Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Habe per Windows Live Messenger einen Virus geschickt bekommen und ihn leider aktiviert...

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.08.2010, 10:48   #1
andynbg9000
 
Habe per Windows Live Messenger einen Virus geschickt bekommen und ihn leider aktiviert... - Standard

Habe per Windows Live Messenger einen Virus geschickt bekommen und ihn leider aktiviert...



Hallo,

habe letztens einen riesen Fehler gemacht...

Ich habe mich beim Windows Live Messenger angemeldet und eine Offline Nachricht bekommen, in der ein Link war. Ich habe natürlich drafgeklickt und den Download (eine *.scr Datei) geöffnet. Da bekam ich einen Download und den habe ich nätürlich sofort geöffnet. Gemerkt habe ich den Fehler erst als es zu spät war...


Dann hat mein Messenger an alle meine Freunde den Link mit dem Virus weitergeschickt. Darauf habe ich den Messenger sofort deinstalliert und alle per "Meebo"(Online Messenger) gewarnt.

Jetzt habe ich alle meine Virenscanner gestartet und mich im Internet über mein Problem informiert... Da habe ich erst bemerkt, wie schwer diese Viren gelöscht werden können.

Da ich kein wirklicher PC-Spezialist bin, eröffne ich jetzt diesen Thread.

Meine Virenscanner haben schon alles durchgescannt.

Meine Virenscanner:

Malwarebytes Anti Malware (Die Freeware Version)
Spyware Terminator Scan (Auch Freeware)
Avira Antivr Personal (Wieder Freeware)

Logfiles der Virenscanner:

Malwarebytes Anti Malware:

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4503

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

30.08.2010 05:25:26
mbam-log-2010-08-30 (05-25-26).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 405496
Laufzeit: 4 Stunde(n), 26 Minute(n), 25 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
C:\Users\Public\jusched.exe (Trojan.Downloader) -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Public\jusched.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
         
Spyware Terminator Scan:

Code:
ATTFilter
Logfile of Spyware Terminator v2.7.2.125 (db:4.008.027.000)
Scan Time: 29.08.2010 22:42:37  length: 14057 s
Platform: W7 (6.1.0.7600)
User: Admin
Boot Mode: Normal
Scan type: %Custom_Scan%
Scanned Objects: 331751 (Critical:4)
Filter: No System items, No Safe items, No Invalid items

Running Processes
AsLdrSrv.exe [ASUS] : C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
GFNEXSrv.exe : C:\Program Files\ATKGFNEX\GFNEXSrv.exe
HControl.exe [ASUS] : C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
OberonGameConsoleService.exe : C:\Program Files (x86)\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe
ASPG.exe [ASUS] : C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
ALU.exe : C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
sensorsrv.exe [ASUS] : C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
ControlDeckStartUp.exe : C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
ACMON.exe [ATK] : C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
BatteryLife.exe [ATK] : C:\Program Files\P4G\BatteryLife.exe
wcourier.exe : C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
ATKOSD.exe [ASUS] : C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
KBFiltr.exe [ASUS] : C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
WDC.exe [ASUS] : C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
ACEngSvr.exe [ASUSTeK] : C:\Windows\SysWOW64\ACEngSvr.exe
SeaPort.exe [Microsoft Corporation] : C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
TeamViewer_Service.exe [TeamViewer GmbH] : C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
ADSMTray.exe [ASUSTek Computer Inc.] : C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
ADSMSrv.exe [ASUSTek Computer Inc.] : C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
AsScrPro.exe [ASUS] : C:\Windows\AsScrPro.exe
CLMLSvc.exe [CyberLink] : C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
ETDCtrl.exe [ELAN Microelectronic Corp.] : C:\Program Files\Elantech\ETDCtrl.exe
wmpnetwk.exe [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnetwk.exe
jusched.exe [Lz5ixxEFh2] : C:\Users\Public\jusched.exe

Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain = 

BHO
02 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -  [Microsoft Corporation] : C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
02 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -  [Microsoft Corporation] : C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

Toolbars
03 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  [Microsoft Corporation] : C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Google Update :  [Google Inc.] : C:\Windows\system32\config\systemprofile\APPDATA\LOCAL\GOOGLE\UPDATE\GOOGLEUPDATE.EXE
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Speech Recognition :  [Microsoft Corporation] : C:\Windows\SPEECH\COMMON\SAPISVR.EXE
04 - Startup:  : C:\Users\Gisela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
04 - Startup:  : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

