starker Viren befall in letzter Zeit

Sven2010

Hab starken Virenbefall in letzter Zeit, meist starke Viren und mein System ist anscheinend jetzt sehr Instabil und verlangsamt:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:17:56, on 10.08.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Ralink\Common\RaUI.exe
C:\Program Files (x86)\Xfire\Xfire.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe
C:\Users\Admin\Downloads\mbam_setup_1.46.exe
C:\Users\Admin\AppData\Local\Temp\is-3U18U.tmp\mbam_setup_1.46.tmp
C:\Users\Admin\Downloads\mbam_setup_1.46.exe
C:\Users\Admin\AppData\Local\Temp\is-8J8RL.tmp\mbam_setup_1.46.tmp
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SweetIM Toolbar Helper - {eee6c35c-6118-11dc-9c72-001320c79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\SysWow64\Msdxm6.ocx
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfir.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {eee6c35b-6118-11dc-9c72-001320c79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [P17RunE] RunDll32 P17RunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "d:\steam\steam.exe" -silent
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE /FU "C:\Windows\TEMP\E_S3803.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [WallpaperCam] C:\Program Files (x86)\Wallpaper Cam\WallPaperCam.exe /d40
O4 - HKCU\..\Run: [ICQ] ~"C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [Configuring] rundll32.exe C:\Users\Admin\AppData\Local\Temp\7889688.txt,W
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files (x86)\Ralink\Common\RaUI.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dragon Age: Origins - Inhaltsupdater (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SearchAnonymizer - Unknown owner - C:\Users\Admin\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12540

Dann habe ich noch folgenden Scan von BitDefender:

QuickScan Beta 32-bit v0.9.9.50
-------------------------------
Scan date: Wed Oct 27 16:41:37 2010
Machine ID: 3E68E262



No infection found.
-------------------



Processes
---------
(verified) Ad-Aware Tray Application 4812 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
(verified) AntiVir Desktop 7152 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(verified) AVG IDS 6492 C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
(verified) AVG Internet Security 7084 C:\Program Files (x86)\AVG\AVG10\avgtray.exe
(verified) Betriebssystem Microsoft® Windows® 6432 C:\Windows\SysWOW64\rundll32.exe
(verified) Creative Volume Control 6680 C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
(verified) Firefox 5732 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(verified) Firefox 3016 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(verified) Java(TM) Platform SE Auto Updater 2 0 6860 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(verified) RaUI Application 6460 C:\Program Files (x86)\Ralink\Common\RaUI.exe
(verified) Xfire 6888 C:\Program Files (x86)\Xfire\Xfire.exe


Autoruns and critical files
---------------------------
(unsigned) Catalyst® Control Center C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
(unsigned) PCSpeedScan C:\Program Files (x86)\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe

(verified) P17Run Endpoints Dynamic Link Library C:\Windows\system32\P17RunE.dll
(verified) Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
(verified) Adobe Reader and Acrobat Manager C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(verified) Adobe Systems, Inc. Adobe Gamma Loader C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
(verified) Adobe Updater C:\Program Files (x86)\Common Files\Adobe\Updater\AdobeUpdater.exe
(verified) Alcohol Soft Development Team C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe
(verified) AntiVir Desktop C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(verified) Autorun Application G:\autorun.exe
(verified) AVG Internet Security C:\Program Files (x86)\AVG\AVG10\avgtray.exe
(verified) Betriebssystem Microsoft® Windows® C:\Program Files\Windows Sidebar\sidebar.exe
(verified) Betriebssystem Microsoft® Windows® C:\Windows\Speech\Common\sapisvr.exe
(verified) Betriebssystem Microsoft® Windows® c:\windows\system32\userinit.exe
(verified) Creative Updreg C:\Windows\UpdReg.EXE
(verified) Creative Volume Control C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
(verified) EPSON Status Monitor 3 C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE
(verified) GoogleToolbarNotifier C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(verified) Java(TM) Platform SE Auto Updater 2 0 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(verified) RaUI Application C:\Program Files (x86)\Ralink\Common\RaUI.exe
(verified) SDNotify(en) C:\Program Files (x86)\SDClock\SDNotify.exe
(verified) start.exe F:\start.exe
(verified) Steam d:\steam\steam.exe
(verified) Uniblue Launcher C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe
(verified) Xfire C:\Program Files (x86)\Xfire\Xfire.exe


