A0E54CF00C3FFB772E820020CC58C8]
[G] C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe	[PX5: DC10F4170184C6E01118048C340EAC0079BC33AB]
[G] C:\WINDOWS\system32\WgaLogon.dll	[PX5: F67BBC0828AD960C14A7041F7DAE5D00BE13101B]
[G] C:\WINDOWS\system32\perfos.dll	[PX5: EA2041CB00C521C366B900DC28B2E800ABC4C34B]
[G] C:\Programme\MSN Gaming Zone\Windows\shvlzm.exe	[PX5: 45EC018D4D2091ACA65800E4BD9348003BEBC32F]
[G] C:\WINDOWS\System32\netman.dll	[PX5: 78EAFFBE001B10AF065B03F37169A600678F6D7C]
[G] C:\WINDOWS\system32\DRIVERS\nv4_mini.sys	[PX5: E9D85ECD8060514103DD64C4C977CE00952D433E]
[G] C:\WINDOWS\system32\shmedia.dll	[PX5: 5EB71F8A00F93BF25A020297711506001B6F6440]
[G] C:\Programme\Bonjour\mDNSResponder.exe	[PX5: FE81C1A400126BE88081032F9A8FBB00B8A7778A]
[G] C:\WINDOWS\system32\imapi.exe	[PX5: 0292E52500347E794C9A029203639000A23F1C1B]
[G] C:\WINDOWS\system32\magnify.exe	[PX5: 5607FC590076E05F1E9601635E5A0100FEA92D97]
[G] C:\WINDOWS\system32\shmgrate.exe	[PX5: 3EF79109009C16D4B07100FE5B2A6100EB439DC5]
[G] C:\Programme\Outlook Express\setup50.exe	[PX5: A6C1868E002F8D14226B013110FA45009AE3D635]
[G] C:\WINDOWS\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\inficon.exe	[PX5: C71AFF7200E4C034507F012DDDE82A009971BA4F]
[G] C:\WINDOWS\system32\srsvc.dll	[PX5: 31401AE9008489779E4E0296C10C7D005FE125F1]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE	[PX5: 2E5BA9D3480CBAE9EA2A04C9F6D7FB00F945EC88]
[G] C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll	[PX5: 43FC1F718034B0CAF2E7007A2CAFD0009BF22C42]
[G] C:\WINDOWS\War3Unin.exe	[PX5: 6FB34FD700974FD620FE025A6588F300BD1D20AA]
[G] C:\Programme\MSN Gaming Zone\Windows\Rvsezm.exe	[PX5: 9D4743974E2091ACA65800E4BD93480069D7E452]
[G] C:\WINDOWS\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\misc.exe	[PX5: C71AFF7200E4C034107F022DDDE82A00618C5760]
[G] C:\WINDOWS\system32\iccvid.dll	[PX5: C8016B7C006B8FCB3AE30139214C9200468DF64C]
[G] C:\WINDOWS\System32\tapisrv.dll	[PX5: 827D2B5F007F2EFBD08A035428B198007C99739C]
[G] C:\WINDOWS\system32\ntkrnlpa.exe	[PX5: 47DD4C8F80E03E968F821F2C84C548005874DE56]
[G] C:\WINDOWS\system32\charmap.exe	[PX5: 8A8C595C00117FE93CB201F2CEF5910022E4E9E5]
[G] C:\Programme\Ahead\Nero Wave Editor\WaveEdit.exe	[PX5: C291A8FA5D24A605D08E0164182A7E00E943C86E]
[G] C:\Programme\iTunes\iTunesHelper.exe	[PX5: BA09F1D628D2DD1169B304E65E0AB1003F9FD7FC]
[G] C:\WINDOWS\System32\Drivers\omcamvid.sys	[PX5: C5D6F005880840F28F3C024C870C7000189E72F2]
[G] C:\WINDOWS\system32\es.dll	[PX5: 1F07CD8E00350363E0BD03C156BEB100C2A9B493]
[G] C:\Programme\Warcraft III\World Editor.exe	[PX5: 32929FF000F1C9C210F0017767FCE100DFC5A40B]
[G] C:\WINDOWS\system32\mshearts.exe	[PX5: 0BA4C04700435440F47E0185465A090038B40D91]
[G] C:\WINDOWS\System32\Drivers\HTTP.sys	[PX5: EA3626FB80ABE84E0A0C04584B61880071DF8746]
[G] C:\WINDOWS\system32\winmine.exe	[PX5: ECB358C60031322CD60D0193E78B8A00F08B712E]
[G] C:\WINDOWS\system32\sol.exe	[PX5: 5F44C87C0079E79BE049002FD274C400F70AA2AE]
[G] C:\WINDOWS\system32\wiaservc.dll	[PX5: D75120C500C1A6591A01053C836CC6005A3C0815]
[G] C:\WINDOWS\system32\freecell.exe	[PX5: 5DA57FB700A89970DABA0061D34EDA00FCA07767]
[G] C:\WINDOWS\system32\ntoskrnl.exe	[PX5: 48DC80FF8060FA3670772126C72D5C00B5D84B79]
[G] C:\WINDOWS\system32\sirenacm.dll	[PX5: 92D29F56708DC7D2C7BF005BB97C8A00D5F934F9]
