Hy, ich habe auch das Problem:
Seit gestern zeigt er mir an, dass TR/PSW.Jomloon.E.40 jeweils in der immag32.dll und in der brewers.dll ist.
Reporte stell ich gleich online, malwarebytes ist noch am arebiten /und hat schon 2 infizierte dateien gefunden).
LOG von RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Chris&Jasmina at 2010-02-02 18:58:46
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 91 GB (60%) free of 153 GB
Total RAM: 2046 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:58:55 SanchezZ, on 02.02.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Programme\Java\jre6\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE
C:\Programme\Fingerprint\psqltray.exe
C:\Programme\Avira\AntiVir Desktop\avguard.exe
C:\Programme\Avira\AntiVir Desktop\sched.exe
C:\Programme\Avira\AntiVir Desktop\avgnt.exe
C:\Programme\hdtv\MediaDetector.exe
C:\Programme\Steganos Safe Home\SteganosAgent.exe
C:\Programme\Avira\AntiVir Desktop\avscan.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Malwarebytes' Anti-Malware\mbam.exe
C:\Dokumente und Einstellungen\Chris&Jasmina\Desktop\RSIT.exe
C:\Programme\trend micro\Chris&Jasmina.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<TITLE>ERROR: The requested URL could not be retrieved</TITLE>
<STYLE type="text/css"><!--BODY{background-color:#ffffff;font-family:verdana,sans-serif}PRE{font-family:sans-serif}--></STYLE>
</HEAD><BODY>
<H1>ERROR</H1>
<H2>The requested URL could not be retrieved</H2>
<HR noshade size="1px">
<P>
While trying to process the request:
<PRE>
GET /askbardis/askhpr/askHomePageSet?tbr=BT HTTP/1.0
Accept: Accept-Language: en-us
Content-Type: text/html
User-Agent: Ask.com
Host: toolbar.ask.com
Content-Length: 4096

</PRE>
<P>
The following error was encountered:
<UL>
<LI>
<STRONG>
Invalid Request
</STRONG>
</UL>

<P>
Some aspect of the HTTP Request is invalid. Possible problems:
<UL>
<LI>Missing or unknown request method
<LI>Missing URL
<LI>Missing HTTP Identifier
R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Programme\AskSearch\bin\DefaultSearch.dll (file missing)
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Programme\Fingerprint\launcher.exe" /startup
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [BlazeServoTool] "C:\Programme\hdtv\MediaDetector.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\DOKUME~1\CHRIS&~1\LOKALE~1\Temp\E_SD.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Programme\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Unknown owner - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O24 - Desktop Component 1: WEB.DE - E-Mail - Suche - DSL - Modem - Shopping - Entertainment - http://www.web.de/
O24 - Desktop Component 2: Helmut-Schmidt-Universität :: Startseite - http://www.hsu-hh.de/hsu/index.php