Shell Extensions
MF ADTS Property Handler - {80009818-f38f-4af1-87b5-eadab9433e58} -  [Microsoft Corporation] : C:\Windows\system32\mf.dll
CLSID_WLMCMimeFilter - {0563DB41-F538-4B37-A92D-4659049B7766} -  [Microsoft Corporation] : C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
 - {06A2568A-CED6-4187-BB20-400B8C02BE5A} -  [Microsoft Corporation] : C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
Windows Live Photo Gallery Viewer Autoplay Shim - {00F33137-EE26-412F-8D71-F84E4C2C6625} -  [Microsoft Corporation] : C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Autoplay Drop Target - {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} -  [Microsoft Corporation] : C:\Program Files (x86)\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Editor Drop Target - {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} -  [Microsoft Corporation] : C:\Program Files (x86)\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Viewer Drop Target - {00F374B7-B390-4884-B372-2FC349F2172B} -  [Microsoft Corporation] : C:\Program Files (x86)\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Viewer Shim - {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} -  [Microsoft Corporation] : C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Editor Shim - {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} -  [Microsoft Corporation] : C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Viewer Autoplay Shim - {00F30F90-3E96-453B-AFCD-D71989ECC2C7} -  [Microsoft Corporation] : C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll

Protocol Handler
Microsoft HTML About Pluggable Protocol - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} -  [Microsoft Corporation] : C:\Windows\SysWOW64\mshtml.dll
CDL: Asychronous Pluggable Protocol Handler - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} -  [Microsoft Corporation] : C:\Windows\SysWOW64\urlmon.dll
DVD: Pluggable Protocol - {12D51199-0DB5-46FE-A120-47A3D7D937CC} -  [Microsoft Corporation] : C:\Windows\SysWOW64\msvidctl.dll
file:, local: Asychronous Pluggable Protocol Handler - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} -  [Microsoft Corporation] : C:\Windows\SysWOW64\urlmon.dll
ftp: Asychronous Pluggable Protocol Handler - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} -  [Microsoft Corporation] : C:\Windows\SysWOW64\urlmon.dll
http: Asychronous Pluggable Protocol Handler - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} -  [Microsoft Corporation] : C:\Windows\SysWOW64\urlmon.dll
https: Asychronous Pluggable Protocol Handler - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} -  [Microsoft Corporation] : C:\Windows\SysWOW64\urlmon.dll
Microsoft HTML Javascript Pluggable Protocol - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} -  [Microsoft Corporation] : C:\Windows\SysWOW64\mshtml.dll
 - {828030A1-22C1-4009-854F-8E305202313F} -  [Microsoft Corporation] : C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll
file:, local: Asychronous Pluggable Protocol Handler - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} -  [Microsoft Corporation] : C:\Windows\SysWOW64\urlmon.dll
Microsoft HTML Mailto Pluggable Protocol - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} -  [Microsoft Corporation] : C:\Windows\SysWOW64\mshtml.dll
MHTML Asynchronous Pluggable Protocol Handler - {05300401-BCBC-11d0-85E3-00C04FD85AB4} -  [Microsoft Corporation] : C:\Windows\system32\inetcomm.dll
mk: Asychronous Pluggable Protocol Handler - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} -  [Microsoft Corporation] : C:\Windows\SysWOW64\urlmon.dll
 - {828030A1-22C1-4009-854F-8E305202313F} -  [Microsoft Corporation] : C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll
Microsoft HTML Resource Pluggable Protocol - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} -  [Microsoft Corporation] : C:\Windows\SysWOW64\mshtml.dll
TV: Pluggable Protocol - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} -  [Microsoft Corporation] : C:\Windows\SysWOW64\msvidctl.dll
Microsoft HTML Javascript Pluggable Protocol - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} -  [Microsoft Corporation] : C:\Windows\SysWOW64\mshtml.dll
Windows Live Mail HTML Asynchronous Pluggable Protocol Handler - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} -  [Microsoft Corporation] : C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

