Also ich hab mir wie es scheint einige (viele) Browser Highjacker eingefangen. Darunter das gute alte monstermarketplace (+safersurf4free). Auf jeden Fall schickt mich das Virus nicht automatisch auf die Seite, sondern wenn ich nach etwas suche erscheint oben z.b. "looking for ......?" von monstermarketplace. Aber auch das nicht IMMER. :wtf: Und wenn ich speciel für Viren bezogene Sachen suche kommen seit 2 tagen auch avira, antivirus.fsecure und seit heute fake Norton und Kaspary seiten. Es gibt auch noch einige mehr :heulen: . Gott sei dank aber werden diese Gelb eingekastelt, so das ich weis das das Virus mich fehlleiten will. Mein problem ist aber, ich werde die Dinger einfach nicht mehr los. Ich benutze Chrome.
Norton findet nichts. (2013, im Laden gekauft und kompleter Systemscan)
Ich hab auch die schritte bei
http://www.trojaner-board.de/129825-...anfaenger.html (sorry, aber irgendwie krieg ich keinen externen Link her) befolgt. Jetzt hab ich gelesen das man das nicht machen sollte, aber jetzt sind die Informationen die ich vorhin bei diesen ganzen Programmen erhalten habe weg....
Aber ich glaube ich weis wo einige Viren sind. Wenn ich auf meinen C:/ Ordner geh sind die ersten Ergebnis folgende Ordner;
C:\0ff57a5930f400f0c8d2cf7b33ce5a12
C:\1a7b77b06d99019d190e61
C:\1a7b77b06d99019d190e61 (mit mrtstub)
C:\8c39e961136a2721fbb77b5032
und C:\890281e2f5e911f3940d
Löschen hilft da nichts.
Ich denke das dass eigentliche Problem war das ich Norton während den Scanns an hatte...
Außerdem hab ich dieses "Malewarebites-Anti Maleware" Programm benutzt und drei Sachen löschen/isolieren lassen. Hab gelesen das man auch das nicht sollte.
Was soll ich jetzt machen? Kann man diese Drecksdinger noch irgendwie loswerden? Oder muss ich den PC neu aufsetzen? Ich denke nämlich das dass eigentliche Problem war das ich Norton während den Scanns an hatte... Könnte mir da bitte irgendwer helfen? Ich kenne mich nicht aus, und bin schon total am verzweifeln.
Ach ja, hier noch die logfiles vom ZWEITEN mal durchscannen;
ADWCleaner
Code:
# AdwCleaner v2.114 - Datei am 11/03/2013 um 18:47:14 erstellt
# Aktualisiert am 05/03/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Lino - LINOS-HP-SCHATZ
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Lino\Downloads\AdwCleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v [Version kann nicht ermittelt werden]
Datei : C:\Users\Lino\AppData\Roaming\Mozilla\Firefox\Profiles\jq11owgg.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v25.0.1364.152
Datei : C:\Users\Lino\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Opera v [Version kann nicht ermittelt werden]
Datei : C:\Users\Lino\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [1058 octets] - [11/03/2013 18:47:14]
########## EOF - C:\AdwCleaner[S1].txt - [1118 octets] ##########
Checkup
Code:
Results of screen317's Security Check version 0.99.61
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java(TM) 6 Update 22
Java(TM) 6 Update 31
Java 7 Update 9
Java version out of Date!
Adobe Flash Player 11.6.602.171
Adobe Reader 10.1.6 Adobe Reader out of Date!
Google Chrome 25.0.1364.152
Google Chrome 25.0.1364.97
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Symantec Norton Online Backup NOBuAgent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
attach
Code:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 19.03.2011 19:22:54
System Uptime: 11.03.2013 18:57:20 (1 hours ago)
.
Motherboard: MSI | | 2A9C
Processor: Intel(R) Core(TM) i7 CPU 870 @ 2.93GHz | CPU 1 | 2376/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 1384 GiB total, 805,294 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 1,673 GiB free.