Browser plugins
---------------
(unsigned) FireShot C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\SSS.dll
(unsigned) FireShot for Internet Explorer C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\FSAddin.dll
(unsigned) fireshot-install.exe C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fireshot-install.exe
(unsigned) frozen.dll C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
(unsigned) googletoolbar-ff2.dll C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
(unsigned) googletoolbar-ff3.dll C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
(unsigned) googletoolbarloader.dll C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
(unsigned) Java(TM) Platform SE 6 U22 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

(verified) AcroIEHelperShim Library c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
(verified) Adobe Acrobat C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
(verified) Adobe® Flash® Player ActiveX C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe
(verified) AntiVir Desktop C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll
(verified) AVG Internet Security c:\program files (x86)\avg\avg10\avgssie.dll
(verified) Betriebssystem Microsoft® Windows® C:\Windows\System32\mswsock.dll
(verified) Betriebssystem Microsoft® Windows® C:\Windows\system32\napinsp.dll
(verified) Betriebssystem Microsoft® Windows® C:\Windows\system32\pnrpnsp.dll
(verified) BitDefender QuickScan C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
(verified) BitDefender QuickScan C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
(verified) DirectShow c:\windows\syswow64\msdxm6.ocx
(verified) FFExternalAlert.dll C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\FFExternalAlert.dll
(verified) Google Toolbar for Internet Explorer c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
(verified) Google Update C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
(verified) GoogleToolbarNotifier c:\program files (x86)\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
(verified) ICQ C:\Program Files (x86)\ICQ7.2\ICQ.exe
(verified) ICQToolBar c:\program files (x86)\icq6toolbar\icqtoolbar.dll
(verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.dll
(verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.exe
(verified) InstallShield Update Service C:\Windows\Downloaded Program Files\isusweb.dll
(verified) Java Deployment Toolkit 6.0.220.4 C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
(verified) Java(TM) Platform SE 6 U22 c:\program files (x86)\java\jre6\bin\jp2ssv.dll
(verified) Microsoft Office 2003 C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL
(verified) Microsoft® Windows® Operating System C:\Windows\system32\NLAapi.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll
(verified) Mozilla Default Plug-in C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
(verified) nppdf32.DEU C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.DEU
(verified) NPSWF32.dll C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
(verified) RadioWMPCore.dll C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\components\RadioWMPCore.dll
(verified) Silverlight Plug-In C:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll
(verified) SweetIM Toolbar for Internet Explorer c:\program files (x86)\sweetim\toolbars\internet explorer\mghelper.dll
(verified) SweetIM Toolbar for Internet Explorer c:\program files (x86)\sweetim\toolbars\internet explorer\mgtoolbarie.dll
(verified) Windows Live® Photo Gallery C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll


Missing files
-------------
File not found: C:\Program Files (x86)\Ascentive\Performance Center\ApcMain.exe -m
--> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"Performance Center"
--> HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\"Performance Center"

File not found: c:\program files (x86)\xfirexo\tbxfir.dll
--> HKCR\CLSID\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\InprocServer32\"(default)"
--> HKCR\CLSID\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\InprocServer32\"(default)"
--> HKCR\CLSID\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\InprocServer32\"(default)"


