Hallo erstmal,
vor kurzem hatte ich auf einmal eine Meldubng auf dem Desktop, die mir sagte, dass illegale Dateien auf meinem PC gefunden worden seien (Musik) und ich Geld überweisen solle, um weitere Probleme zu vermeiden. Ich konnte nichts machen, also auch keinen Taskmanager öffnen usw. Ich startete den PC dann neu und die Meldung war verschwunden, allerdings ist mein Desktop komplett schwarz und meine Taskleiste verschwunden. Außerdem kann ich auch nicht mehr auf dem Desktop oder auf irgendwelche Dateien rechtsklicken. Alles andere geht allerdings noch.
Die genaue Meldung, die zuerst angezeigt wurde, weiß ich leider nicht mehr, da sie wie gesagt seit dem Neustart weg war.
Ich habe übrigends ein 64-Bit System.
Hier ist meine DDS.txt:

Code: Alles auswählenAufklappen

ATTFilter

DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 8.0.7600.16385  BrowserJavaVersion: 1.6.0_26
Run by T0X at 18:10:54 on 2012-05-05
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.49.1031.18.4095.3270 [GMT 2:00]
.
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\explorer.exe
C:\Windows\system32\ctfmon.exe
D:\Mozilla Firefox\firefox.exe
D:\Mozilla Firefox\plugin-container.exe
C:\Windows\explorer.exe
C:\Windows\system32\conhost.exe
C:\Windows\explorer.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://shop.thefreevpn.com/home.php
uInternet Settings,ProxyOverride = local;*.local
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
uWinlogon: Shell=expstart.exe
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - D:\Orbit\orbitcth.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Windows Live Anmelde-Hilfsprogramm: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - D:\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm: {dda57003-0068-4ed2-9d32-4d1ec707d94d} - D:\MS Visual Studio 2010\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - D:\HotSpotShield\HssIE\HssIE.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - D:\Orbit\GrabPro.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: Webtestaufzeichnung 10.0: {5802d092-1784-4908-8cdb-99b6842d353d} - mscoree.dll
uRun: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\ds3\DS3_Tool.exe -mini
uRun: [AdobeBridge] 
uRun: [EADM] "C:\Program Files (x86)\Electronic Arts\EADM\EADMUI\EADMUI.exe"
uRun: [PlayNC Launcher] 
uRun: [RocketDock] "D:\RocketDock\RocketDock.exe"
uRun: [Google Update] "C:\Users\T0X\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [ICQ] "D:\ICQ\ICQ7.7\ICQ.exe" silent loginmode=4
uRun: [Sony PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
uRun: [Skype] "D:\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe Reader Speed Launcher] "D:\Adobe Reader\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "D:\ITunes\iTunesHelper.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
uExplorerRun: [Policies] C:\Users\T0X\AppData\Local\Temp\125.exe
mExplorerRun: [Policies] C:\Users\T0X\AppData\Local\Temp\125.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DYNDNS~1.LNK - D:\DynDNS Updater\DynTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Orbit.lnk - D:\Orbit\orbitdm.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - D:\Rainmeter\Rainmeter.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: NoViewContextMenu = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: &Download by Orbit - D:\Orbit\orbitmxt.dll/201
IE: &Grab video by Orbit - D:\Orbit\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - D:\Orbit\orbitmxt.dll/203
IE: Down&load all by Orbit - D:\Orbit\orbitmxt.dll/202
IE: Free YouTube Download - C:\Users\T0X\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - D:\ICQ\ICQ7.7\ICQ.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
LSP: C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
LSP: mswsock.dll
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{6D7423AE-3BAF-4C10-9701-C39D2FA5705E} : DhcpNameServer = 10.95.64.1