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1504: 11.03.2013 17:54:57 - Ende der Bereinigung
RP1505: 11.03.2013 18:07:00 - Removed Java(TM) 7 (64-bit)
RP1506: 11.03.2013 18:08:29 - Removed Java(TM) 6 Update 31
RP1507: 11.03.2013 18:09:28 - Removed Java(TM) 6 Update 22
RP1508: 11.03.2013 18:10:28 - Removed Java 7 Update 9
RP1509: 11.03.2013 18:13:05 - Removed Skype™ 5.10
RP1510: 11.03.2013 18:15:37 - Konfiguriert Power2Go
RP1511: 11.03.2013 18:28:31 - Removed DisplayLink Core Software
RP1512: 11.03.2013 18:32:18 - Removed DisplayLink Core Software
RP1513: 11.03.2013 18:36:03 - Removed Skype™ 5.10
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Flash Professional CS6
Adobe Help Manager
Adobe Reader X (10.1.6) - Deutsch
Agatha Christie - Death on the Nile
Amnesia: The Dark Descent
aonFTP
aonUpdate
ARMA 2
Arma 2 Army of The Czech Republic (LITE) Uninstall
ARMA 2: British Armed Forces
ARMA 2: British Armed Forces - Data cache removal
ARMA 2: Operation Arrowhead
ARMA 2: Operation Arrowhead Beta
ARMA 2: Private Military Company
ARMA 2: Private Military Company - Data cache removal
µTorrent
AVS Screen Capture version 2.0.1
AVS Update Manager 1.0
AVS Video Editor 6
AVS Video Recorder 2.4
AVS4YOU Software Navigator 1.4
Battle Mages: Sign of Darkness
Battlefield 1918
Battlefield 1942
Battlefield 1942: Secret Weapons of WWII
Battlefield 2(TM)
Battlefield Heroes (Lino)
BattlEye (A2Free) Uninstall
BattlEye for OA Uninstall
Bejeweled 2 Deluxe
CDBurnerXP
Chivalry: Medieval Warfare
Chuzzle Deluxe
Controller
Corel Graphics - Windows Shell Extension
Corel Graphics - Windows Shell Extension 64 Bit
CorelDRAW Graphics Suite X6
CorelDRAW Graphics Suite X6 - Capture
CorelDRAW Graphics Suite X6 - Common
CorelDRAW Graphics Suite X6 - Connect
CorelDRAW Graphics Suite X6 - Custom Data
CorelDRAW Graphics Suite X6 - DE
CorelDRAW Graphics Suite X6 - Draw
CorelDRAW Graphics Suite X6 - Filters
CorelDRAW Graphics Suite X6 - FontNav
CorelDRAW Graphics Suite X6 - IPM
CorelDRAW Graphics Suite X6 - PHOTO-PAINT
CorelDRAW Graphics Suite X6 - Photozoom Plugin
CorelDRAW Graphics Suite X6 - Redist
CorelDRAW Graphics Suite X6 - Setup Files
CorelDRAW Graphics Suite X6 - VBA
CorelDRAW Graphics Suite X6 - VideoBrowser
CorelDRAW Graphics Suite X6 - VSTA
CorelDRAW Graphics Suite X6 - Writing Tools
Counter-Strike: Source
Creation Kit
CyberLink DVD Suite Deluxe
D3DX10
DayZ Commander
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DesertCombat 0.7
Die Gilde 2 - Gold Edition
Die Schlacht um Mittelerde™ II
Die Sims™ 3
Die Sims™ 3 "Erstelle eine Welt"-Tool - Beta
Die Sims™ 3 Einfach tierisch
Die Sims™ 3 Erstelle ein Muster-Tool
Die Sims™ 3 Jahreszeiten
Die Sims™ 3 Late Night
Die Sims™ 3 Lebensfreude
Die Sims™ 3 Traumkarrieren
Diner Dash 2 Restaurant Rescue
DVD Menu Pack for HP MediaSmart Video
FATE
Fire Department
Flight Simulator X
Flight Simulator X Service Pack 1
Fraps (remove only)
Free YouTube Download version 3.1.42.1212
GameSpy Arcade
GIMP 2.8.4
Google Chrome
Google Update Helper
Grand Ages Rome 1.11
Grand Theft Auto IV
Grand Theft Auto San Andreas
Grand Theft Auto: Episodes from Liberty City
Half-Life 2
Half-Life 2: Episode One
Half-Life 2: Episode Two
Haunt 1.0 64bit
Hewlett-Packard ACLM.NET v1.2.1.1
Hi-Rez Studios Authenticate and Update Service
Highspeed-Internet-Installation
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
HP Advisor
HP Customer Experience Enhancements