[G] C:\WINDOWS\System32\rasppp.dll	[PX5: 7C9E46EB00F2CF7C3885035FDFBC4F003E11FEDA]
[G] C:\WINDOWS\system32\ir32_32.dll	[PX5: 48C6FD2800CF7D770AB40340E9EE0B004F741A40]
[G] C:\Programme\Adobe\Reader 8.0\Reader\AcroRd32.exe	[PX5: 14B1D57F70D4C970368E05E929733300A0A3AB98]
[G] C:\WINDOWS\system32\msg723.acm	[PX5: BF75D8B1003007BCD04701D9AD2CB90025EA44BE]
[G] C:\WINDOWS\System32\SCardSvr.exe	[PX5: FC928F5F002A2A51864701B248357200E5086AFB]
[G] C:\WINDOWS\inf\unregmp2.exe	[PX5: 1574498200B04C03402203825075800072816E97]
[G] C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe	[PX5: 22C88065009353A410B701F0598F040069CA50D0]
[G] C:\WINDOWS\system32\Firewall.cpl	[PX5: 6245BEBE003717213C5101A89B14A400903EC683]
[G] C:\Programme\Avira\AntiVir PersonalEdition Classic\avcenter.exe	[PX5: E9DF24320176A1FB719405F1A23641001D0F15C1]
[G] C:\WINDOWS\system32\ie4uinit.exe	[PX5: 1DD96DDD0086CF9F14A001425FEA5D007BF0486B]
[G] C:\WINDOWS\system32\usmt\migwiz.exe	[PX5: D7AD192700D631AFDAA3039B3B684F001FA1007A]
[G] C:\WINDOWS\system32\accwiz.exe	[PX5: A87BC7C900F3F849E20702DA3117EF0064903AF3]
[G] C:\WINDOWS\system32\tourstart.exe	[PX5: DD750B42007AE77D4C8205932D0D340053859E99]
[G] C:\Programme\Mozilla Firefox\firefox.exe	[PX5: ACDB8F66007DEAB0B2ED0444C8D6FA0084471EE4]
[G] C:\WINDOWS\system32\shell32.dll	[PX5: 70AE93D100257CE2BC1081464361050010934F18]
[G] C:\Programme\Windows Media Player\wmplayer.exe	[PX5: 37371B93005C1FC32023012DDDE82A00B445B0AE]
[G] C:\Programme\MSN Messenger\usnsvc.exe	[PX5: 5ADE8CB4702068007B8E0103793683003D23EE98]
[G] C:\Programme\InstallShield Installation Information\{66723F8E-3F1D-4250-8A81-B2C81777467E}\setup.exe	[PX5: FDFCAD81B014843BF3B8068513C8E000F47CED30]
[G] C:\Programme\Warcraft III\Warcraft III.exe	[PX5: BA21708A00BD8572301E045F2E4A8F006FC9331B]
[G] C:\Programme\Warcraft III\Frozen Throne.exe	[PX5: ED919488000497433065041BB69B3C005685D283]
[G] C:\Programme\iPod\bin\iPodService.exe	[PX5: BCE992A028CB0D341F3B08DF898D3F00BBB12DCF]
[G] C:\WINDOWS\system32\cmd.exe	[PX5: 45DE8E210057067422080606F4B6C60031C3C64C]
[GP] C:\Programme\IrfanView\i_view32.exe	[PX5: 2CAA8CA70040E45908B4070478CD5600506184F6]
[G] C:\WINDOWS\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\pptico.exe	[PX5: C71AFF7200E4C034D07F032DDDE82A000B76B7DE]
[G] C:\WINDOWS\system32\dskquota.dll	[PX5: F5E15CA000745D3E6C0A011A001989003F6AD3BC]
[G] C:\WINDOWS\system32\msh263.drv	[PX5: CC55E16500F1A0D390570493F1F81100831AEB2C]
[G] C:\Programme\7-Zip\7zFM.exe	[PX5: 2A79CFB100AF90BB965B042B40DB8400CF88F6AE]
[G] C:\WINDOWS\system32\mstsc.exe	[PX5: 30AD490000AC91D6584F0A837C7C5900E8A1F0E0]
[G] C:\WINDOWS\System32\termsrv.dll	[PX5: FD9E6BE900E7703D8A4C0474AC1C1500D4CE89FB]
[G] C:\Programme\Gemeinsame Dateien\Blizzard Entertainment\WORLD OF WARCRAFT\Uninstall.exe	[PX5: E831155000E0922510EF06D217B90F00F4D1E581]
[G] C:\WINDOWS\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\accicons.exe	[PX5: C71AFF7200E4C034107F092DDDE82A00D66C6F87]
[G] C:\WINDOWS\system32\rsvp.exe	[PX5: 708EE76900E163D906880231F30F2D00092EA184]
[G] C:\WINDOWS\system32\smlogsvc.exe	[PX5: 0063828A000D248270C601BE77827C00A2194108]
[G] C:\Programme\Windows NT\Zubehör\wordpad.exe	[PX5: C3A1640700874F324C3903B2B3F54E00860FB52D]
[G] C:\WINDOWS\system32\calc.exe	[PX5: 5BDBC96E001A8363C02501E8D53F0300B3AF85ED]