Services
23 - [ASUSTek Computer Inc.] : C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
23 - [ASUS] : C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
23 - : C:\Program Files\ATKGFNEX\ASMMAP64.sys
23 - : C:\Program Files\ATKGFNEX\GFNEXSrv.exe
23 - : C:\Program Files (x86)\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe
23 - [Microsoft Corporation] : C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
23 - [TeamViewer GmbH] : C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
23 - [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnetwk.exe

Threat Files
<Trojan.Downloader.Agent.vh> : C:\Program Files (x86)\TmNationsForever\unins000.exe
<Trojan.Downloader.Agent.vh> : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever\TmNationsForever deinstallieren.lnk
<Trojan.Generic.1765233> : d:\Stick2\ANDY STICK\Referate\6 Klasse\Referate\Meine Famile\Noch was\OO\OpenOfficePortable\App\openoffice\program\msi-pkgchk.exe
<Trojan.Generic.1765233> : d:\Stick2\ANDY STICK\Referate\7 Klasse\Deutsch - Geschichte\Konstrucktionen\Openoffice1\OpenOfficePortable\App\openoffice\program\msi-pkgchk.exe

Advanced Files Report
%SYSDIR%\smss.exe [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\csrss.exe [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\services.exe [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\lsass.exe [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\lsm.exe [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\winlogon.exe [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\atiesrxx.exe [AMD] [AMD External Events]
%SYSDIR%\atieclxx.exe [AMD] [AMD External Events]
%SYSDIR%\FBAgent.exe [ASUSTeK Computer Inc.] [AFBAgent]
%PROGRAMFILES%\ASUS\ATK Hotkey\AsLdrSrv.exe [ASUS] [ADSMSrv] MD5=18E5C2F937F9DEB8C282DF66A3761925 SIZE=84536
%SystemDiskRoot%\Program Files\ATKGFNEX\GFNEXSrv.exe [GFNEXSrv] MD5=7C157574A181B19B9DCF5F339E25337E SIZE=94208
%SYSDIR%\spoolsv.exe [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\taskhost.exe [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\dwm.exe [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%PROGRAMFILES%\ASUS\ATK Hotkey\HControl.exe [ASUS] [ATK Hotkey] MD5=A46EF269564B9CA0A90C70E86AAE0110 SIZE=174720
%PROGRAMFILES%\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe [OberonGameConsoleService] MD5=649791F5B905E6A8ECCED15AD8EFD436 SIZE=44312
%PROGRAMFILES%\ASUS\ASUS CopyProtect\ASPG.exe [ASUS] [ASPG application] MD5=F30AA962D602D1A0377DFB99031E7B5C SIZE=163384
%PROGRAMFILES%\ASUS\ASUS Live Update\ALU.exe [ALU] MD5=F4DCD4912B185C3AAEB92A7040832AD1 SIZE=51768
%PROGRAMFILES%\ASUS\SmartLogon\sensorsrv.exe [ASUS] [ASUS SmartLogon] MD5=1971D838A88F58D59543E9B3CDA5FFC4 SIZE=305720
%PROGRAMFILES%\ASUS\ControlDeck\ControlDeckStartUp.exe MD5=BA2B4E07561CF877F61B0EEED654BC96 SIZE=53888
%PROGRAMFILES%\ASUS\Splendid\ACMON.exe [ATK] [ATK ACMON] MD5=A6C20CBD1B10FEF25DAA4F1CF9FBC4FF SIZE=684544
%SystemDiskRoot%\Program Files\P4G\BatteryLife.exe [ATK] [Power4Gear Hybrid] MD5=4F23BA3152C60464FC1E8C96C6AA18E1 SIZE=267832
%PROGRAMFILES%\ASUS\Wireless Console 3\wcourier.exe [Wireless Console 3] MD5=A2A262FBC053861C778EA512328E6C10 SIZE=1593344
%PROGRAMFILES%\ASUS\Wireless Console 3\inter_f2.dll [ATK] [ATK0100] MD5=06B4C8D5D9708A7494AC7C02CD54650E SIZE=36864
%PROGRAMFILES%\ASUS\Wireless Console 3\ATKWLIOC.DLL [ACTIONTEC Electronics,Inc] [PRISM Wireless LAN] MD5=388CE212A119271EEA68F42712F3F64F SIZE=80384
%PROGRAMFILES%\ASUS\Wireless Console 3\SiSPkt.dll [Silicon Integrated Systems Corp.] [SiS160 Series Wireless LAN Adapter] MD5=E7C665D4AFAAB45A9086D02FFC87A4B4 SIZE=303104
%PROGRAMFILES%\ASUS\ATK Hotkey\ATKOSD.exe [ASUS] [ATK Hotkey] MD5=149126216A694E6BA84E92ECA77AAE3B SIZE=2488888
%SYSDIR%\conhost.exe [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%PROGRAMFILES%\ASUS\ATK Hotkey\KBFiltr.exe [ASUS] [ATK Hotkey] MD5=AA11E1368EEB237DD100BAC6AFFE1C57 SIZE=113208