HP Game Console
HP Games
HP MediaSmart DVD
HP MediaSmart Music
HP MediaSmart Photo
HP MediaSmart SmartMenu
HP MediaSmart Video
HP Odometer
HP Setup
HP Support Assistant
HP Support Information
HP Update
HP Vision Hardware Diagnostics
Hunting Unlimited 2010
Imperium Romanum 1.04 Gold Edition
Insaniquarium Deluxe
Intel(R) Management Engine Components
Jewel Quest II
Jewel Quest Solitaire
John Deere Drive Green
Junk Mail filter update
Just Cause 2
LabelPrint
Left 4 Dead 2
LEGO® Star Wars™: Die Komplette Saga
LEGO® Star Wars™: The Complete Saga
LightScribe System Software
LIMBO
LIMBO Demo
Mafia
Mafia II
Magic Desktop
Mesh Runtime
Messenger Companion
Metro 2033
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended DEU Language Pack
Microsoft Application Error Reporting
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Flight Simulator X
Microsoft Flight Simulator X: Acceleration
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010
Microsoft Office Excel MUI (German) 2010
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (German) 2010
Microsoft Office Outlook MUI (German) 2010
Microsoft Office PowerPoint MUI (German) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared 64-bit MUI (German) 2010
Microsoft Office Shared MUI (German) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (German) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual Basic for Applications 7.1 (x86)
Microsoft Visual Basic for Applications 7.1 (x86) German
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU
Microsoft WSE 3.0 Runtime
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Mirror's Edge™
Morrowind
Movie Theme Pack for HP MediaSmart Video
MSVCRT
MSVCRT Redists
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MyTools
NehrimUninstaller
Nexus Mod Manager
Norton Internet Security
Norton Online Backup
NVIDIA 3D Vision Controller-Treiber 306.97
NVIDIA 3D Vision Treiber 306.97
NVIDIA Display Control Panel
NVIDIA Grafiktreiber 306.97
NVIDIA HD-Audiotreiber 1.3.18.0
NVIDIA Install Application
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
NVIDIA Systemsteuerung 306.97
NVIDIA Update 1.10.8
NVIDIA Update Components
Oblivion
OpenAL
Origin
Pando Media Booster
PARANORMAL - BETA 4
PAYDAY: The Heist
PDF Complete Special Edition
PDF Settings CS6
Penguins!
Penumbra
PhotoNow!
PlanetSide 2
Plants vs. Zombies
Play withSIX
PlayReady PC Runtime amd64
Polar Bowler
POSTAL 2 Complete
Postal 2 Demo
Power2Go
PowerDirector
PunkBuster Services
Realtek High Definition Audio Driver
Recovery Manager
Red Orchestra 2: Heroes of Stalingrad
Republic at War - Deutsch 1.1
Republic at War 1.1
RollerCoaster Tycoon 3
S.T.A.L.K.E.R.: Shadow of Chernobyl
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Slingo Deluxe
SPORE™
Star Wars Empire at War
Star Wars Empire at War Forces of Corruption
Star Wars: Knights of the Old Republic
Steam
Stronghold 2 Deluxe
TeamSpeak 3 Client
TES Construction Set
The Elder Scrolls V: Skyrim
The Simpsons Hit & Run(TM)
The Ultimate DOOM
Thief: Deadly Shadows
Tropico 4 1.00
Universe Sandbox
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Vegas Pro 10.0
Virtual Villagers - The Secret City
Wedding Dash
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Fotogalerie
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX control for remote connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.11 (64-Bit)
WinZip 16.0
Xfire (remove only)
Zuma Deluxe
.