[G] C:\WINDOWS\system32\aaclient.dll	[PX5: 2BC14607004B78B114B10262E75327006441A782]
[G] C:\WINDOWS\system32\nwiz.exe	[PX5: 724010C500D17651E0AD18B1A5724B004CABB53B]
[G] C:\WINDOWS\system32\progman.exe	[PX5: C2D0D75400905436AC5401B82CBC63000C9C338C]
[G] C:\WINDOWS\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\xlicons.exe	[PX5: C71AFF7200E4C034407F062DDDE82A003F68949A]
[G] C:\WINDOWS\system32\sndvol32.exe	[PX5: B753B5C9006E7A81222602D8A87144001171B1C7]
[G] C:\WINDOWS\system32\locator.exe	[PX5: C098618900F74D3F26E60100761A4300F93DBBB2]
[G] C:\WINDOWS\system32\wbem\wmiapsrv.exe	[PX5: 8D84DA5D00996F52EED70198F51E9500A53970F0]
[G] C:\WINDOWS\system32\mstask.dll	[PX5: 321042F9001D82A846EA04DDAB61E800A560DE14]
[G] C:\WINDOWS\system32\spider.exe	[PX5: F759224C009972213A3E08A1DAEB49001388940D]
[G] C:\WINDOWS\system32\restore\rstrui.exe	[PX5: 9C282F9A000EC472E2A60574F928F500637193E2]
[G] C:\WINDOWS\System32\ipnathlp.dll	[PX5: 046BA961005057071A0A05CB74F49800544CD57A]
[G] C:\Programme\Avira\AntiVir PersonalEdition Classic\avconfig.cpl	[PX5: AAC5407401E9E37C11A001E93710970046DA2E33]
[G] C:\Programme\GIMP-2.0\setup\unins000.exe	[PX5: F61B8FB308550E74725B0A1B8473C000281F43F5]
[G] C:\WINDOWS\system32\msnsspc.dll	[PX5: 6F72DF3D005CC4A2701D04BEAA18D400F9279311]
[G] C:\WINDOWS\System32\upnphost.dll	[PX5: CD442C0200D51675DADD02038E281C00EEEB7F13]
[G] C:\WINDOWS\system32\msh261.drv	[PX5: AA822DF30099A38AF0B2026CE23AD800FA7F3FEB]
[G] C:\WINDOWS\Temp\alcxwdm.sys	[PX5: 4CEAB620004D16B6FB263EFF50501300079C8CDE]
[G] C:\WINDOWS\system32\extmgr.dll	[PX5: 1D30EAA100596554081202F36BC38F00B8925651]
[G] C:\WINDOWS\system32\icardres.dll.mui	[PX5: 3D2211B90899E1891671097DF9A968002EA46728]
[G] C:\WINDOWS\system32\fdeploy.dll	[PX5: 65F682B700855D402CF0017DB93F2E00FA12DA1A]
[T] C:\Programme\Ahead\Nero StartSmart\NeroStartSmart.exe	[PX5: CC98654656F2EAC0505548F02D601700D9EE670C]
[G] C:\WINDOWS\system32\wiashext.dll	[PX5: E71ECCFF0016D3870CE6094A5005CD00847A4A6D]
[G] C:\WINDOWS\system32\tlntsvr.exe	[PX5: 163BD31900824DEE262A010FD6E800009E118F14]
[G] C:\WINDOWS\system32\mobsync.exe	[PX5: BA095FAB00CB46B7340C020A24EABF00D3A2EFFD]
[G] C:\WINDOWS\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\outicon.exe	[PX5: C71AFF7200E4C034207F0C2DDDE82A002CBF5C0F]
[G] C:\WINDOWS\system32\mscories.dll	[PX5: A1E5D46000077E234AFE018627387200E6C886DB]
[G] C:\WINDOWS\system32\zipfldr.dll	[PX5: 0409FB2200DC1034363B05F277D48C006C336B51]
[G] C:\WINDOWS\system32\shimgvw.dll	[PX5: 77ABEAD8001D161CB64206076D225000958F1028]
[G] C:\Programme\MSN Messenger\fsshext.8.1.0178.00.dll	[PX5: 8843DBEC703CE08BE7AC042B1C39BD0022FB3418]
[G] C:\Programme\Messenger\msmsgs.exe	[PX5: D52049CE00467CB2DEE5194C868B0400A0B20058]
[G] C:\WINDOWS\system32\diskcopy.dll	[PX5: EF6E8EEC00AD9FA2F69816147555B90088C3EABF]
[G] C:\WINDOWS\system32\drivers\rmcast.sys	[PX5: 21049E93803BC45319AC033F5C8921009305ED5B]
[G] C:\WINDOWS\System32\vssvc.exe	[PX5: 4F4F125B0063B25078510467CE78500025589D44]
[G] C:\WINDOWS\system32\wuaucpl.cpl	[PX5: 1382818FC889CA744AEA035D901BA600C7CA323E]
[G] C:\WINDOWS\system32\ntmssvc.dll	[PX5: F78538ED0075421FB0E2060654EEA100C67E6635]
[G] C:\WINDOWS\Temp\newdev.dll	[PX5: 99890A6800ACA7CDD6C4037FCE1C5C004775802A]
[G] C:\Programme\Java\jre1.6.0_07\bin\ssv.dll	[PX5: BF6C53BE905E64EBC5C107992F134700F7AB1E2C]
