Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Nav-link eingefangen und ich werd ihn nicht mehr los

Nav-link eingefangen und ich werd ihn nicht mehr los


Plagegeister aller Art und deren Bekämpfung: Nav-link eingefangen und ich werd ihn nicht mehr los

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 14.11.2013, 04:48   #9
mjoelmir
 
Nav-link eingefangen und ich werd ihn nicht mehr los - Standard

Nav-link eingefangen und ich werd ihn nicht mehr los


so bericht von ADWCLEANER


Code:
ATTFilter
# AdwCleaner v3.012 - Bericht erstellt am 14/11/2013 um 04:40:05
# Updated 11/11/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : kiwiworld - KIWIWORLD-PC
# Gestartet von : C:\Users\kiwiworld\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gelöscht : HKLM\Software\Uniblue

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16520


-\\ Mozilla Firefox v25.0 (de)

[ Datei : C:\Users\kiwiworld\AppData\Roaming\Mozilla\Firefox\Profiles\sca7w9kz.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\kiwiworld\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [61138 octets] - [08/11/2013 01:50:28]
AdwCleaner[R1].txt - [3884 octets] - [13/11/2013 05:43:37]
AdwCleaner[R2].txt - [3718 octets] - [14/11/2013 04:37:29]
AdwCleaner[S0].txt - [10998 octets] - [08/11/2013 02:08:47]
AdwCleaner[S1].txt - [3639 octets] - [14/11/2013 04:40:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3699 octets] ##########

und wie danach noch gewünscht zum abschluss aller maßnahmen ein neuer FRST



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by kiwiworld (administrator) on KIWIWORLD-PC on 14-11-2013 04:46:51
Running from C:\Users\kiwiworld\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Arachnoid Biometrics Identification Group Corp.) C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
(Agere Systems) C:\Windows\system32\agrsmsvc.exe
(G Data Software AG) C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
(NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
() C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G Data Software AG) C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Google Inc.) C:\Users\kiwiworld\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
(CyberLink) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [GDFirewallTray] - C:\Program Files\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKLM\...\Run: [G Data AntiVirus Tray] - C:\Program Files\G Data\InternetSecurity\AVKTray\AVKTray.exe [1444472 2013-08-21] (G Data Software AG)
HKLM\...\Run: [G Data ASM] - C:\Program Files\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [472016 2013-02-25] (G Data Software AG)
Winlogon\Notify\AWinNotifyVitaKey MC3000: C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll (Arachnoid Biometrics Identification Group Corp.)
HKCU\...\Run: [Google Update] - C:\Users\kiwiworld\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-27] (Google Inc.)
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung)
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\RunOnce: [AcerScrSav] - 
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\RunOnce: [AcerScrSav] - 
HKU\Thomas\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Thomas\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe
HKU\Thomas\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [ 2008-01-21] (Microsoft Corporation)
HKU\Thomas\...\Run: [TomTomHOME.exe] - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [ 2011-04-22] (TomTom)
HKU\Thomas\...\Run: [Google Update] - C:\Users\kiwiworld\AppData\Local\Google\Update\GoogleUpdate.exe [ 2012-11-27] (Google Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart Print Helper - {FD6C6509-FE36-44B0-A917-6C2A0DDBDF88} - C:\Program Files\Hewlett-Packard\Smart Print 2.1\Espresso.dll (Hewlett-Packard)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\kiwiworld\AppData\Roaming\Mozilla\Firefox\Profiles\sca7w9kz.default