==== End Of File ===========================
dds
Code:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514
Run by Lino at 19:07:07 on 2013-03-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.43.1031.18.12247.9822 [GMT 1:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Windows\system32\taskhost.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.1.0.24\ccSvcHst.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.1.0.24\ccSvcHst.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uWindow Title = A1 Telekom Austria TA AG
uSearch Page = hxxp://www.telekom.at/suche
mStart Page = hxxp://www.google.com
mSearchAssistant = hxxp://www.google.com
uURLSearchHooks: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: {0931BD3F-547E-45C1-B133-D0E995645DBA} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.1.0.24\CoIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.1.0.24\IPS\IPSBHO.dll
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.1.0.24\CoIEPlg.dll
uRun: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
uRun: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Steam] "C:\Program Files (x86)\Stam\steam.exe" -silent
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
uRun: [AdobeBridge] <no file>
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
StartupFolder: C:\Users\Lino\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
mPolicies-System: EnableSecureUIAPath = dword:1
IE: An OneNote s&enden - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - C:\Users\Lino\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - <no file>
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.110.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} - hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.53.2.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{7D5A217E-9DD0-4168-BBE9-01BEE99BA879} : DHCPNameServer = 10.0.0.138
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs=
SSODL: WebCheck - <orphaned>
SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.152\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 SMR210;Symantec SMR Utility Service 2.1.0;C:\Windows\System32\drivers\SMR210.SYS [2011-9-15 96376]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1401000.018\SymDS64.sys [2013-3-10 493216]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1401000.018\SymEFA64.sys [2013-3-10 1132192]
R1 acedrv09;acedrv09;C:\Windows\System32\drivers\acedrv09.sys [2011-4-1 134880]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20130301.001\BHDrvx64.sys [2013-3-1 1388120]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1401000.018\ccSetx64.sys [2013-3-10 168096]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20130308.001\IDSviA64.sys [2013-3-8 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1401000.018\Ironx64.sys [2013-3-10 224416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1401000.018\symnets.sys [2013-3-10 432800]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-7-15 8704]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.1.0.24\ccSvcHst.exe [2013-3-10 143928]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-2 2804568]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-11-17 635416]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-11-17 2320920]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-3-9 138912]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-11-17 56344]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2012-1-29 250984]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-29 413800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 ezSharedSvc;Easybits Services for Windows; [x]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-1-16 45056]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-5-29 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-28 59392]
S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-23 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-03-11 16:51:51 -------- d-----w- C:\Windows\ERUNT
2013-03-11 15:53:41 -------- d-----w- C:\Users\Lino\AppData\Local\{5C9DE9FB-2E16-422A-A4E7-ECA448DC5651}
2013-03-10 18:18:42 776352 ----a-r- C:\Windows\System32\drivers\NISx64\1401000.018\srtsp64.sys
2013-03-10 18:18:42 493216 ----a-r- C:\Windows\System32\drivers\NISx64\1401000.018\SymDS64.sys
2013-03-10 18:18:42 432800 ----a-r- C:\Windows\System32\drivers\NISx64\1401000.018\symnets.sys
2013-03-10 18:18:42 37496 ----a-r- C:\Windows\System32\drivers\NISx64\1401000.018\srtspx64.sys
2013-03-10 18:18:42 23448 ----a-r- C:\Windows\System32\drivers\NISx64\1401000.018\SymELAM.sys
2013-03-10 18:18:42 1132192 ----a-r- C:\Windows\System32\drivers\NISx64\1401000.018\SymEFA64.sys
2013-03-10 18:18:41 224416 ----a-r- C:\Windows\System32\drivers\NISx64\1401000.018\Ironx64.sys
2013-03-10 18:18:41 168096 ----a-r- C:\Windows\System32\drivers\NISx64\1401000.018\ccSetx64.sys
2013-03-10 18:18:09 -------- d-----w- C:\Windows\System32\drivers\NISx64\1401000.018
2013-03-09 18:51:48 -------- d-----w- C:\Users\Lino\AppData\Roaming\Canneverbe Limited
2013-03-09 18:51:48 -------- d-----w- C:\ProgramData\Canneverbe Limited
2013-03-09 18:27:16 -------- d-----w- C:\Users\Lino\AppData\Local\{B1DEADA7-E94A-441F-A68D-30173C3A784E}
2013-03-08 17:23:44 -------- d-----w- C:\Windows\System32\MpEngineStore
2013-03-08 17:22:43 -------- d-----w- C:\4c3afa1d91612de34882800ac3