[G] C:\WINDOWS\System32\dmadmin.exe	[PX5: 9DAD29BC005F631F703403FC17FDD100E7A1A765]
[G] C:\WINDOWS\msagent\agentpsh.dll	[PX5: 8176B90900FAAFC85EF900E8D2175300A3725A5E]
[G] C:\WINDOWS\system32\iac25_32.ax	[PX5: EAC29A76003441C70C3E03C3D0017F00209383FB]
[G] C:\WINDOWS\system32\drivers\tcpip6.sys	[PX5: D4E30D4B407CD59972E20360C1250500064EC71A]
[G] C:\WINDOWS\system32\ir50_32.dll	[PX5: 8FA030FE0030B5D3865F0B4087D04200DC81B07C]
[G] C:\WINDOWS\System32\XPSSHHDR.DLL	[PX5: 6D8A61165087D5F3E7CA08368231D70087274832]
[G] C:\WINDOWS\system32\ir41_32.ax	[PX5: EB73773900F052DDF2050C8DC62D72002B859BD5]
[G] C:\WINDOWS\system32\l3codeca.acm	[PX5: 928B739A00753693703504F2BD395E000DAF54E3]
[G] C:\Programme\Ahead\CoverDesigner\CoverDes.exe	[PX5: C4CC7514006F8C60407325BB8F121500FBD01918]
[G] C:\WINDOWS\system32\msaud32.acm	[PX5: 403E6F060071FB42803204A459B144002CAF45FC]
[G] C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll	[PX5: 40139879C807CB2A8D0D0A172875BF00F82A6A43]
[G] C:\WINDOWS\system32\iedkcs32.dll	[PX5: 7DEB7206001450F6DE7F057DD6496700D2DD0B1D]
[G] C:\Programme\Ahead\Nero BackItUp\BackItUp.exe	[PX5: EEA9AE0800A1B732C0B0575BCB698F00C54AFCFC]
[G] C:\WINDOWS\system32\wscui.cpl	[PX5: 38F0E9A2008D2D5D44C7025A980D1D00C971CBC0]
[G] C:\Programme\Ahead\Nero Toolkit\InfoTool.exe	[PX5: 0060946A00AE4104009808E6B07F560012DC45F6]
[G] C:\Programme\Mozilla Thunderbird\thunderbird.exe	[PX5: 113E4331707DDB0EB8D281681B604C000FD64DC2]
[G] C:\WINDOWS\system32\commdlg.dll	[PX5: B3E50C8AD0643BD6833B00504A812E004DACF602]
[G] C:\Programme\Teamspeak2_RC2\TeamSpeak.exe	[PX5: E355AF1000D15218EA1715571DA1E20018D4F8C0]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Speech\sapi.cpl	[PX5: E1FD425B008F60D070A6029990253B00F74D9023]
[G] C:\WINDOWS\system32\syncui.dll	[PX5: 2A624C8B00C86671061103097653160019E4B20F]
[G] C:\Programme\GIMP-2.0\bin\gimp-2.4.exe	[PX5: 0D54793D089D24047C093BB6A3EE3600567AB2C3]
[G] C:\Programme\QuickTime\QuickTimePlayer.exe	[PX5: B712FA6230C65CD5255475EF07CDD2005DC5CAE8]
[G] C:\Programme\Ahead\Nero Toolkit\DriveSpeed.exe	[PX5: 3CB267E00093BD85107909308D74E100FB13B697]
[G] C:\Programme\Ahead\ImageDrive\ImageDrive.exe	[PX5: 42FA917058527DD1A0F60D342EA7C600F556A152]
[G] C:\Programme\QuickTime\QTSystem\QuickTime.cpl	[PX5: B0122D6500257151204B1725AF2250009B177C11]
[G] C:\Programme\Ahead\Nero Toolkit\CDSpeed.exe	[PX5: 6AF8FC3100B33DA5B0CA126B1280C9008CDFA0A6]
[G] C:\WINDOWS\System32\xmlprov.dll	[PX5: 1A5A94EB00267AA8F8DE0187B23415007B3DDA7D]
[G] C:\WINDOWS\system32\drivers\bthport.sys	[PX5: ADE8AA1880E8EAFB2A08044988134B00EE1E8E64]
[G] C:\WINDOWS\system32\sessmgr.exe	[PX5: 477E55D70018B69A304A02603F6C7D00EA5BF613]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE	[PX5: F61B8D0330B79FF65C6601A611B00C00EFE13B0C]
[G] C:\Programme\Ahead\Nero SoundTrax\SoundTrax.exe	[PX5: 28AD14A657EA761EF0E11B4EF806E20000CFF363]
[G] C:\WINDOWS\Installer\{90110407-6000-11D3-8CFE-0150048383C9}\wordicon.exe	[PX5: C71AFF7200E4C034607F042DDDE82A0003B46094]
[G] C:\WINDOWS\System32\drivers\dmboot.sys	[PX5: 917F15208042015F36C20C3622393800AAAC0617]
[G] C:\WINDOWS\system32\spmsg.dll	[PX5: C1F986ED784142B8499D0023A78E9D0083E17BB0]
[G] C:\WINDOWS\Temp\alcupd.exe	[PX5: 3F84169A00103B91D0F10466B6B7D800493AF62A]