FF NewTab: about:blank
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.de
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.775 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.775 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.775 - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @VideoDownloadConverter_ScriptHelper.com/Plugin - C:\Program Files\VideoDownloadConverter\npVDCPlugin.dll No File
FF Plugin: @zylom.com/ZylomGamesPlayer - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\kiwiworld\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\kiwiworld\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FRITZ!Box AddOn - C:\Users\kiwiworld\AppData\Roaming\Mozilla\Firefox\Profiles\sca7w9kz.default\Extensions\fb_add_on@avm.de
FF Extension: HP Smart Print - C:\Users\kiwiworld\AppData\Roaming\Mozilla\Firefox\Profiles\sca7w9kz.default\Extensions\hpwebprint@hpwebprint.com
FF Extension: Flagfox - C:\Users\kiwiworld\AppData\Roaming\Mozilla\Firefox\Profiles\sca7w9kz.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF Extension: Flagfox - C:\Users\kiwiworld\AppData\Roaming\Mozilla\Firefox\Profiles\sca7w9kz.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}(925)
FF Extension: Textarea Cache - C:\Users\kiwiworld\AppData\Roaming\Mozilla\Firefox\Profiles\sca7w9kz.default\Extensions\{578e7caa-210f-4967-a0d3-88fe5b59a39f}
FF Extension: ImTranslator - C:\Users\kiwiworld\AppData\Roaming\Mozilla\Firefox\Profiles\sca7w9kz.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}(926)
FF Extension: personas - C:\Users\kiwiworld\AppData\Roaming\Mozilla\Firefox\Profiles\sca7w9kz.default\Extensions\personas@christopher.beard.xpi
FF Extension: support - C:\Users\kiwiworld\AppData\Roaming\Mozilla\Firefox\Profiles\sca7w9kz.default\Extensions\support@free-hideip.com.xpi
FF Extension: No Name - C:\Users\kiwiworld\AppData\Roaming\Mozilla\Firefox\Profiles\sca7w9kz.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Users\kiwiworld\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\kiwiworld\AppData\Local\Google\Chrome\Application\31.0.1650.48\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\kiwiworld\AppData\Local\Google\Chrome\Application\31.0.1650.48\pdf.dll ()
CHR Plugin: (Skype Toolbars) - C:\Users\kiwiworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Free Studio) - C:\Users\kiwiworld\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\np_dvs_plugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Winamp Application Detector) - C:\Program Files\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Zylom Plugin) - C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll (Zylom)
CHR Plugin: (NPCIG.dll) - C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll No File
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Classic Games) - C:\Users\KIWIWO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpckajjkmjncafjlkielcgheibdlnfgc\1.0_0
CHR Extension: (Sniper Team) - C:\Users\KIWIWO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgbbaloijjnkpigapgmocdpoblnlec\1.0.2_0
CHR Extension: (hxxp://www.diesiedleronline.de/de/spielen) - C:\Users\KIWIWO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iihdpmnmipgmfnkpdmbaakakljboeeoe\2013.8.9.41211_0
CHR Extension: (Calculator) - C:\Users\KIWIWO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkgoipeflibinmadcecedifdonakgalk\2.2_0
CHR Extension: (Curling) - C:\Users\KIWIWO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhalnajmigjnpjpdbpkpgfhekbjmolhp\1.0.10_0
CHR Extension: (Google Wallet) - C:\Users\KIWIWO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (World Clocks) - C:\Users\KIWIWO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjgoijhajhaahklokegbfnohialajpej\5.0_0
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx

========================== Services (Whitelisted) =================

R2 AVKProxy; C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe [1970296 2013-08-26] (G Data Software AG)
R2 AVKService; C:\Program Files\G Data\InternetSecurity\AVK\AVKService.exe [635000 2013-08-21] (G Data Software AG)
R2 AVKWCtl; C:\Program Files\G Data\InternetSecurity\AVK\AVKWCtl.exe [2101280 2013-10-15] (G Data Software AG)
S4 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [75048 2009-04-16] ()
S4 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-03-21] ()
R3 GDFwSvc; C:\Program Files\G Data\InternetSecurity\Firewall\GDFwSvc.exe [2373712 2013-10-17] (G Data Software AG)
R3 GDScan; C:\Program Files\Common Files\G Data\GDScan\GDScan.exe [695416 2013-08-22] (G Data Software AG)
R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3471360 2008-11-22] ()
S4 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] ()
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-04] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1729336 2013-10-11] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R3 A310; C:\Windows\System32\DRIVERS\AVerA310USB.sys [25856 2008-04-15] (AVerMedia TECHNOLOGIES, Inc.)
R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2008-11-22] (Alfa Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2009-01-28] ()
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146688 2008-04-25] (AuthenTec, Inc.)
R3 BDASwCap; C:\Windows\System32\drivers\AVerA310Cap.sys [42880 2008-04-15] (AVerMedia TECHNOLOGIES, Inc.)
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2012-12-13] (Windows (R) Win 7 DDK provider)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [61704 2011-03-18] (FTDI Ltd.)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [45912 2013-09-30] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [96600 2013-09-30] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [52056 2013-09-30] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd32.sys [54104 2013-10-22] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [30040 2013-10-15] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [51032 2013-09-30] (G Data Software AG)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [40560 2010-01-28] (Paragon Software Group)
R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] ()
R3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [40720 2009-06-17] (Logitech, Inc.)
R3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10384 2009-06-17] (Logitech, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2009-01-14] ()
R2 NTIPPKernel; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [122368 2008-01-16] (Cyberlink Corp.)
S3 SRS_AE_Service; C:\Windows\System32\drivers\SRS_AE_i386.sys [407368 2012-06-21] ()
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-07-19] (TuneUp Software)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Winbond Electronics Corporation)
S3 WSVD; C:\Windows\system32\drivers\WSVD.sys [75776 2007-12-16] (Wasay)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U2 DefragService.exe; 
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S1 iSafeNetFilter; \??\C:\Program Files\iSafe\iSafeNetFilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010c\WNt500x86\Sandra.sys [x]
U2 SUThemeService.exe; 
S0 TfFsMon; system32\drivers\TfFsMon.sys [x]
S3 TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [x]
S0 TfSysMon; system32\drivers\TfSysMon.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-14 02:27 - 2013-10-13 10:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 02:27 - 2013-10-13 10:29 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-14 02:27 - 2013-10-13 10:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-14 02:27 - 2013-10-13 10:25 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 02:27 - 2013-10-13 10:20 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 02:26 - 2013-10-13 11:42 - 12344832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 02:26 - 2013-10-13 11:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 02:26 - 2013-10-13 10:48 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 02:26 - 2013-10-13 10:37 - 01104896 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 02:26 - 2013-10-13 10:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-14 02:26 - 2013-10-13 10:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 02:26 - 2013-10-13 10:33 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-14 02:26 - 2013-10-13 10:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 02:26 - 2013-10-13 10:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-14 02:26 - 2013-10-13 10:27 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 02:26 - 2013-10-13 10:27 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 00:17 - 2013-10-11 03:08 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 00:17 - 2013-10-11 03:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 00:17 - 2013-10-11 01:39 - 00218228 _____ C:\Windows\system32\WFP.TMF
2013-11-14 00:17 - 2013-10-03 13:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 00:17 - 2013-10-03 13:45 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 05:43 - 2013-11-13 05:43 - 01085542 _____ C:\Users\kiwiworld\Desktop\adwcleaner.exe
2013-11-13 05:41 - 2013-11-13 05:41 - 00006106 _____ C:\Users\kiwiworld\Desktop\JRT-2.txt