%PROGRAMFILES%\ASUS\ATK Hotkey\WDC.exe [ASUS] [ATK Hotkey] MD5=4A7C441D99D86704D194E7678873B95D SIZE=174648
%WINDIR%\SysWOW64\ACEngSvr.exe [ASUSTeK] [ACEngSvr Module] MD5=41A5048E49372F091B2AE5A5B705B72D SIZE=183296
%PROGRAMFILES%\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [Microsoft Corporation] [Microsoft Search Enhancement Pack] MD5=271077B91D7AD1B616F8AFDFE8E3F981 SIZE=240512
%PROGRAMFILES%\TeamViewer\Version5\TeamViewer_Service.exe [TeamViewer GmbH] [TeamViewer] MD5=213723E1A736910C644B457DE6D095E2 SIZE=173352
%PROGRAMFILES%\ASUS\ASUS Data Security Manager\ADSMTray.exe [ASUSTek Computer Inc.] [ADSMTray] MD5=3ECCDD3FE310DD8F82D085447089ADB0 SIZE=272952
%PROGRAMFILES%\ASUS\ASUS Data Security Manager\ADSMSrv.exe [ASUSTek Computer Inc.] [ADSMSrv] MD5=C0BF554D2277F7A4C735D475ADE2E3B2 SIZE=225280
%WINDIR%\AsScrPro.exe [ASUS] [ASUS Screen Saver Protector] MD5=2B2F678CC761AFC91E4085A519B33D75 SIZE=3054136
%PROGRAMFILES%\CyberLink\Power2Go\CLMLSvc.exe [CyberLink] [CyberLink MediaLibray Service] MD5=57B4D34232852BFE4453BE571DF90D21 SIZE=103720
%PROGRAMFILES%\CyberLink\Power2Go\CLMediaLibrary.dll [CLMediaLibrary Dynamic Link Library] MD5=6A5D0ED8F280AB8E312A4252472A14A4 SIZE=619816
%PROGRAMFILES%\CyberLink\Power2Go\CLMLSvcPS.dll [CLMLSvc Dynamic Link Library] MD5=2168E61B9E3B06EEB8B3EACDFDC4699B SIZE=13096
%SystemDiskRoot%\Program Files\Elantech\ETDCtrl.exe [ELAN Microelectronic Corp.] [ELAN Smart-Pad] MD5=A59AD63CA1F97D4F900DD18B52356CEF SIZE=619392
%PROGRAMFILES%\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll MD5=A95209B0323131E40309207D4C2616A8 SIZE=147456
%PROGRAMFILES%\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll MD5=44CB8F8C28BC8CC2AE73740B3A1502F3 SIZE=143360
%PROGRAMFILES%\asus\VirtualCamera\virtualCamera.ax MD5=75B75482C0A2C239562BC9C6A73AC3B4 SIZE=225280
%SYSDIR%\vsnp2uvc.dll [Sonix] MD5=5BBC79010185AFF1E71BDC106019B8FF SIZE=305152
%PROGRAMFILES%\ASUS\ASUS LifeFrame3\camera_effect.ax [ASUS] [LifeFrame] MD5=18140C8B44AC157309263410ACD460EC SIZE=602112
%SystemDiskRoot%\Program Files\Windows Media Player\wmpnetwk.exe [Microsoft Corporation] [Betriebssystem Microsoft® Windows®] MD5=9BF014C20F91D97055532F2F5496E7BD SIZE=1525248
%SystemDiskRoot%\Users\Public\jusched.exe [Lz5ixxEFh2] [EMA] MD5=FD4DCB2D4DCA17301FB6A8F3B29646BA SIZE=131072
%SYSDIR%\audiodg.exe [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\VSSVC.exe [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%STARTUP%\desktop.ini MD5=7F1698BAB066B764A314A589D338DAAE SIZE=174
%STARTUPALL%\desktop.ini MD5=7F1698BAB066B764A314A589D338DAAE SIZE=174
%PROGRAMFILES%\softonic-de3\tbsoft.dl
%SYSDIR%\mf.dll [Microsoft Corporation] [Betriebssystem Microsoft® Windows®] MD5=80EFBCAFBD26956B69EE9CEFC93423B0 SIZE=3177984
%PROGRAMFILES%\Windows Live\Mail\mailcomm.dll [Microsoft Corporation] [Windows Live Mail] MD5=77FF838D68111D6E7CF18AF167D8B779 SIZE=795472
%PROGRAMFILES%\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Microsoft Corporation] [Windows Live® Photo Gallery] MD5=949DFDD736386B60CB30534431E74A83 SIZE=230256
%PROGRAMFILES%\Windows Live\Photo Gallery\PhotoViewerShim.dll [Microsoft Corporation] [Windows Live® Photo Gallery] MD5=D73451F364E142FF1EC9B42046373C36 SIZE=42864
%PROGRAMFILES%\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE [Microsoft Corporation] [Windows Live® Fotogalerie] MD5=E48AF9C1C3188B40C1882D2DF0F07ABA SIZE=138096
%SYSDIR%\DRIVERS\ACPI.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\drivers\afd.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\DRIVERS\amdppm.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\amdsata.sys [Advanced Micro Devices] [AHCI 1.2 Device Driver]
%SYSDIR%\DRIVERS\amdxata.sys [Advanced Micro Devices] [Stor Filter Driver]
%SystemDiskRoot%\Program Files\ATKGFNEX\ASMMAP64.sys MD5=2DB34EDD17D3A8DA7105A19C95A3DD68 SIZE=14904
%SYSDIR%\DRIVERS\atapi.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\athrx.sys [Atheros Communications, Inc.] [Driver for Atheros CB42/CB43/MB42/MB43 Network Adapter]
