Hi,
die beiden Malware-scanner Eset und Malewarebytes hben nichts gefunden.
Ich habe Voll-Zugriff auf den Rechner über einen zweiten account.
Hier die dds.txt:
Zitat:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by magna at 10:42:22 on 2012-04-03
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.4087.2666 [GMT 2:00]
.
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DSL-Manager\DslMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe
C:\Program Files\firefox.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mURLSearchHooks: softonic-de3 Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: softonic-de3 Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: softonic-de3 Toolbar: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\magna\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DSL-MA~1.LNK - C:\Program Files (x86)\DSL-Manager\DslMgr.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DirectOC.lnk - C:\Program Files (x86)\MSI\DirectOC\StartDirectOC.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{C5BA3882-ADAA-4AAC-BD14-3E084425A6F1} : DhcpNameServer = 192.168.178.1
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{30F9B915-B755-4826-820B-08FBA6BD249D}
{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}
{30F9B915-B755-4826-820B-08FBA6BD249D}
mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\magna\AppData\Roaming\Mozilla\Firefox\Profiles\u89jagjf.default\
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - C:\Program Files\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - C:\Program Files\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - C:\Program Files\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: JavaString Helper: {184AA5E6-741D-464a-820E-94B3ABC2F3B4} - C:\Users\wibbel\AppData\Roaming\5051
.
============= SERVICES / DRIVERS ===============
.
R1 DslMNLwf;DSL-Manager NDIS LightWeight Filter;C:\Windows\system32\DRIVERS\dslmnlwf.sys --> C:\Windows\system32\DRIVERS\dslmnlwf.sys [?]
R2 AntiVirSchedulerService;Avira AntiVir Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2010-3-15 108289]
R2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2010-3-15 185089]
R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?]
R2 cpuz132;cpuz132;\??\C:\Windows\system32\drivers\cpuz132_x64.sys --> C:\Windows\system32\drivers\cpuz132_x64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 TDslMgrService;DSL-Manager;C:\Program Files (x86)\DSL-Manager\DslMgrSvc.exe [2011-12-15 307200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 NTIOLib_1_0_0;NTIOLib_1_0_0;C:\Program Files (x86)\MSI\DirectOC\NTIOLib_X64.sys [2010-3-8 14136]
S3 PciDumpr;PciDumpr;C:\Program Files (x86)\Common Files\T-Com\DSLCheck\PCIDumpr.sys [2011-12-15 2144]
S3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2009-8-22 12288]
.
=============== Created Last 30 ================
.
2012-04-03 07:38:35 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C5782A0F-4B83-438F-AE78-2BC756C9F356}\mpengine.dll
2012-03-31 16:46:05 -------- d-----w- C:\Program Files (x86)\ESET
2012-03-31 15:46:02 -------- d-----w- C:\Users\magna\AppData\Local\Apple
2012-03-14 17:49:54 3143168 ----a-w- C:\Windows\System32\win32k.sys
2012-03-14 17:49:53 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2012-03-14 17:49:53 1541120 ----a-w- C:\Windows\System32\DWrite.dll
2012-03-14 17:49:52 902656 ----a-w- C:\Windows\System32\d2d1.dll
2012-03-14 17:49:52 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll
2012-03-14 17:49:52 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2012-03-14 17:49:52 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2012-03-14 17:49:52 1837568 ----a-w- C:\Windows\System32\d3d10warp.dll
2012-03-14 17:49:52 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2012-03-14 17:49:52 1170944 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2012-03-14 17:49:52 1074176 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-03-14 14:37:26 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe
2012-03-14 14:37:26 76288 ----a-w- C:\Windows\System32\rdpwsx.dll
2012-03-14 14:37:26 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2012-03-14 14:37:24 826368 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-03-14 14:37:24 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-03-14 14:37:24 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-03-14 14:37:24 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-03-08 22:59:34 -------- d-----w- C:\Windows\SysWow64\wbem\en-US
2012-03-08 22:59:31 -------- d-----w- C:\Windows\System32\wbem\en-US
2012-03-08 10:28:47 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
.
==================== Find3M ====================
.
2012-03-08 10:28:47 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2012-02-23 08:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2010-02-02 19:19:20 453024 ----a-w- C:\Program Files (x86)\setup.exe
2010-02-02 19:18:14 10182144 ----a-w- C:\Program Files (x86)\openofficeorg32.msi
2010-01-16 00:13:03 98304 ----a-w- C:\Program Files\nssdbm3.dll
2010-01-16 00:13:03 249856 ----a-w- C:\Program Files\freebl3.dll
2010-01-16 00:13:03 155648 ----a-w- C:\Program Files\softokn3.dll
.
============= FINISH: 10:42:46,64 ===============
|
Vielen Dank im Vorraus
03.04.2012, 09:57
Baum-Darstellung