[G] C:\WINDOWS\system32\drivers\mtlstrm.sys	[PX5: 5C03650C006804A7FAD51340E559B800B2F2DF69]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\TextConv\RECOVR32.CNV	[PX5: A0E75DBF40F76812782F00BCF0A48A0030265CAE]
[G] C:\WINDOWS\system32\appwiz.cpl	[PX5: 6E8AAF910009EC3778E80862ABBFE20044873D9F]
[G] C:\WINDOWS\system32\hticons.dll	[PX5: 972AB3460053F819AE270059C500DC000BC6A5DC]
[G] C:\Programme\Electronic Arts\EADM\Core.exe	[PX5: DA854F05002D88E0B01E292834E009003E3E7AB0]
[G] C:\WINDOWS\system32\drwtsn32.exe	[PX5: A6E299D4002B6CDFB8AF005912C34700F1861737]
[G] C:\WINDOWS\system32\mmsys.cpl	[PX5: 72E6A80F00BD99568A530964000F30005EA171F0]
[G] C:\WINDOWS\system32\winspool.exe	[PX5: F5BB157440E5748C08D600021F9AD300B79BCD14]
[G] C:\WINDOWS\system32\DRIVERS\mssmbios.sys	[PX5: C55BF06D80F019CA3C16000D43776900152A33A1]
[G] C:\WINDOWS\system32\deskmon.dll	[PX5: 5CC3956000B491F042CF002CF37E350020F75D1D]
[G] C:\WINDOWS\system32\drivers\ch7xxnt5.dll	[PX5: 9CA6D35A3FDA46E93C6100BF4DDD2A00DCD51233]
[G] C:\WINDOWS\system32\drivers\slnt7554.sys	[PX5: 7E3AB854FF177A8EF97F01B5C9799B0044CD1C46]
[G] C:\WINDOWS\system32\DRIVERS\NdisIP.sys	[PX5: 92D82929807F4CDE2A6000D7EF7E8C00B62E081D]
[G] C:\WINDOWS\System32\iprtrmgr.dll	[PX5: 0C104A8B00965069B4E1029692325900AFEA779C]
[G] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL	[PX5: 0F1AFB4348440729BAFF1329BEE4AB0046B37CB1]
[G] C:\WINDOWS\system32\drivers\hsfcxts2.sys	[PX5: B01E5EF200315B7474880AC61620FE005A82CE5F]
[G] C:\WINDOWS\System32\appmgmts.dll	[PX5: FC70B81800A31C86AEBB0245641AC90011FB32AB]
[G] C:\WINDOWS\system32\microsoft.managementconsole.dll	[PX5: F33B901100E23444D070026436120F006D885548]
[G] C:\Programme\Movie Maker\moviemk.exe	[PX5: 94F4457200FAE99A4EB336E8ADA45B0048992F02]
[G] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe	[PX5: A3F88E9990E9E8631869066471B27600C6D043A7]
[G] C:\WINDOWS\System32\qagentrt.dll	[PX5: C2B43E9900CAF2D77E5704363C56D2001BCABEB0]
[G] C:\WINDOWS\system32\drivers\mtxparhm.sys	[PX5: 58EEB961806700F0E8150672FF705700E15F3A2C]
[G] C:\WINDOWS\system32\qmgr.dll	[PX5: 3A63B78D00BFDB223E6B0674CA0FA100831E5E70]
[G] C:\WINDOWS\system32\perfnet.dll	[PX5: 63E9A75F00BCD16348B80095DAD26B005C351E5C]
[G] C:\Programme\Gemeinsame Dateien\System\Ole DB\oledb32.dll	[PX5: 0D2370FB00338CDA7052071F10AD9200B50DD289]
[G] C:\WINDOWS\System32\query.dll	[PX5: 0076F3E600EB19B200C6160614460F00AF59C557]
[G] C:\WINDOWS\system32\msvidc32.dll	[PX5: 9D16A14F0073A8EC64FF00E1300C6800892195BF]
[G] C:\WINDOWS\system32\DRIVERS\HPZius12.sys	[PX5: 01EEDE29406EC10C549F00F5B3743B0012C1235F]
[G] C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe	[PX5: 4314BDD50085E18130820D7AF76F8B00D721FF20]
[G] C:\WINDOWS\system32\DRIVERS\secdrv.sys	[PX5: 84A9A7CB006F9ECC508100883E7135006D51A95C]
[G] C:\WINDOWS\System32\dot3svc.dll	[PX5: 974D557C00A7F21C0872021DAD1C0200EB3353D4]
[G] C:\WINDOWS\System32\kmsvc.dll	[PX5: CFEAD4E800AE0D31F0AF0051E9ED7D00E7DF66B8]
[G] C:\Programme\Internet Explorer\Connection Wizard\icwconn1.exe	[PX5: 095F1FE6001F453456AC035051E85C000746D66F]
[G] C:\WINDOWS\system32\drivers\slntamr.sys	[PX5: 2D73A613FED6C4502D2F0603BB1BA000441F5C5B]
[G] C:\WINDOWS\Network Diagnostic\xpnetdiag.exe	[PX5: 316B099D00042E5F84FB08EFB197E400B8631058]
[G] C:\WINDOWS\system32\twext.dll	[PX5: 8356000E007BABD8E2240001D095F4003281001E]
[G] C:\WINDOWS\system32\drivers\atv06nt5.dll	[PX5: 366698F63FC80BE037260071F2D88D007996ED68]