%SYSDIR%\DRIVERS\atikmdag.sys [ATI Technologies Inc.] [ATI Radeon Family]
%SYSDIR%\DRIVERS\AtiPcie.sys [Advanced Micro Devices Inc.] [AMD PCIE Filter Driver]
%SYSDIR%\svchost.exe -k LocalSystemNetworkRestricted
%SYSDIR%\svchost.exe -k LocalServiceNetworkRestricted
%SYSDIR%\svchost.exe -k LocalServiceNoNetwork
%SYSDIR%\DRIVERS\blbdrive.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\bowser.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\cdrom.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\CLFS.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\CmBatt.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\Drivers\cng.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\compbatt.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\CompositeBus.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\svchost.exe -k DcomLaunch
%SYSDIR%\Drivers\dfsc.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\drivers\discache.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\disk.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\drivers\dxgkrnl.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\ETD.sys [ELAN Microelectronic Corp.] [ELAN Smart-Pad]
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\svchost.exe -k LocalServiceAndNoImpersonation
%SYSDIR%\drivers\fileinfo.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\drivers\fltmgr.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\DRIVERS\fvevol.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\HDAudBus.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\drivers\hwpolicy.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\i8042prt.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\DRIVERS\kbdclass.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\DRIVERS\kbfiltr.sys [Keyboard Filter Driver]
%SYSDIR%\Drivers\ksecdd.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\Drivers\ksecpkg.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\drivers\ksthunk.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\lltdio.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\drivers\luafv.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\DRIVERS\lullaby.sys [Windows (R) Win 7 DDK provider] [Windows (R) Win 7 DDK driver]
%SYSDIR%\DRIVERS\monitor.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\mouclass.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\drivers\mountmgr.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\drivers\mpsdrv.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\mrxsmb.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\mrxsmb10.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\mrxsmb20.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\msahci.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\msisadrv.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\mssmbios.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\ATK64AMD.sys [ASUS] [ATK0100 ACPI Utility]
%SYSDIR%\Drivers\mup.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\nwifi.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\drivers\ndis.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\DRIVERS\ndistapi.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\ndisuio.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\DRIVERS\ndiswan.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\netbios.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\netbt.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\drivers\nsiproxy.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\svchost.exe -k LocalServicePeerNet
%SYSDIR%\drivers\partmgr.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\pci.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\drivers\pciide.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\drivers\pcw.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\drivers\peauth.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\raspptp.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\pacer.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\svchost.exe -k WindowsMobile
