Nav-link eingefangen und ich werd ihn nicht mehr los

mjoelmir · 10.11.2013, 10:03

so wie gewünscht ausgeführt und hier die log-datei

Code:

ATTFilter

ComboFix 13-11-07.01 - kiwiworld 11/10/2013   9:38.1.2 - x86
ausgeführt von:: c:\users\kiwiworld\Desktop\ComboFix.exe
AV: G Data InternetSecurity 2014 *Enabled/Updated* {545C8713-0744-B079-87F8-349A6D5C8CF0}
FW: G Data Personal Firewall *Disabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
SP: G Data InternetSecurity 2014 *Enabled/Updated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Acer\Acer Bio Protection\PwdFilter.dll
c:\programdata\Roaming
c:\programdata\xmlA8CD.tmp
c:\programdata\xmlA96A.tmp
c:\users\kiwiworld\AppData\Roaming\.#
c:\users\kiwiworld\Desktop\Disk Defrag.lnk
D:\autorun.inf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-10-10 bis 2013-11-10  ))))))))))))))))))))))))))))))
.
.
2013-11-09 01:55 . 2013-11-09 01:55	--------	d-----w-	c:\program files\Softonic
2013-11-09 01:54 . 2013-11-09 01:54	--------	d-----w-	c:\users\kiwiworld\AppData\Roaming\Softonic
2013-11-09 01:07 . 2013-11-09 01:07	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{AD0A7A9D-EAD1-403D-8EE6-3D67438D5F63}\offreg.dll
2013-11-08 17:38 . 2013-11-08 17:38	--------	d-----w-	C:\FRST
2013-11-08 05:41 . 2013-10-14 06:39	7796464	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{AD0A7A9D-EAD1-403D-8EE6-3D67438D5F63}\mpengine.dll
2013-11-08 00:50 . 2013-11-08 01:13	--------	d-----w-	C:\AdwCleaner
2013-11-07 21:41 . 2013-11-07 21:41	--------	d-----w-	c:\windows\system32\wbem\MOF\good
2013-11-07 21:41 . 2013-11-07 21:41	--------	d-----w-	c:\windows\system32\wbem\MOF\bad
2013-11-07 21:05 . 2013-11-07 21:06	--------	d-----w-	c:\windows\220FB0354744483A9A0B41DF77061583.TMP
2013-11-07 17:14 . 2013-11-07 17:14	--------	d-----w-	c:\users\kiwiworld\AppData\Roaming\eCyber
2013-11-07 16:03 . 2013-11-07 16:03	--------	d-----w-	c:\program files\Enigma Software Group
2013-10-25 22:54 . 2013-10-11 15:52	22328	----a-w-	c:\windows\system32\authuitu.dll
2013-10-25 22:54 . 2013-10-11 15:52	30520	----a-w-	c:\windows\system32\uxtuneup.dll
2013-10-21 19:51 . 2013-10-21 19:51	--------	d-----w-	c:\windows\Hewlett-Packard
2013-10-17 02:40 . 2013-10-17 02:40	--------	d-----w-	c:\program files\Hewlett-Packard
2013-10-17 01:49 . 2013-11-04 09:05	--------	d-----w-	c:\users\kiwiworld\AppData\Roaming\HpUpdate
2013-10-17 01:49 . 2012-10-17 02:04	580712	------w-	c:\windows\system32\HPDiscoPM5912.dll
2013-10-17 01:45 . 2013-10-17 03:05	--------	d-----w-	c:\programdata\HP
2013-10-17 01:44 . 2013-10-21 19:51	--------	d-----w-	c:\program files\HP
2013-10-17 01:43 . 2013-10-17 02:13	--------	d-----w-	c:\users\kiwiworld\AppData\Local\HP
2013-10-14 03:14 . 2013-10-14 03:14	--------	d-----w-	c:\program files\Free Video Converter
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-22 22:45 . 2013-04-02 23:31	54104	----a-w-	c:\windows\system32\drivers\gdwfpcd32.sys
2013-10-14 23:44 . 2012-06-18 00:41	16048	----a-w-	c:\windows\system32\drivers\GdPhyMem.sys
2013-10-14 23:44 . 2012-03-29 22:43	30040	----a-w-	c:\windows\system32\drivers\GRD.sys
2013-10-14 03:37 . 2012-04-01 02:22	692616	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-10-14 03:37 . 2011-05-26 05:09	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-11 15:53 . 2013-01-29 12:53	32568	----a-w-	c:\windows\system32\TURegOpt.exe
2013-09-30 10:20 . 2012-03-29 15:30	52056	----a-w-	c:\windows\system32\drivers\PktIcpt.sys
2013-09-30 10:20 . 2013-04-02 23:31	51032	----a-w-	c:\windows\system32\drivers\HookCentre.sys
2013-09-30 10:20 . 2013-04-02 23:31	96600	----a-w-	c:\windows\system32\drivers\MiniIcpt.sys
2013-09-30 10:20 . 2013-04-02 23:31	45912	----a-w-	c:\windows\system32\drivers\GDBehave.sys
2013-09-22 10:22 . 2013-10-10 01:18	1800704	----a-w-	c:\windows\system32\jscript9.dll
2013-09-22 10:14 . 2013-10-10 01:18	1427968	----a-w-	c:\windows\system32\inetcpl.cpl
2013-09-22 10:13 . 2013-10-10 01:18	1129472	----a-w-	c:\windows\system32\wininet.dll
2013-09-22 10:08 . 2013-10-10 01:18	142848	----a-w-	c:\windows\system32\ieUnatt.exe
2013-09-22 10:06 . 2013-10-10 01:18	420864	----a-w-	c:\windows\system32\vbscript.dll