--
End of file - 6402 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Programme\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Programme\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-04 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-04 455168]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-10-24 8527872]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-10-24 81920]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-06-13 16377344]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"SunJavaUpdateSched"=C:\Programme\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"PSQLLauncher"=C:\Programme\Fingerprint\launcher.exe [2007-03-28 49168]
"avgnt"=C:\Programme\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BlazeServoTool"=C:\Programme\hdtv\MediaDetector.exe [2007-03-07 270336]
"EPSON Stylus DX7400 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE [2007-04-12 182272]
"BitTorrent DNA"=C:\Programme\DNA\btdna.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Programme\DAEMON Tools Lite\daemon.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
C:\Programme\MessengerPlus! 3\MsgPlus.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"PnkBstrA"=2
"MSIServer"=2
"JavaQuickStarterService"=2
"RichVideo"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\WINDOWS\system32\psqlpwd.dll [2007-03-28 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Spiele\Counter Strike - Condition Zero\czero.exe"="C:\Spiele\Counter Strike - Condition Zero\czero.exe:*:Enabled:Condition Zero Launcher"
"C:\Programme\Power DVD\PowerDVD\PowerDVD.exe"="C:\Programme\Power DVD\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD"
"C:\WINDOWS\system32\LEXPPS.EXE"="C:\WINDOWS\system32\LEXPPS.EXE:*isabled:LEXPPS.EXE"
"C:\Spiele\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\Spiele\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Spiele\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\Spiele\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\Spiele\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\Spiele\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\Programme\Messenger\msmsgs.exe"="C:\Programme\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\Windows Live\Messenger\livecall.exe"="C:\Programme\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programme\BitTorrent\bittorrent.exe"="C:\Programme\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Programme\Sony Ericsson\Update Service\Update Service.exe"="C:\Programme\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\Dokumente und Einstellungen\Chris&Jasmina\Desktop\Counter Strike - Condition Zero\czero.exe"="C:\Dokumente und Einstellungen\Chris&Jasmina\Desktop\Counter Strike - Condition Zero\czero.exe:*:Enabled:Condition Zero Launcher"
"C:\Programme\PASWStatistics18\WinWrapIDE.exe"="C:\Programme\PASWStatistics18\WinWrapIDE.exe:*isabled:SPSS Basic Script Editor"
"C:\Programme\PASWStatistics18\paswstat.com"="C:\Programme\PASWStatistics18\paswstat.com:*isabled:Statistics18:com"
"C:\Programme\PASWStatistics18\paswstat.exe"="C:\Programme\PASWStatistics18\paswstat.exe:*isabled:Statistics18:exe"
"C:\Spiele\WorldSeriesOfPoker2008\WSOPBFTB.exe"="C:\Spiele\WorldSeriesOfPoker2008\WSOPBFTB.exe:*:Enabled:WSOPBFTB"
"C:\Programme\DNA\btdna.exe"="C:\Programme\DNA\btdna.exe:*:EnabledNA"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programme\Windows Live\Messenger\msnmsgr.exe"="C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Programme\Windows Live\Messenger\livecall.exe"="C:\Programme\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4b7164a8-5655-11de-b469-001cbf7461b7}]
shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{657d6070-bc82-11dd-9a1a-001b382bf016}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe


======List of files/folders created in the last 3 months======

2010-02-02 18:35:00 ----D---- C:\Dokumente und Einstellungen\Chris&Jasmina\Anwendungsdaten\Malwarebytes
2010-02-02 18:34:53 ----D---- C:\Programme\Malwarebytes' Anti-Malware
2010-02-02 18:34:53 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-02-02 18:20:02 ----D---- C:\Programme\trend micro