%SYSDIR%\DRIVERS\AgileVpn.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\rasl2tp.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\raspppoe.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\rassstp.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\rdbss.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\DRIVERS\RDPCDD.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\drivers\rdpencdd.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\drivers\rdprefmp.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\drivers\rdyboost.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\svchost.exe -k RPCSS
%SYSDIR%\DRIVERS\rspndr.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\svchost.exe -k SDRSVC
%SYSDIR%\DRIVERS\snp2uvc.sys [UVC Camera Streaming Driver]
%SYSDIR%\DRIVERS\srv.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\srv2.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\srvnet.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\svchost.exe -k imgsvc
%SYSDIR%\DRIVERS\swenum.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\svchost.exe -k swprv
%SYSDIR%\drivers\tcpip.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\drivers\tcpipreg.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\tdx.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\teamviewervpn.sys [TeamViewer GmbH] [TeamViewerVPN Network Adapter]
%SYSDIR%\DRIVERS\termdd.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\tunnel.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\DRIVERS\umbus.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\usbccgp.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\usbehci.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\usbfilter.sys [Advanced Micro Devices] [AMD USB Filter Driver]
%SYSDIR%\DRIVERS\usbhub.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\usbohci.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\vdrvroot.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\drivers\vga.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\drivers\viahduaa.sys [VIA Technologies, Inc.] [VIA High Definition Audio Driver]
%SYSDIR%\DRIVERS\volmgr.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\drivers\volmgrx.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\DRIVERS\volsnap.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\DRIVERS\vwifibus.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\DRIVERS\vwififlt.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\vwifimp.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\DRIVERS\wanarp.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\drivers\Wdf01000.sys [Microsoft Corporation] [Betriebssystem Microsoft® Windows®]
%SYSDIR%\DRIVERS\wfplwf.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\SearchIndexer.exe \Embedding
%SYSDIR%\drivers\WudfPf.sys [Microsoft Corporation] [Microsoft® Windows® Operating System]
%SYSDIR%\mscoree.dll [Microsoft Corporation] [Microsoft® .NET Framework] MD5=128DD9AF8640DBCC711940903C8B554F SIZE=297808
%WINDIR%\SysWOW64\urlmon.dll [Microsoft Corporation] [Windows® Internet Explorer] MD5=E0FFE169FD5B43CB6025FF2AECBF2EBB SIZE=1226240
%WINDIR%\SysWOW64\mshtml.dll [Microsoft Corporation] [Windows® Internet Explorer] MD5=BDFD710842C8A25DD27254D91DE60AC6 SIZE=5971456
%WINDIR%\SysWOW64\msvidctl.dll [Microsoft Corporation] [DirectShow] MD5=BE21C5C05E5E8536F1385100CC8EAFA5 SIZE=2291712
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [Microsoft Corporation] [Windows Live Messenger Protocol Handler Module] MD5=74165D44075CF3D03C98530783B8610E SIZE=61264
%SYSDIR%\inetcomm.dll [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=2F1379FEB2798A5708CD157836B4E9CC SIZE=740864