2013-11-13 05:40 - 2013-11-13 05:40 - 00006106 _____ C:\Users\kiwiworld\Desktop\JRT.txt
2013-11-13 05:33 - 2013-11-13 05:33 - 01034531 _____ (Thisisu) C:\Users\kiwiworld\Downloads\JRT(1).exe
2013-11-12 18:24 - 2013-11-14 04:29 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-485027278-497386408-33880506-1000UA1cedfcc57e46a5.job
2013-11-11 09:48 - 2013-11-11 09:48 - 00000000 ____D C:\Windows\ERUNT
2013-11-11 09:47 - 2013-11-11 09:47 - 01034531 _____ (Thisisu) C:\Users\kiwiworld\Downloads\JRT.exe
2013-11-11 09:19 - 2013-11-11 09:19 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-11-10 09:58 - 2013-11-10 09:58 - 00020341 _____ C:\ComboFix.txt
2013-11-10 09:34 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-10 09:34 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-10 09:34 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-10 09:34 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-10 09:34 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-10 09:34 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-10 09:34 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-10 09:34 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-10 09:27 - 2013-11-10 09:58 - 00000000 ____D C:\Qoobox
2013-11-10 09:26 - 2013-11-10 09:57 - 00000000 ____D C:\Windows\erdnt
2013-11-10 09:25 - 2013-11-10 09:25 - 05145633 ____R (Swearware) C:\Users\kiwiworld\Desktop\ComboFix.exe
2013-11-08 18:52 - 2013-11-08 18:52 - 00031295 _____ C:\Users\kiwiworld\Desktop\Addition.txt
2013-11-08 18:46 - 2013-11-08 18:46 - 00037983 _____ C:\Users\kiwiworld\Downloads\FRST.txt
2013-11-08 18:41 - 2013-11-08 18:46 - 00031295 _____ C:\Users\kiwiworld\Downloads\Addition.txt
2013-11-08 18:38 - 2013-11-08 18:38 - 00000000 ____D C:\FRST
2013-11-08 18:36 - 2013-11-08 18:36 - 01089445 _____ (Farbar) C:\Users\kiwiworld\Desktop\FRST.exe
2013-11-08 01:50 - 2013-11-14 04:40 - 00000000 ____D C:\AdwCleaner
2013-11-08 01:22 - 2013-11-08 01:22 - 02753344 _____ (AVAST Software) C:\Users\kiwiworld\Downloads\avast-browser-cleanup_90.exe
2013-11-07 22:05 - 2013-11-07 22:06 - 00000000 ____D C:\Windows\220FB0354744483A9A0B41DF77061583.TMP
2013-11-07 21:44 - 2013-11-07 21:44 - 00074948 _____ C:\Users\kiwiworld\Downloads\Extras.Txt
2013-11-07 21:40 - 2013-11-07 21:40 - 00117124 _____ C:\Users\kiwiworld\Downloads\OTL.Txt
2013-11-07 21:04 - 2013-11-07 21:04 - 00602112 _____ (OldTimer Tools) C:\Users\kiwiworld\Downloads\OTL.exe
2013-11-07 18:14 - 2013-11-07 18:14 - 00000000 ____D C:\Users\kiwiworld\AppData\Roaming\eCyber
2013-11-07 17:03 - 2013-11-07 17:03 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-05 22:40 - 2013-11-05 22:41 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-10-28 23:28 - 2013-10-28 23:28 - 04379048 _____ (Piriform Ltd) C:\Users\kiwiworld\Downloads\ccsetup407.exe
2013-10-25 23:54 - 2013-10-11 16:52 - 00030520 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-10-25 23:54 - 2013-10-11 16:52 - 00022328 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-10-23 21:44 - 2013-10-23 21:44 - 00845448 _____ C:\Users\kiwiworld\Downloads\SCLiteFix_299026.exe
2013-10-23 21:44 - 2013-10-23 21:44 - 00000000 ____D C:\Users\kiwiworld\Documents\HpReg_Backup
2013-10-21 20:51 - 2013-10-21 20:51 - 00000000 ____D C:\Windows\Hewlett-Packard
2013-10-21 20:29 - 2013-11-06 17:33 - 00000386 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_kiwiworld.job
2013-10-21 20:29 - 2013-10-26 14:51 - 00000392 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_kiwiworld.job
2013-10-21 20:28 - 2013-11-07 21:36 - 00000382 _____ C:\Windows\Tasks\ReclaimerUpdateXML_kiwiworld.job
2013-10-17 04:18 - 2013-10-17 04:18 - 00000863 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2013-10-17 04:16 - 2013-10-17 04:16 - 14965064 _____ (Google Inc.) C:\Users\kiwiworld\Downloads\nw_28491_picasasetupexe.exe
2013-10-17 04:05 - 2013-10-23 22:39 - 00001759 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2013-10-17 04:04 - 2013-10-17 04:04 - 06110144 _____ C:\Users\kiwiworld\Downloads\HPPSdr.exe
2013-10-17 03:40 - 2013-10-17 03:40 - 00000000 ____D C:\Program Files\Hewlett-Packard
2013-10-17 03:39 - 2013-10-17 03:39 - 04993024 _____ C:\Users\kiwiworld\Downloads\HPSPSetup.msi
2013-10-17 03:28 - 2013-10-17 03:28 - 00001651 _____ C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
2013-10-17 03:28 - 2013-10-17 03:28 - 00000775 _____ C:\Users\Public\Desktop\IrfanView.lnk
2013-10-17 03:27 - 2013-10-17 03:27 - 02145888 _____ (Irfan Skiljan) C:\Users\kiwiworld\Downloads\iview436g_setup.exe
2013-10-17 02:49 - 2013-11-04 10:05 - 00000000 ____D C:\Users\kiwiworld\AppData\Roaming\HpUpdate
2013-10-17 02:49 - 2013-10-17 02:49 - 00002091 _____ C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk
2013-10-17 02:49 - 2013-10-17 02:49 - 00001031 _____ C:\Users\Public\Desktop\Shop für Zubehör - HP Officejet Pro 8600.lnk
2013-10-17 02:49 - 2012-10-17 03:04 - 00580712 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM5912.dll
2013-10-17 02:45 - 2013-10-17 04:05 - 00000000 ____D C:\ProgramData\HP
2013-10-17 02:44 - 2013-10-21 20:51 - 00000000 ____D C:\Program Files\HP
2013-10-17 02:44 - 2013-10-17 02:44 - 00000057 _____ C:\ProgramData\Ament.ini
2013-10-17 02:43 - 2013-10-17 03:13 - 00000000 ____D C:\Users\kiwiworld\AppData\Local\HP