End of Prevx Scan Log - http://www.prevx.com
         
allerdings hab ich da nur dies eine log, Chris, du hattest ja um mehrere gebeten, oder waren damit alle insgesamt gemeint?
Scheint ja sauber zu sein soweit... vielleicht isses doch irgendwas im betriebssystem :-(
falls da ein Kundiger ne Idee hat durch die logs oder erste symptombeschreibung, ich bin offen für Anregungen und verbesserungsvorschläge!
tausend dank auch

Alt 01.12.2008, 07:38   #9
Chris4You
 
DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe - Standard

DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe



Hi,
hast Du in der Zwischenzeit was installiert, was dieses Verhalten auslösen könnte? Rechner ist soweit Ok (Ventilatoren laufen alle etc.)?

Welche Prozesse verbraten die Rechenzeit?

Wir müssen etwas tiefer graben:
RSIT
Random's System Information Tool (RSIT) von random/random liest Systemdetails aus und erstellt ein aussagekräftiges Logfile.
Lade Random's System Information Tool (RSIT) herunter http://filepony.de/download-rsit/
speichere es auf Deinem Desktop.
Starte mit Doppelklick die RSIT.exe.
Klicke auf Continue, um die Nutzungsbedingungen zu akzeptieren.
Wenn Du HijackThis nicht installiert hast, wird RSIT das für Dich herunterladen und installieren.
In dem Fall bitte auch die Nutzungsbedingungen von Trend Micro (http://de.trendmicro.com/de/home) für HJT akzeptieren "I accept".
Wenn Deine Firewall fragt, bitte RSIT erlauben, ins Netz zu gehen.
Der Scan startet automatisch, RSIT checkt nun einige wichtige System-Bereiche und produziert Logfiles als Analyse-Grundlage.
Wenn der Scan beendet ist, werden zwei Logfiles erstellt und in Deinem Editor geöffnet.
Bitte poste den Inhalt von C:\rsit\log.txt und C:\rsit\info.txt (<= minimiert) hier in den Thread.

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 06.12.2008, 20:31   #10
Lemuren-Frau
 
DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe - Standard

DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe



ok!
alles was ich seit erstem Auftreten dieses Problems installiert habe war (haha...) das neue WoW-Addon, sonst hat sich Thunderbird aktualisiert und die Ventilatoren laufen alle, sind manchmal etwas laut, werden aber auch mind. 1x/ Jahr von Staub befreit ;-)
heute gings bisher, aber was größeres schreiben ist in dem Zustand sehr nervenaufreibend bis fast unmöglich- weshalb ich auch deutlich mehr als sonst einen der rechner bei meinem Freund genutzt habe, man brauch was funktionsfähiges zum arbeiten*stöhn*

welche Prozesse "die rechenzeit verbraten", kann ich so nich sagen, aber deshalb ja wohl RSIT?

hier aber nun weniger rumgelaber sondern die log.txt
Code:
ATTFilter
Logfile of random's system information tool 1.04 (written by random/random)
Run by XXX at 2008-12-06 20:17:19
Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (21%) free of 16 GB
Total RAM: 1023 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:17:27, on 06.12.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\buffed.de\Blasc\BLASC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Dropbox\Dropbox.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\PrevxCSI\prevxcsi.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\PrevxCSI\prevxcsi.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Dokumente und Einstellungen\XXX\Desktop\RSIT.exe
C:\Dokumente und Einstellungen\XXX\Desktop\XXX.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [BLASC] "C:\Programme\buffed.de\Blasc\BLASC.exe" silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Programme\Dropbox\Dropbox.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programme\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programme\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: CSIScanner - Prevx - C:\Programme\PrevxCSI\prevxcsi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6292 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Klick-Wartung.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll [2008-08-08 691656]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-17 266497]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-02 13529088]
"nwiz"=nwiz.exe /install []
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SunJavaUpdateSched"=C:\Programme\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-02 86016]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"AppleSyncNotifier"=C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-10 116040]
"QuickTime Task"=C:\Programme\QuickTime\QTTask.exe [2008-05-27 413696]
"iTunesHelper"=C:\Programme\iTunes\iTunesHelper.exe [2008-07-30 289064]
"Adobe Reader Speed Launcher"=C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BLASC"=C:\Programme\buffed.de\Blasc\BLASC.exe [2008-11-05 2246144]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Dokumente und Einstellungen\XXX\Startmenü\Programme\Autostart
Dropbox.lnk - C:\Programme\Dropbox\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Eine DLL-Datei als Anwendung ausführen"
"D:\Programme\World of Warcraft\BackgroundDownloader.exe"="D:\Programme\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\Warcraft III\Warcraft III.exe"="C:\Programme\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"D:\Programme\ICQ6\ICQ.exe"="D:\Programme\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Programme\Electronic Arts\EADM\Core.exe"="C:\Programme\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Programme\Bonjour\mDNSResponder.exe"="C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Programme\iTunes\iTunes.exe"="C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Programme\MSN Messenger\livecall.exe"="C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Programme\Skype\Phone\Skype.exe"="C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\MSN Messenger\msnmsgr.exe"="C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Programme\MSN Messenger\livecall.exe"="C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2008-12-06 20:17:19 ----D---- C:\rsit
2008-12-06 19:55:29 ----D---- C:\WINDOWS\LastGood
2008-11-30 17:54:50 ----D---- C:\Programme\PrevxCSI
2008-11-30 17:54:46 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PrevxCSI
2008-11-30 16:40:59 ----D---- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Malwarebytes
2008-11-30 16:40:50 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2008-11-30 16:40:50 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2008-11-26 22:50:15 ----D---- C:\Programme\OpenOffice.org 3
2008-11-15 14:44:04 ----D---- C:\WINDOWS\pss
2008-11-14 11:24:08 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-14 11:23:57 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-14 11:22:54 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$