2013-09-22 10:03 . 2013-10-10 01:18	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2013-09-03 12:35 . 2010-04-21 02:10	238872	------w-	c:\windows\system32\MpSigStub.exe
2013-08-29 07:36 . 2013-10-10 00:40	2050048	----a-w-	c:\windows\system32\win32k.sys
2013-08-27 02:47 . 2013-10-10 00:41	219648	----a-w-	c:\windows\system32\d3d10_1core.dll
2013-08-27 02:47 . 2013-10-10 00:41	189952	----a-w-	c:\windows\system32\d3d10core.dll
2013-08-27 02:47 . 2013-10-10 00:41	1029120	----a-w-	c:\windows\system32\d3d10.dll
2013-08-27 02:47 . 2013-10-10 00:41	160768	----a-w-	c:\windows\system32\d3d10_1.dll
2013-08-27 01:52 . 2013-10-10 00:41	1172480	----a-w-	c:\windows\system32\d3d10warp.dll
2013-08-27 01:50 . 2013-10-10 00:41	486400	----a-w-	c:\windows\system32\d3d10level9.dll
2013-08-27 01:32 . 2013-10-10 00:41	683008	----a-w-	c:\windows\system32\d2d1.dll
2013-08-27 01:28 . 2013-10-10 00:41	1069056	----a-w-	c:\windows\system32\DWrite.dll
2013-08-27 01:28 . 2013-10-10 00:41	798208	----a-w-	c:\windows\system32\FntCache.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-03-04 21:38	121392	----a-w-	c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GDFirewallTray"="c:\program files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2013-03-22 1854928]
"G Data AntiVirus Tray"="c:\program files\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2013-08-21 1444472]
"G Data ASM"="c:\program files\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" [2013-02-25 472016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000]
2008-11-22 13:32	2972160	----a-w-	c:\program files\Acer\Acer Bio Protection\WinNotify.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06	958576	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2013-05-08 21:20	41056	----a-w-	c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-01-05 08:18	133432	----a-w-	c:\program files\ICQ7.2\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-11-10 23:40	421160	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ Malwarebytes Anti-Malware  (reboot)]
2012-09-07 15:04	981656	----a-w-	c:\program files\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-10-11 10:45	75304	----a-w-	c:\program files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 01:59	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-09-28 11:16	185896	----a-w-	c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-08-29 04:07	202256	----a-w-	c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2011-04-22 12:21	247728	----a-w-	c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2008-01-21 02:25	202240	----a-w-	c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe"
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
"EPLTarget\P0000000000000000"=c:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIIJE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-402 403 405 406 Series"
"Google Update"="c:\users\kiwiworld\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Kernel and Hardware Abstraction Layer"=KHALMNPR.EXE
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"VideoDownloadConverter_4z Browser Plugin Loader"=c:\progra~1\VideoDownloadConverter_4z\bar\1.bin\4zbrmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
S3 A310;AVerMedia A310 DVB-T;c:\windows\system32\DRIVERS\AVerA310USB.sys [2008-04-15 25856]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-06 02:29]
.
2013-11-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-06 02:29]
.
2013-05-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-485027278-497386408-33880506-1000Core.job
- c:\users\kiwiworld\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-27 07:09]
.
2013-05-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-485027278-497386408-33880506-1000UA.job
- c:\users\kiwiworld\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-27 07:09]
.
2013-11-06 c:\windows\Tasks\ReclaimerUpdateFiles_kiwiworld.job
- c:\users\kiwiworld\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-10-21 04:06]
.
2013-11-07 c:\windows\Tasks\ReclaimerUpdateXML_kiwiworld.job
- c:\users\kiwiworld\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-10-21 04:06]
.