TCP: Interfaces\{FD1B8BCD-5B97-46C6-9E5A-34F3A7B790F5} : DhcpNameServer = 192.168.2.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - D:\IconPackager\iprepair.dll
SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4
mASetup: {IH2581C1-P868-3J17-24A6-R23KRICJ6E53} - C:\Users\T0X\AppData\Local\Temp\125.exe Restart
{000123B4-9B42-4900-B3F7-F4B073EFC214}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{326E768D-4182-46FD-9C16-1449A49795F4}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{DDA57003-0068-4ed2-9D32-4D1EC707D94D}
{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB-X64: {5802D092-1784-4908-8CDB-99B6842D353D} - No File
mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun-x64: [Adobe Reader Speed Launcher] "D:\Adobe Reader\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "D:\ITunes\iTunesHelper.exe"
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
IE-X64: {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - D:\ICQ\ICQ7.7\ICQ.exe
SSODL-X64: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - D:\IconPackager\iprepair.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\T0X\AppData\Roaming\Mozilla\Firefox\Profiles\db4hog50.default\
FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://shop.thefreevpn.com/home.php
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.7&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 52384
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Users\T0X\AppData\Roaming\Mozilla\Firefox\Profiles\db4hog50.default\extensions\{ca8b7b3d-b6e6-438f-b935-601b3de48d66}\platform\WINNT_x86-msvc\components\FFThrottle.dll
FF - component: D:\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Opera\program\plugins\np_gp.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\T0X\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: D:\Adobe Reader\Reader\browser\nppdf32.dll
FF - plugin: D:\DivX\DivX Player\npDivxPlayerPlugin.dll
FF - plugin: D:\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: D:\ITunes\Mozilla Plugins\npitunes.dll
FF - plugin: D:\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: D:\Mozilla Firefox\plugins\npyaxmpb.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
============= SERVICES / DRIVERS ===============
.
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys --> C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 pctDS;PC Tools Data Store;C:\Windows\system32\drivers\pctDS64.sys --> C:\Windows\system32\drivers\pctDS64.sys [?]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DynDNS Updater;DynDNS Updater;D:\DynDNS Updater\DynUpSvc.exe [2011-4-15 93048]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-1 136176]
S2 HssWd;Hotspot Shield Monitoring Service;D:\HotSpotShield\bin\hsswd.exe -product HSS --> D:\HotSpotShield\bin\hsswd.exe -product HSS [?]
S2 mi-raysat_3dsMax2008_64;mental ray 3.6 Satellite for Autodesk 3ds Max 2008 64-bit 64-bit;D:\Autodesk\3ds Max 08\64bit\mentalray\satellite\raysat_3dsMax2008_64server.exe [2007-9-24 65536]
S2 mi-raysat_3dsmax2010_64;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit;D:\Autodesk\3dsMax\mentalray\satellite\raysat_3dsmax2010_64server.exe [2009-3-12 86016]
S2 Radio.fx;Radio.fx Server;g:\Stuff\Tobit Radio.fx\Server\rfx-server.exe --> g:\Stuff\Tobit Radio.fx\Server\rfx-server.exe [?]
S2 SkypeUpdate;Skype Updater;D:\Skype\Updater\Updater.exe [2012-2-29 158856]
S2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-1-25 2250616]
S2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-2-23 2886528]
S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-3-20 1038088]
S3 gupdatem;Google Update-Dienst (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-1 136176]
S3 IlvMoneyDRIVER53;IlvMoneyDRIVER53;D:\Moonlight Engine\ME1320.sys [2010-10-14 30080]