======List of files/folders modified in the last 1 months======

2008-12-06 20:17:25 ----D---- C:\WINDOWS\Prefetch
2008-12-06 20:07:43 ----D---- C:\Programme\Mozilla Firefox
2008-12-06 19:56:46 ----D---- C:\WINDOWS\Temp
2008-12-06 19:55:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-06 19:55:53 ----HD---- C:\WINDOWS\inf
2008-12-06 19:55:53 ----D---- C:\WINDOWS\system32
2008-12-06 19:55:46 ----D---- C:\WINDOWS\Help
2008-12-06 19:55:29 ----D---- C:\WINDOWS
2008-12-06 19:55:28 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-06 19:54:32 ----D---- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Dropbox
2008-11-30 19:33:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-30 19:32:45 ----D---- C:\Programme\Mozilla Thunderbird
2008-11-30 17:54:51 ----D---- C:\WINDOWS\system32\drivers
2008-11-30 17:54:50 ----RD---- C:\Programme
2008-11-27 12:36:48 ----D---- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\gtk-2.0
2008-11-27 11:37:24 ----A---- C:\WINDOWS\NeroDigital.ini
2008-11-26 22:56:14 ----SHD---- C:\WINDOWS\Installer
2008-11-26 22:55:17 ----RSD---- C:\WINDOWS\assembly
2008-11-26 22:51:32 ----RSD---- C:\WINDOWS\Fonts
2008-11-26 22:49:15 ----D---- C:\Programme\OpenOffice.org 2.3
2008-11-15 14:44:17 ----SH---- C:\boot.ini
2008-11-15 14:44:17 ----A---- C:\WINDOWS\win.ini
2008-11-15 14:44:17 ----A---- C:\WINDOWS\system.ini
2008-11-15 14:30:11 ----D---- C:\Programme\Gemeinsame Dateien
2008-11-14 11:24:07 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-14 11:24:05 ----A---- C:\WINDOWS\imsins.BAK
2008-11-12 16:16:02 ----D---- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\OpenOffice.org2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-12 75072]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2008-04-21 21248]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-01-24 4127488]
R3 avgntflt;avgntflt; \??\C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 hidusb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12288]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-02 6554496]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-04-14 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-04-14 13056]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2-aktivierter Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Miniporttreiber für Microsoft USB Open Host-Controller; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 aqxzpws6;aqxzpws6; C:\WINDOWS\system32\drivers\aqxzpws6.sys []
S3 CBPSp50;CBPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\CBPSp50.sys [2005-11-19 20096]
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-21 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 OVT511Plus;Dual Mode USB Camera Plus; C:\WINDOWS\System32\Drivers\omcamvid.sys [2001-09-18 167816]
S3 RT73;D-Link USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\Dr71WU.sys [2005-11-03 245504]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;AntiVir PersonalEdition Classic Planer; C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-24 68865]
R2 AntiVirService;AntiVir PersonalEdition Classic Guard; C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-24 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
R2 Bonjour Service;Bonjour-Dienst; C:\Programme\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 CSIScanner;CSIScanner; C:\Programme\PrevxCSI\prevxcsi.exe [2008-11-30 920632]
R2 MDM;Machine Debug Manager; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-02 159812]
R3 iPod Service;iPod-Dienst; C:\Programme\iPod\bin\iPodService.exe [2008-07-30 532264]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 ose;Office Source Engine; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Messenger USN Journal Reader-Service für freigegebene Ordner; C:\Programme\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------
         

Alt 06.12.2008, 20:35   #11
Lemuren-Frau
 
DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe - Standard

DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe



und die info.txt
Code:
ATTFilter
info.txt logfile of random's system information tool 1.04 2008-12-06 20:17:30

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.42-->"C:\Programme\7-Zip\Uninstall.exe"
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q
Adobe Reader 8.1.3 - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-A81300000003}
Apple Mobile Device Support-->MsiExec.exe /I{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Avira AntiVir Personal - Free Antivirus-->C:\Programme\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
BLASC 2.0-->C:\Programme\buffed.de\Blasc\UnInstaller.exe
Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
DAEMON Tools Toolbar-->C:\Programme\DAEMON Tools Toolbar\uninst.exe
Dropbox-->"C:\Programme\Dropbox\uninstall.exe"
EA Download Manager-->C:\PROGRA~1\GEMEIN~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{EF7E931D-DC84-471B-8DB6-A83358095474} /l1031 
GIMP 2.4.1-->"C:\Programme\GIMP-2.0\setup\unins000.exe"
HijackThis 2.0.2-->"C:\Dokumente und Einstellungen\XXX\Desktop\HijackThis.exe" /uninstall
Hotfix für Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix für Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
ICQ6-->"C:\Programme\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
IH85-->C:\Programme\InstallShield Installation Information\{66723F8E-3F1D-4250-8A81-B2C81777467E}\setup.exe -runfromtemp -l0x0009
IrfanView (remove only)-->C:\Programme\IrfanView\iv_uninstall.exe
iTunes-->MsiExec.exe /I{3DE0053C-FD9A-483E-B7C9-B06E4392206E}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Malwarebytes' Anti-Malware-->"C:\Programme\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU-->MsiExec.exe /I{9309DD7E-EBFE-3C95-8B47-30D3A012F606}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU-->MsiExec.exe /I{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5 Language Pack - DEU-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - deu\setup.exe
Microsoft .NET Framework 3.5 Language Pack - deu-->MsiExec.exe /I{1545207E-C6F3-31D7-9918-BDBB65075FBF}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110407-6000-11D3-8CFE-0150048383C9}
Mozilla Firefox (3.0.4)-->C:\Programme\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.18)-->C:\Programme\Mozilla Thunderbird\uninstall\helper.exe
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero 6 Ultra Edition-->C:\Programme\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OpenOffice.org 3.0-->MsiExec.exe /I{04B45310-A5FE-4425-BFCA-1A6D8920DE74}
Prevx CSI-->"C:\Programme\PrevxCSI\prevxcsi.exe" /prop UNINSTALL=Y
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\GEMEIN~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Programme\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x7  -removeonly
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Sicherheitsupdate für Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Sicherheitsupdate für Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
TeamSpeak 2 RC2-->C:\Programme\Teamspeak2_RC2\unins000.exe
Update für Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update für Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
VideoLAN VLC media player 0.8.6c-->C:\Programme\VideoLAN VLC\uninstall.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{279DB581-239C-4E13-97F8-0F48E40BE75C}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
World of Warcraft-->C:\Programme\Gemeinsame Dateien\Blizzard Entertainment\WORLD OF WARCRAFT\Uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Security center information======