2010-02-02 18:20:00 ----D---- C:\rsit
2010-02-02 18:10:05 ----D---- C:\Programme\CCleaner
2010-02-02 17:38:06 ----D---- C:\WINDOWS\LastGood
2010-02-02 17:37:59 ----D---- C:\Programme\Avira
2010-02-02 17:31:22 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2010-02-02 17:13:44 ----D---- C:\WINDOWS\system32\NtmsData
2010-01-13 20:06:44 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-06 15:40:48 ----D---- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
2009-12-31 15:46:22 ----D---- C:\Dokumente und Einstellungen\Chris&Jasmina\Anwendungsdaten\DNA
2009-12-27 20:32:04 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-12-27 20:32:04 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-12-27 20:32:04 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-12-27 20:32:03 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-12-27 20:32:03 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-12-27 20:32:03 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-12-27 20:32:03 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-12-27 20:32:02 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-12-27 20:32:02 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-12-27 20:32:02 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-12-27 20:32:02 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-12-27 20:32:02 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-12-27 20:32:02 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-12-27 20:32:00 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-12-27 20:32:00 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-12-27 20:32:00 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-12-27 20:31:59 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-12-27 20:31:59 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-12-27 20:31:59 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-12-27 20:29:04 ----D---- C:\WINDOWS\system32\AGEIA
2009-12-27 20:29:04 ----D---- C:\Programme\AGEIA Technologies
2009-12-15 19:49:11 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SafeNet Sentinel
2009-12-15 19:47:44 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SPSS
2009-12-15 19:47:43 ----D---- C:\Programme\Gemeinsame Dateien\SPSS
2009-12-15 19:47:38 ----D---- C:\Programme\Gemeinsame Dateien\SPSSInc
2009-12-15 19:47:01 ----D---- C:\Programme\PASWStatistics18
2009-12-15 19:46:49 ----A---- C:\WINDOWS\system32\sysprs7.dll
2009-12-15 19:46:49 ----A---- C:\WINDOWS\system32\lsprst7.dll
2009-12-09 22:50:14 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2009-12-09 19:31:13 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-09 19:31:07 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-09 19:31:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-09 19:30:55 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-09 19:30:48 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-01 19:51:54 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-12-01 19:51:37 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-12-01 18:16:25 ----D---- C:\Dokumente und Einstellungen\Chris&Jasmina\Anwendungsdaten\Sony
2009-12-01 18:16:25 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sony
2009-12-01 18:10:03 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-12-01 00:52:13 ----D---- C:\Programme\Gemeinsame Dateien\Sony Shared
2009-12-01 00:49:24 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-12-01 00:48:47 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-12-01 00:45:18 ----D---- C:\Dokumente und Einstellungen\Chris&Jasmina\Anwendungsdaten\Sony Setup
2009-11-25 21:57:29 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 21:57:23 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-11-18 09:39:35 ----D---- C:\Programme\AutostartAdministrator
2009-11-18 01:18:15 ----A---- C:\WINDOWS\system32\MsgPlusLoader.dll
2009-11-17 20:52:25 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-11-17 20:18:17 ----D---- C:\Programme\Gemeinsame Dateien\Windows Live
2009-11-17 17:11:48 ----D---- C:\WINDOWS\pss
2009-11-07 15:48:52 ----AC---- C:\WINDOWS\WKISS.INI

