starker Virenverdacht, langsamer Rechner

humphrey24 · 09.09.2014, 19:09

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=8587809f51c2eb4b82932ffe0d0abe22
# engine=20073
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-09 05:15:53
# local_time=2014-09-09 07:15:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 14324111 81572975 0 0
# scanned=149309
# found=1
# cleaned=1
# scan_time=3554
sh=9F2B1AFD3D92595F25572C5263BB51CD349E6C1A ft=1 fh=3bbd4af7b9fc3449 vn="Variante von Win32/DomaIQ.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Boris\Downloads\zipper_V.788563.exe"

sorry,

hab wohl das nicht löschen übersehen

Code:

ATTFilter

Results of screen317's Security Check version 0.99.87  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 SpywareBlaster 5.0    
 Secunia PSI (3.0.0.9016)   
 Adobe Flash Player 	14.0.0.179  
 Adobe Reader 10.1.11 Adobe Reader out of Date!  
 Mozilla Firefox (32.0) 
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2014
Ran by Boris (administrator) on BORIS-PC on 09-09-2014 20:03:35
Running from c:\Users\Boris\Downloads
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(SMART Technologies ULC.) C:\Program Files\SMART Technologies\Education Software\SMARTClassroomCoordinator.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\VantageService.exe
(SMART Technologies ULC) C:\Program Files\SMART Technologies\Education Software\SMARTBoardTools.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTInk.exe
(Sony Corporation) C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(Dropbox, Inc.) C:\Users\Boris\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTHelperService.exe
(Joyent, Inc) C:\Program Files\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(SMART Technologies) C:\Program Files\SMART Technologies\Education Software\SMARTInkPrivilegedAccess.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Users\Boris\Downloads\SecurityCheck.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4489216 2007-06-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-10-26] (Synaptics, Inc.)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [68640 2007-01-08] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [SMARTClassroomCoordinator.exe] => C:\Program Files\SMART Technologies\Education Software\SMARTClassroomCoordinator.exe [485232 2011-06-22] (SMART Technologies ULC.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [VantageService] => C:\Program Files\SMART Technologies\Education Software\VantageService.exe [190800 2013-03-07] (SMART Technologies)
HKLM\...\Run: [SMART Board Tools] => C:\Program Files\SMART Technologies\Education Software\SMARTBoardTools.exe [9279824 2013-01-31] (SMART Technologies ULC)
HKLM\...\Run: [sbsdk-server] => C:\Program Files\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62800 2013-03-07] (SMART Technologies)
HKLM\...\Run: [SMART Board Service] => C:\Program Files\SMART Technologies\Education Software\SMARTBoardService.exe [2111824 2013-03-07] (SMART Technologies)
HKLM\...\Run: [SMART SNMP Agent] => C:\Program Files\SMART Technologies\Education Software\SMARTSNMPAgent.exe [968528 2013-03-07] (SMART Technologies)
HKLM\...\Run: [SMART Ink] => C:\Program Files\SMART Technologies\Education Software\SMARTInk.exe [99152 2013-03-04] (SMART Technologies)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe [688184 2012-02-15] (Sony Corporation)
HKU\S-1-5-21-1411231321-3497987553-1682086313-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Boris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.samsungcomputer.com/
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: SMART Notebook Download Utility -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files\SMART Technologies\Education Software\Win32\NotebookPlugin.dll (SMART Technologies ULC.)
Toolbar: HKLM - SMART Sync - {8E1233B3-485A-4E51-B77E-9E075A68C588} - C:\Program Files\SMART Technologies\Education Software\SyncIEToolbar.dll (SMART Technologies ULC.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\bk86vv7l.boris
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentatio

so!

starker Virenverdacht, langsamer Rechner

Plagegeister aller Art und deren Bekämpfung: starker Virenverdacht, langsamer Rechner

starker Virenverdacht, langsamer Rechner

Ähnliche Themen: starker Virenverdacht, langsamer Rechner