AV: Avira AntiVir PersonalEdition

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Programme\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Programme\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Programme\Java\jre1.6.0_05\lib\ext\QTJava.zip

-----------------EOF-----------------
         
vielen dank auch nochmals für den Zeitaufwand, wenn ich könnte, würd ich dir was gutes tun

Alt 08.12.2008, 16:34   #12
Chris4You
 
DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe - Standard

DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe



Hi,

die Logs geben alle nicht sehr viel her...
Du kannst im Taskmanager die Spalte "CPU-Auslastung (%)" einblenden
und zwar durch:
Registerkarte "Prozesse" auswählen, Ansicht->Spalten auswählen->CPU-Auslastung.
Durch Klick auf den Spaltenkopf kann dann sortiert werden (auf- bzw. absteigend).
Wenn der Prozess nicht unsichtbar läuft, dann sollte er am Anfang oder Ende
der Liste stehen und ca. zwischen 90-100% verbraten (außer es ist der Leerlaufprozess,
der immer dann rennt, wenn es nichts zu tun gibt, 90-100% bei dem sind "normal");

Dann machen wir zur Sicherheit noch einen Rootkitscann:
Avira-Antirootkit
Downloade Avira Antirootkit und Scanne dein system, poste das logfile.
http://dl.antivir.de/down/windows/antivir_rootkit.zip

MBR-Rootkit

Lade den MBR-Rootkitscanner von GMER auf Deine Bootplatte:
http://www2.gmer.net/mbr/mbr.exe
Merke Dir das Verzeichnis wo Du ihn runtergeladen hast;
Start->Ausführen->cmd
Wechsle in das Verzeichnis des Downloads und starte durch Eingabe
von mbr das Programm...

Das Ergebnis sollte so aussehen:
Zitat:
D:\Downloads>mbr
Stealth MBR rootkit detector 0.2.4 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
In dem Verzeichnis wo mbr.exe liegt findest Du das Log,

poste es im Thread;

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Antwort

Themen zu DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe
.dll-datei, aktiv, antivir, antivirus, avira, bli, cpu-auslastung, cursor, diverse, erste mal, festplatte, friert, gelöscht, heulen, hängen, immer wieder, kis, mehrere, musik, ratlos, screenshot, sp2, system, taskmanager, tipps, verseucht, windows, windows xp, wo?




Ähnliche Themen: DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe


  1. Virus infiziert mehrere Systeme, verbreitet sich scheinbar auch übers Netzwerk. Virenprogramme "blind"
    Log-Analyse und Auswertung - 04.03.2015 (17)
  2. Seltsame Fehlermeldung von Avira und PC ist seit neuestem sehr langsam...
    Plagegeister aller Art und deren Bekämpfung - 31.01.2015 (40)
  3. Mehrere Funde von Java-Viren durch Avira
    Log-Analyse und Auswertung - 23.02.2014 (16)
  4. Mehrere Trojaner von Avira gefunden
    Log-Analyse und Auswertung - 10.04.2013 (7)
  5. AVIRA findet mehrere Trojaner
    Plagegeister aller Art und deren Bekämpfung - 23.02.2013 (4)
  6. Avira fand mehrere ADWARE/Yontoo.Gen + Install Core.Gen
    Log-Analyse und Auswertung - 17.02.2013 (8)
  7. Mehrere verschiedene Funde von Avira
    Plagegeister aller Art und deren Bekämpfung - 27.11.2012 (28)
  8. Malwarebytes Fund Backdoor.Agent / Avira mehrere Funde
    Plagegeister aller Art und deren Bekämpfung - 08.08.2012 (3)
  9. Avira hat mehrere Schädlinge gefunden
    Plagegeister aller Art und deren Bekämpfung - 29.06.2012 (1)
  10. Mehrere Trojanerwarnungen in AVIRA und Malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 18.06.2012 (1)
  11. Blind und Taub
    Netzwerk und Hardware - 07.01.2012 (4)
  12. avira meldet mehrere funde mit ADWARE im namen - gefährlich?
    Plagegeister aller Art und deren Bekämpfung - 13.04.2011 (15)
  13. Avira AntiVir Update funktioniert nicht, seltsame Fehlermeldung
    Antiviren-, Firewall- und andere Schutzprogramme - 18.03.2011 (30)
  14. avira meldet mehrere trojaner
    Log-Analyse und Auswertung - 23.08.2010 (40)
  15. Seltsame Fehlermeldung+Avira nicht erkannt von Sicherheitssystem
    Alles rund um Windows - 25.05.2010 (4)
  16. Avira endeckt mehrere Probleme (Swizzor, Malware...)
    Log-Analyse und Auswertung - 12.08.2008 (2)

Zum Thema DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe - Hallo, ich bin jetzt das erste Mal hier und hatte beim googeln das Gefühl bekommen, hier Kompetenz antreffen zu können? (betrachtet mich wie im Titel gesagt einfach mal als DAU) - DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe...
Archiv
Du betrachtest: DAU hat Befallsverdacht, Avira blind+mehrere seltsame .exe auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.