End of Report
         
Avira Antivr Personal:

Code:
ATTFilter
Logfile kommt bald...
         
Die haben zwar auch ein Paar Trojaner usw. gefunden aber nicht den Virus den ich suche.

Im Moment scannt noch Ad-Aware alles ab.

Das Hijack Logfile:

Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:44:12, on 29.08.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Users\Public\jusched.exe
D:\Test\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ Malwarebytes Anti-Malware  (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\Gisela\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9408 bytes
         
Dann habe ich meinen Laptop die ganze Nacht durchlaufen lassen, da ich Angst hatte, dass irgenetwas mit dem Autostart, usw... passieren kann.

Der neuste Bericht:

Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:26:34, on 30.08.2010
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Users\Gisela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gisela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gisela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gisela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gisela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gisela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gisela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gisela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gisela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gisela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gisela\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Gisela\AppData\Local\Google\Chrome\Application\chrome.exe
D:\Test\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://fullarticles.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ Malwarebytes Anti-Malware  (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\Gisela\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9549 bytes
         
Hoffendlich helfen euch diese 2 Berichte. Große Änderungen gibt es da nicht außer die Programme die ich deinstalliert bzw. installiert habe.

Leider kann ich mit diesem Bericht nicht sonderlich viel anfangen, darum habe ich ihn mal in die automatische Logfileauswertung kopiert HijackThis Logfileauswertung.Demnach müsste alles ok sein... Aber trotzdem müsste er doch irgendeinen Fehler anzeigen!!


Hoffe auf eure Hilfe


Andreas


PS: Mein System ist Windows 7

Antwort

Themen zu Habe per Windows Live Messenger einen Virus geschickt bekommen und ihn leider aktiviert...
ad-aware, afd.sys, antivir, antivir guard, audiodg.exe, avg, computer, conhost.exe, device driver, dwm.exe, excel, explorer, fehler, fotogalerie, google, helper, hijack, hijackthis, html mail, internet, jusched.exe, logfile auswertung, problem, programdata, saver, scan, security, services.exe, software, start menu, stick, svchost.exe, system, syswow64, taskhost.exe, trojan.generic., trojaner, viren, virus, windows, windows 7, windows live messenger, wireless lan



Ähnliche Themen: Habe per Windows Live Messenger einen Virus geschickt bekommen und ihn leider aktiviert...


  1. Habe bei Steam eine .scr Datei geschickt bekommen dann gedownloaded... Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 13.03.2015 (12)
  2. Windows 7: UPS Paketankündigungsmail bekommen und (leider) Link angeklickt
    Log-Analyse und Auswertung - 09.03.2015 (12)
  3. Habe img_72938.scr geschickt bekommen...
    Plagegeister aller Art und deren Bekämpfung - 17.02.2015 (11)
  4. Windows Live Messenger Virus/Wurm ?
    Plagegeister aller Art und deren Bekämpfung - 19.10.2012 (1)
  5. Ich habe leider ein Trojaner (wieder -.-) bekommen!
    Log-Analyse und Auswertung - 11.09.2012 (1)
  6. Windows Live Messenger-Virus
    Log-Analyse und Auswertung - 26.06.2012 (8)
  7. Komischen Link geschickt bekommen...
    Plagegeister aller Art und deren Bekämpfung - 10.11.2010 (1)
  8. Windows live messenger verseucht
    Plagegeister aller Art und deren Bekämpfung - 29.04.2010 (6)
  9. Windows Live Messenger Probleme
    Log-Analyse und Auswertung - 11.12.2009 (0)
  10. Probleme mit Windows Live! Messenger
    Alles rund um Windows - 19.03.2009 (3)
  11. Warrock Hacks geschickt bekommen
    Log-Analyse und Auswertung - 21.01.2009 (1)
  12. Virus beim Live Messenger
    Plagegeister aller Art und deren Bekämpfung - 12.01.2009 (1)
  13. windows live messenger 2009
    Mülltonne - 08.10.2008 (0)
  14. MSN Virus: PIC006.JPG-live.messenger.com
    Plagegeister aller Art und deren Bekämpfung - 10.03.2008 (23)
  15. Habe leider mal wieder einen Virus bitte brauche Hilfe !!!!
    Plagegeister aller Art und deren Bekämpfung - 28.01.2008 (7)
  16. Live Messenger Virus (neuer)
    Plagegeister aller Art und deren Bekämpfung - 22.08.2007 (4)
  17. Windows Live Messenger
    Alles rund um Windows - 20.12.2006 (2)

Zum Thema Habe per Windows Live Messenger einen Virus geschickt bekommen und ihn leider aktiviert... - Hallo, habe letztens einen riesen Fehler gemacht... Ich habe mich beim Windows Live Messenger angemeldet und eine Offline Nachricht bekommen, in der ein Link war. Ich habe natürlich drafgeklickt und - Habe per Windows Live Messenger einen Virus geschickt bekommen und ihn leider aktiviert......
Archiv
Du betrachtest: Habe per Windows Live Messenger einen Virus geschickt bekommen und ihn leider aktiviert... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.