S3 MotioninJoyUSBFilter;MotioninJoy USB Filter Driver;C:\Windows\system32\DRIVERS\MijUfilt.sys --> C:\Windows\system32\DRIVERS\MijUfilt.sys [?]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);C:\Windows\system32\DRIVERS\s0017bus.sys --> C:\Windows\system32\DRIVERS\s0017bus.sys [?]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s0017mdfl.sys --> C:\Windows\system32\DRIVERS\s0017mdfl.sys [?]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s0017mdm.sys --> C:\Windows\system32\DRIVERS\s0017mdm.sys [?]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s0017mgmt.sys --> C:\Windows\system32\DRIVERS\s0017mgmt.sys [?]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);C:\Windows\system32\DRIVERS\s0017nd5.sys --> C:\Windows\system32\DRIVERS\s0017nd5.sys [?]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s0017obex.sys --> C:\Windows\system32\DRIVERS\s0017obex.sys [?]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);C:\Windows\system32\DRIVERS\s0017unic.sys --> C:\Windows\system32\DRIVERS\s0017unic.sys [?]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;D:\Sandra Lite 2011\RpcAgentSrv.exe [2011-6-10 93848]
S3 sdAuxService;PC Tools Auxiliary Service;D:\Spyware Doctor\pctsAuxs.exe [2011-6-1 366840]
S3 sdCoreService;PC Tools Security Service;D:\Spyware Doctor\pctsSvc.exe [2011-6-1 1150936]
S3 skfiltv;skfiltv;C:\Windows\system32\drivers\skfiltv.sys --> C:\Windows\system32\drivers\skfiltv.sys [?]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2012-1-17 155344]
S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-3-8 155320]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VSPerfDrv100;Performance Tools Driver 10.0;D:\MS Visual Studio 2010\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-3-18 68440]
S4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;C:\Program Files (x86)\Microsoft SQL Server\100\Shared\sqladhlp.exe [2008-7-10 47128]
S4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-7-10 369688]
.
=============== Created Last 30 ================
.
2012-05-05 15:23:59	0	--sha-w-	C:\Windows\System32\dds_trash_log.cmd
2012-05-05 15:22:52	--------	d-----we	C:\Windows\system64
2012-04-26 22:55:53	--------	d-----w-	C:\Users\T0X\AppData\Local\Chromium
2012-04-24 22:07:14	--------	d-----w-	C:\Users\T0X\AppData\Local\PokerStars.NET
2012-04-24 18:00:45	--------	d-----w-	C:\Users\T0X\AppData\Roaming\pdfforge
2012-04-24 18:00:42	65024	----a-w-	C:\Windows\System32\pdfcmon.dll
2012-04-24 18:00:41	--------	d-----w-	C:\Program Files (x86)\PDFCreator
2012-04-19 13:39:09	925184	----a-w-	C:\Windows\expstart.exe
2012-04-19 13:38:35	3112448	----a-w-	C:\Windows\explorer.backup.exe
2012-04-19 13:38:35	--------	d-----w-	C:\Windows\W7SOC
2012-04-19 11:32:05	--------	d-----w-	C:\Windows\System32\Taskman
2012-04-19 11:27:45	--------	d-----w-	C:\Program Files (x86)\7tsp
2012-04-18 17:39:38	1233408	----a-w-	C:\Windows\System32\DeviceCenter.dll
2012-04-18 17:39:34	19098624	----a-w-	C:\Windows\System32\DDORes.dll
2012-04-18 11:57:21	--------	d-----w-	C:\Users\T0X\AppData\Roaming\Rainmeter
2012-04-06 00:07:23	--------	d-----w-	C:\Users\T0X\AppData\Roaming\X-Chat 2
2012-04-06 00:02:12	--------	d-----w-	C:\Users\T0X\AppData\Roaming\mIRC
.
==================== Find3M  ====================
.
2012-04-19 11:32:06	699904	----a-w-	C:\Windows\System32\taskmgr.exe
2012-04-19 11:25:23	332288	----a-w-	C:\Windows\System32\uxtheme.dll
2012-04-19 11:25:20	3125760	----a-w-	C:\Windows\System32\themeui.dll
2012-04-19 11:25:18	44544	----a-w-	C:\Windows\System32\themeservice.dll
2012-03-25 23:22:45	3993600	----a-w-	C:\Program Files (x86)\GUTDA2F.tmp
2012-03-12 23:06:51	28672	----a-w-	C:\Windows\SysWow64\NSREG.DLL
2012-02-20 19:42:04	33344	----a-w-	C:\Windows\System32\drivers\hamachi.sys
2006-05-03 11:06:54	163328	--sha-r-	C:\Windows\SysWOW64\flvDX.dll
2007-02-21 12:47:16	31232	--sha-r-	C:\Windows\SysWOW64\msfDX.dll
2008-03-16 14:30:52	216064	--sha-r-	C:\Windows\SysWOW64\nbDX.dll
2010-01-06 23:00:00	107520	--sha-r-	C:\Windows\SysWOW64\TAKDSDecoder.dll
.
============= FINISH: 18:11:49,35 ===============
         

--- --- ---


Attach.txt befindet sich im Anhang.

Vielen Dank im Voraus

Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code: Alles auswählenAufklappen

ATTFilter

 hier steht das Log