======List of files/folders modified in the last 3 months======

2010-02-02 18:54:05 ----D---- C:\WINDOWS\system32
2010-02-02 18:35:00 ----D---- C:\WINDOWS\Prefetch
2010-02-02 18:34:55 ----D---- C:\WINDOWS\system32\drivers
2010-02-02 18:34:53 ----RD---- C:\Programme
2010-02-02 18:29:01 ----D---- C:\Programme\Mozilla Firefox
2010-02-02 18:17:08 ----D---- C:\WINDOWS\Debug
2010-02-02 18:17:08 ----D---- C:\WINDOWS
2010-02-02 18:17:07 ----D---- C:\WINDOWS\Minidump
2010-02-02 18:17:06 ----D---- C:\WINDOWS\Temp
2010-02-02 17:38:08 ----HD---- C:\WINDOWS\inf
2010-02-02 17:38:07 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-02 17:37:59 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
2010-02-02 17:37:20 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-02 17:36:47 ----SHD---- C:\WINDOWS\Installer
2010-02-02 17:36:47 ----D---- C:\WINDOWS\WinSxS
2010-02-02 17:31:52 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-02-02 17:31:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-01 20:19:17 ----D---- C:\Programme\ArtMoney
2010-01-21 18:23:14 ----D---- C:\Dokumente und Einstellungen
2010-01-21 17:45:03 ----D---- C:\Spiele
2010-01-14 02:04:54 ----SH---- C:\boot.ini
2010-01-14 02:04:54 ----A---- C:\WINDOWS\win.ini
2010-01-14 02:04:54 ----A---- C:\WINDOWS\system.ini
2010-01-13 20:06:17 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-06 15:40:48 ----D---- C:\Programme\Gemeinsame Dateien
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-31 15:43:55 ----D---- C:\Programme\#D-Load
2009-12-31 15:41:16 ----HD---- C:\Programme\InstallShield Installation Information
2009-12-27 20:32:06 ----D---- C:\WINDOWS\system32\DirectX
2009-12-27 20:31:44 ----RSD---- C:\WINDOWS\assembly
2009-12-10 10:56:44 ----D---- C:\WINDOWS\AppPatch
2009-12-09 17:11:40 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-02 21:14:41 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2009-12-01 18:47:49 ----D---- C:\Programme\Power DVD
2009-12-01 18:47:42 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-01 18:44:47 ----D---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Messenger Plus!
2009-12-01 18:16:43 ----D---- C:\Programme\Sony Ericsson
2009-12-01 00:59:01 ----SD---- C:\Dokumente und Einstellungen\Chris&Jasmina\Anwendungsdaten\Microsoft
2009-12-01 00:49:33 ----D---- C:\Programme\Windows Media Player
2009-12-01 00:48:58 ----D---- C:\WINDOWS\system32\LogFiles
2009-11-17 20:18:16 ----SD---- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
2009-11-17 17:12:27 ----D---- C:\WINDOWS\Help
2009-11-05 17:37:53 ----D---- C:\Dokumente und Einstellungen\Chris&Jasmina\Anwendungsdaten\temp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 intelppm;Intel-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 kbdhid;Tastatur-HID-Treiber; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
R1 SLEE_15_DRIVER;Steganos Live Encryption Engine 15 [Driver]; \??\C:\WINDOWS\system32\drivers\Sleen15.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 WmiAcpi;Microsoft Windows-Verwaltungsschnittstelle für ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-11-25 56816]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R3 Arp1394;1394-ARP-Clientprotokoll; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 CmBatt;Treiber für Microsoft-ACPI-Kontrollmethodenkompatible Batterie; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 EC168BDA;EC168BDA service; C:\WINDOWS\system32\DRIVERS\EC168BDA.sys [2007-09-11 87296]
R3 HDAudBus;Microsoft UAA-Bustreiber für High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class-Treiber; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-06-22 4432384]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Maus-HID-Treiber; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-18 12288]
R3 NETw4x32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-05-28 2207232]
R3 NIC1394;1394-Netzwerktreiber; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-10-24 7425248]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2007-03-28 46992]
R3 usbccgp;Microsoft Standard-USB-Haupttreiber; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Miniporttreiber für erweiterten Microsoft USB 2.0-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB-Standardhubtreiber; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Miniporttreiber für universellen Microsoft USB-Hostcontroller; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 ac97intc;Intel(r) 82801 Audiotreiber-Installationsdienst (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 afl2zj52;afl2zj52; C:\WINDOWS\system32\drivers\afl2zj52.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS []
S3 CCDECODE;Untertiteldecoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-04-21 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-04-21 24616]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 jgameenp;jgameenp; \??\C:\DOKUME~1\CHRIS&~1\LOKALE~1\Temp\jgameenp.sys []
S3 MPE;BDA MPE-Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI-Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV-/Videoverbindung; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-09-18 61600]
S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-04-28 9360]
S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-04-28 97184]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys []
S3 streamip;BDA-IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;USB-Audiotreiber (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Microsoft USB-Druckerklasse; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB-Scannertreiber; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB-Massenspeichertreiber; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB-Videogerät (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VIAudio;VIA AC'97 Audiocontroller (WDM); C:\WINDOWS\system32\drivers\ac97via.sys [2004-08-03 84480]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;World Standard Teletext-Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planer; C:\Programme\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Programme\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-10-24 155716]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 IDriverT;InstallDriver Table Manager; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE []
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 JavaQuickStarterService;Java Quick Starter; C:\Programme\Java\jre6\bin\jqs.exe [2009-03-09 152984]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]
S4 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Programme\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
S4 usnjsvc;Messenger USN Journal Reader-Service für freigegebene Ordner; C:\Programme\Windows Live\Messenger\usnsvc.exe []

-----------------EOF-----------------



Maleware:
Malwarebytes' Anti-Malware 1.44
Datenbank Version: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

02.02.2010 19:14:58 SanchezZ
mbam-log-2010-02-02 (19-14-54).txt

Scan-Methode: Vollständiger Scan (C:\|)
Durchsuchte Objekte: 182416
Laufzeit: 37 minute(s), 56 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Programme\AutostartAdministrator\lothargeisinger.de.exe (Trojan.Downloader) -> No action taken.
C:\Programme\AutostartAdministrator\Uninstall.exe (Trojan.Downloader) -> No action taken.
C:\WINDOWS\system32\h@tkeysh@@k.dll (Trojan.Agent) -> No action taken.

Hallo und

Zitat:

Datenbank Version: 3510

Die Signauren waren zum Zeitpunkt des Scans veraltet, bitte Malwarebytes aktualisieren und einen neuen Vollscan machen.