2013-10-26 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_kiwiworld.job
- c:\users\kiwiworld\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-10-21 04:06]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=924b312300000000000000215d4c3dd6
mStart Page = about:blank
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\kiwiworld\AppData\Roaming\Mozilla\Firefox\Profiles\sca7w9kz.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: network.proxy.gopher - 
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-10-17 04:40; hpwebprint@hpwebprint.com; c:\users\kiwiworld\AppData\Roaming\Mozilla\Firefox\Profiles\sca7w9kz.default\extensions\hpwebprint@hpwebprint.com
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=924b312300000000000000215d4c3dd6&q=
FF - user.js: extensions.Softonic.id - 924b312300000000000000215d4c3dd6
FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D}
FF - user.js: extensions.Softonic.instlDay - 16018
FF - user.js: extensions.Softonic.vrsn - 1.8.21.14
FF - user.js: extensions.Softonic.vrsni - 1.8.21.14
FF - user.js: extensions.Softonic.vrsnTs - 1.8.21.142:55
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - OC
FF - user.js: extensions.Softonic.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - opencandy2013
FF - user.js: extensions.Softonic.instlRef - MOY00621
FF - user.js: extensions.Softonic.dfltLng - de
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.ffxUnstlRst - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic.rvrt - false
FF - user.js: extensions.Softonic.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=924b312300000000000000215d4c3dd6
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.dnsErr - true
FF - user.js: extensions.Softonic.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=924b312300000000000000215d4c3dd6
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
MSConfigStartUp-4-Day Forecast - c:\program files\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe
MSConfigStartUp-EEventManager - c:\program files\Epson Software\Event Manager\EEventManager.exe
MSConfigStartUp-ehTray - c:\windows\ehome\ehTray.exe
MSConfigStartUp-vProt - c:\program files\AVG Secure Search\vprot.exe
AddRemove-AVerMedia A310 (MiniCard, DVB-T) - c:\program files\AVerMedia\AVerMedia A310 (MiniCard
AddRemove-Free YouTube to iPhone Converter_is1 - c:\program files\Common Files\DVDVideoSoft\lib\Uninstall.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-11-10 09:54
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-485027278-497386408-33880506-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:60,a6,06,9b,3b,3b,82,1c,5e,21,bb,bc,95,de,9d,6a,fb,c6,d1,5b,66,41,67,
   f6,21,46,b3,29,85,65,b0,08,dd,70,f5,01,38,2a,da,51,75,95,4c,2c,7b,71,11,36,\
"??"=hex:68,b5,9e,a3,c6,77,0c,85,e1,23,49,43,81,f9,ea,35
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(6024)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\windows\system32\btncopy.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\G Data\GDScan\GDScan.exe
c:\program files\G Data\InternetSecurity\AVK\AVKWCtl.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\rundll32.exe
c:\program files\Acer\Acer Bio Protection\CompPtcVUI.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\G Data\AVKProxy\AVKProxy.exe
c:\program files\G Data\InternetSecurity\AVK\AVKService.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\Acer\Acer Bio Protection\BASVC.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
c:\program files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\system32\conime.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-11-10  09:58:38 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-11-10 08:58
.
Vor Suchlauf: 13 Verzeichnis(se), 69,282,197,504 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 68,954,132,480 Bytes frei
.
- - End Of File - - A9AC67EB312769359B2C0380357E5709
7BA4C7EA1EF33A92F5F01BE63EDACB6A

Nav-link eingefangen und ich werd ihn nicht mehr los

Plagegeister aller Art und deren Bekämpfung: Nav-link eingefangen und ich werd ihn nicht mehr los

Nav-link eingefangen und ich werd ihn nicht mehr los

Ähnliche Themen: Nav-link eingefangen und ich werd ihn nicht mehr los