2013-03-08 14:54:52 -------- d-----w- C:\Program Files\Enigma Software Group
2013-03-08 12:30:44 -------- d-----w- C:\Users\Lino\AppData\Local\{149EA161-2A33-4314-AC1B-81AAAF070AE0}
2013-03-07 14:12:18 -------- d-----w- C:\Users\Lino\AppData\Local\{85C8BF14-428F-478E-8B3F-B52BD4F0C234}
2013-03-06 12:16:22 -------- d-----w- C:\Users\Lino\AppData\Local\{7058F9E1-F903-4530-ADC5-75E11F447050}
2013-03-05 11:48:25 -------- d-----w- C:\Users\Lino\AppData\Local\{B4D70CB2-ED6D-4140-9D98-72030A45CAB8}
2013-03-04 13:53:05 -------- d-----w- C:\Users\Lino\AppData\Local\fontconfig
2013-03-04 13:53:04 -------- d-----w- C:\Users\Lino\.gimp-2.8
2013-03-04 13:53:03 -------- d-----w- C:\Users\Lino\AppData\Local\gegl-0.2
2013-03-04 13:52:05 -------- d-----w- C:\Program Files\GIMP 2
2013-03-04 12:20:32 -------- d-----w- C:\Users\Lino\AppData\Local\{66FF07BC-D205-4BA7-80C4-8B09FD86DBAD}
2013-03-03 15:38:40 -------- d-----w- C:\Users\Lino\AppData\Roaming\SPORE
2013-03-03 15:26:38 -------- d-----w- C:\Users\Lino\AppData\Local\{B76E4004-006B-4336-97B5-ABE7C24A223F}
2013-03-01 11:58:18 -------- d-----w- C:\Users\Lino\AppData\Local\{24AFC32A-7E3D-4982-9D7C-0CA2B8E3DA84}
2013-02-28 20:38:58 -------- d-----w- C:\ProgramData\Bohemia Interactive Studio
2013-02-28 16:53:47 -------- d-----w- C:\Users\Lino\AppData\Local\{12A5F638-08D9-41F9-AA7D-2299FA91DE0F}
2013-02-27 14:52:14 -------- d-----w- C:\Users\Lino\AppData\Local\{4864A5B0-9F3F-48A8-9A00-4B36A3C85D25}
2013-02-26 16:54:11 -------- d-----w- C:\Users\Lino\AppData\Local\{8057300A-0F4D-45D2-A8E9-BB2449B0D05B}
2013-02-25 16:12:00 -------- d-----w- C:\Users\Lino\AppData\Local\{E9C8E65D-CF1C-45CA-BAA8-E64510E48A45}
2013-02-22 06:24:18 -------- d-----w- C:\Users\Lino\AppData\Local\{0D73410A-6760-4166-9895-F95A5208F285}
2013-02-21 06:25:29 -------- d-----w- C:\Users\Lino\AppData\Local\{6CDEA75C-7CE4-49AC-A92D-F5E01D9BC959}
2013-02-20 12:02:23 -------- d-----w- C:\Users\Lino\AppData\Local\{08F1B97E-2DC3-4B5C-9AF1-A44EF6D14213}
2013-02-20 06:20:26 -------- d-----w- C:\Users\Lino\AppData\Local\{B6F1BCC8-7925-471A-AD88-DE5089BF3E93}
2013-02-19 16:36:33 -------- d-----w- C:\Users\Lino\AppData\Local\Programs
2013-02-19 16:23:25 -------- d-----w- C:\Users\Lino\AppData\Local\{C61C8DD9-2876-4C9C-A25C-E3240A5E268A}
2013-02-17 12:21:20 -------- d-----w- C:\Users\Lino\AppData\Local\{423ECC5B-3AE2-4380-BC6D-59E9A025A3CA}
2013-02-14 20:07:01 -------- d-----w- C:\Users\Lino\AppData\Local\{35943C4E-4601-49F1-A501-9FAA047F9721}
2013-02-14 11:48:39 -------- d-----w- C:\Users\Lino\AppData\Local\{A1BDC52E-CF53-4A48-88B2-95AF06227116}
2013-02-13 11:55:48 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-02-13 11:55:48 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-02-13 11:55:48 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-02-13 11:55:48 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-02-13 11:55:48 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-02-13 11:55:48 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-02-13 11:55:47 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-13 11:55:47 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-02-13 11:55:46 760320 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 11:55:46 1111040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 11:43:39 -------- d-----w- C:\Users\Lino\AppData\Local\{6D886194-3B14-481B-B0BA-A593A6625E37}
2013-02-12 11:06:22 -------- d-----w- C:\Users\Lino\AppData\Local\{C7E06E8B-A378-432B-837F-5B126EC28CC2}
2013-02-10 12:13:22 -------- d-----w- C:\Users\Lino\AppData\Local\{C1A5C915-7B6B-4889-AD27-9D3D924E673A}
.
==================== Find3M ====================
.
2013-03-10 18:22:36 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-02-27 20:45:09 71024 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-27 20:45:09 691568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-24 11:02:35 280792 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-02-24 11:02:35 280792 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-02-24 11:01:09 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll
2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll
2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll
2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll
2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll
2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll
2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll
2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll
2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll
2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll
2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll
2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll
2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys
2012-12-20 13:59:36 1188864 ----a-w- C:\Windows\System32\wininet.dll
2012-12-20 12:53:51 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-12-20 12:02:26 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-12-20 11:20:29 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
.
============= FINISH: 19:08:56,11 ===============
Lesestoff:
GMER herunter: (Dateiname zufällig) 
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
aswMBR.exe und speichere die Datei auf deinem Desktop.
TDSSKiller.exe und speichere diese Datei auf dem Desktop