Scan
----
(unsigned) MD5: b402c87856832a908d162c43c56b8333 C:\Program Files (x86)\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe
(unsigned) MD5: 9ac78d384ce632bf4b5c73d5231ce17e C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
(unsigned) MD5: 8c05c68fedfcbf400093a0e232315bc2 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll
(unsigned) MD5: 86e162677d131e5fa32fb2bff60cfd05 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll
(unsigned) MD5: d17e73d08d3f9bf86778ca32bafea292 C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll
(unsigned) MD5: 05be6a994e936dc58ee3940e0bb46e70 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll
(unsigned) MD5: a7af0c0d9cd0c9efc8929c64008a0193 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmgrdrc.dll
(unsigned) MD5: 339b2db238a59554a6e45fe00c155fe3 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmguard.dll
(unsigned) MD5: d201762816e297d0eed3b7cf00d64c93 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll
(unsigned) MD5: 6bb82348cc5c8d0ac51090f2bf7e0a92 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll
(unsigned) MD5: 0e6646ac36256ab3f3af8069cefcd8a8 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll
(unsigned) MD5: ac5b7ad060844b1bf3bddf624f68a545 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll
(unsigned) MD5: d41a02871f992a2c47b84a95c2a78b40 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll
(unsigned) MD5: ad045e1cb3fea867df40dd1622f1eef9 C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll
(unsigned) MD5: 87e8f577cd2d3b08270893b6d12d3464 C:\Program Files (x86)\Creative\SBAudigy\Surround Mixer\CTSysVol.crl
(unsigned) MD5: 69cdba2b9c397e349a04fa70dd9170a2 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(unsigned) MD5: 8084668d40e5eb157839c5519e533541 C:\Program Files (x86)\Creative\Shared Files\CTIniF.dll
(unsigned) MD5: ec046688c85011435dc8071eba02f833 C:\Program Files (x86)\Creative\Shared Files\CtrlSrc.dll
(unsigned) MD5: eeb43b761b01f7668a466a1439e4d675 C:\Program Files (x86)\Creative\Shared Files\CTTheme.dll
(unsigned) MD5: ebf4c4557fbfea9ccf642abd5a239471 C:\Program Files (x86)\Creative\Shared Files\GDICtrl.skc
(unsigned) MD5: 1602eecc8b71bda0947134871a5a1478 C:\Program Files (x86)\Creative\Shared Files\GDICtrl3.skc
(unsigned) MD5: 4dd881b1918d195682ea7e696000d342 C:\Program Files (x86)\Creative\Shared Files\MxLib.dll
(unsigned) MD5: 3ed8e561044723c6039a8a20a3ae60cc C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
(unsigned) MD5: c98fb0239d4a50328cf2f8a6e54681db C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
(unsigned) MD5: e709a3a583103005702d5341f3cba5d7 C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
(unsigned) MD5: cce32ecd46bba2eb94ff5d305a6700f3 C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
(unsigned) MD5: daf473a146a3d77b4e26c1f809997329 C:\Program Files (x86)\Ralink\Common\CiscoEapFast.dll
(unsigned) MD5: 654de714db500f5aec66c3fbc8d25a43 C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fireshot-install.exe
(unsigned) MD5: 4cd6aec48561460c3b97f0ef3e0b636c C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\FSAddin.dll
(unsigned) MD5: 63f70c127c8794c6a2f236fd5bd7bb53 C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\SSS.dll
(unsigned) MD5: 0a69406d3cf3747ab528ace7739ac46d C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
(unsigned) MD5: e5b02bb0c6ea7cd4607b49c7be4db5b0 C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
(unsigned) MD5: 288cc8a1f9ca886a3555da06dbae6144 C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
(unsigned) MD5: ad7ec854e30b632bcdd7dee6a3ab4077 C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\d85esxis.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
(unsigned) MD5: f4bd8926afb3b2067f2bd210032ec3be C:\Users\Admin\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(unsigned) MD5: 0421441fbf668c7e72eeb658b04aa8c7 C:\Windows\SysWOW64\APOMngr.DLL
(unsigned) MD5: 45f681a6de7ccd2e2cc3bae71fc1cb51 C:\Windows\SysWOW64\CmdRtr.DLL


No file uploaded.

Scan finished - communication took 2 sec
Total traffic - 0.03 MB sent, 0.42 KB recvd
Scanned 635 files and modules - 20 seconds

==============================================================================


Viren habe ich laut Avira Premium, AVG 2011 und Ad-Aware nicht mehr darauf.

Ich hoffe die Viren haben nicht all zu große Schäden hinterlassen.

MfG Sven


PS: Gerade: 27.10 17.10

folgenden Virus im AVG Ordner entdeckt (avira): (FEHLALARM)


Typ: Datei
Quelle: C:\ProgramData\avg9\update\backup\avgui.exe
Status: Infiziert
Quarantäne-Objekt: 49bee160.qua
Wiederhergestellt: NEIN
Zu Avira hochgeladen: NEIN
Betriebssystem: Windows 2000/XP/VISTA Workstation
Suchengine: 8.02.04.84
Virendefinitionsdatei: 7.10.13.49
Meldung: Ist das Trojanische Pferd TR/Spy.ZBot.JP
Datum/Uhrzeit: 27.10.2010, 17:06

(FEHLALARM) oder doch nicht?
NAch weiteren Scans in der Quarantäne wurde aus dem Virus nur noch eine Verdächtige Datei. Nach dem wiederherrstellen scännte ich erneut, diesmal keine Infektion!


17:38

Ad-Aware hat folgende datei als sehr gefährlich und als eine Bedrohung eingestuft. Die Datei habe ich in Quarantäne verschoben:

Win32.Adware.Ascentive/A

(c:\windows\syswow64\asccontest.dll)