==================== One Month Modified Files and Folders =======

2013-11-14 04:46 - 2012-05-27 03:43 - 01251367 _____ C:\Windows\WindowsUpdate.log
2013-11-14 04:46 - 2011-09-06 03:29 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-14 04:43 - 2008-12-26 03:01 - 00028219 _____ C:\ProgramData\nvModes.001
2013-11-14 04:43 - 2008-04-18 10:49 - 00000147 _____ C:\Windows\system32\agent.log
2013-11-14 04:43 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-14 04:43 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-14 04:43 - 2006-11-02 13:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-14 04:41 - 2006-11-02 14:01 - 00032584 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-14 04:40 - 2013-11-08 01:50 - 00000000 ____D C:\AdwCleaner
2013-11-14 04:29 - 2013-11-12 18:24 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-485027278-497386408-33880506-1000UA1cedfcc57e46a5.job
2013-11-14 04:00 - 2011-08-03 05:44 - 01483144 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-14 02:59 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-11-14 02:39 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-11-14 02:26 - 2008-04-18 10:18 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-14 02:06 - 2013-08-14 22:54 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 02:06 - 2006-11-02 11:24 - 80340640 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-11-13 18:29 - 2012-11-27 08:09 - 00000872 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-485027278-497386408-33880506-1000Core.job
2013-11-13 05:43 - 2013-11-13 05:43 - 01085542 _____ C:\Users\kiwiworld\Desktop\adwcleaner.exe
2013-11-13 05:41 - 2013-11-13 05:41 - 00006106 _____ C:\Users\kiwiworld\Desktop\JRT-2.txt
2013-11-13 05:40 - 2013-11-13 05:40 - 00006106 _____ C:\Users\kiwiworld\Desktop\JRT.txt
2013-11-13 05:33 - 2013-11-13 05:33 - 01034531 _____ (Thisisu) C:\Users\kiwiworld\Downloads\JRT(1).exe
2013-11-11 09:48 - 2013-11-11 09:48 - 00000000 ____D C:\Windows\ERUNT
2013-11-11 09:47 - 2013-11-11 09:47 - 01034531 _____ (Thisisu) C:\Users\kiwiworld\Downloads\JRT.exe
2013-11-11 09:19 - 2013-11-11 09:19 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2013-11-11 09:19 - 2013-07-16 02:06 - 00000000 ____D C:\Users\kiwiworld\Documents\SelfMV
2013-11-11 09:19 - 2013-07-05 18:00 - 00000000 ____D C:\Users\kiwiworld\AppData\Roaming\Samsung
2013-11-10 09:58 - 2013-11-10 09:58 - 00020341 _____ C:\ComboFix.txt
2013-11-10 09:58 - 2013-11-10 09:27 - 00000000 ____D C:\Qoobox
2013-11-10 09:58 - 2006-11-02 12:18 - 00000000 __RHD C:\Users\Default
2013-11-10 09:58 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Public
2013-11-10 09:57 - 2013-11-10 09:26 - 00000000 ____D C:\Windows\erdnt
2013-11-10 09:53 - 2006-11-02 11:23 - 00000215 _____ C:\Windows\system.ini
2013-11-10 09:51 - 2006-11-02 11:22 - 63438848 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-11-10 09:51 - 2006-11-02 11:22 - 38273024 _____ C:\Windows\system32\config\COMPONENTS.bak
2013-11-10 09:51 - 2006-11-02 11:22 - 29097984 _____ C:\Windows\system32\config\SYSTEM.bak
2013-11-10 09:51 - 2006-11-02 11:22 - 00786432 _____ C:\Windows\system32\config\DEFAULT.bak
2013-11-10 09:51 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-11-10 09:51 - 2006-11-02 11:22 - 00090112 _____ C:\Windows\system32\config\SAM.bak
2013-11-10 09:25 - 2013-11-10 09:25 - 05145633 ____R (Swearware) C:\Users\kiwiworld\Desktop\ComboFix.exe
2013-11-09 16:00 - 2012-11-15 12:30 - 00000000 ____D C:\Program Files\EPSON Software
2013-11-09 16:00 - 2009-01-15 21:08 - 00000000 ____D C:\Windows\Java
2013-11-09 06:24 - 2009-01-05 01:22 - 00000000 ____D C:\Users\kiwiworld\AppData\Roaming\Winamp
2013-11-09 04:39 - 2008-04-18 09:42 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-11-09 04:29 - 2009-06-11 17:09 - 00000000 ____D C:\Program Files\Canon
2013-11-09 04:22 - 2012-11-15 12:27 - 00000000 ____D C:\Program Files\Common Files\EPSON
2013-11-09 02:54 - 2011-07-17 00:05 - 00000000 ____D C:\Users\kiwiworld\AppData\Roaming\DVDVideoSoft
2013-11-08 18:52 - 2013-11-08 18:52 - 00031295 _____ C:\Users\kiwiworld\Desktop\Addition.txt
2013-11-08 18:46 - 2013-11-08 18:46 - 00037983 _____ C:\Users\kiwiworld\Downloads\FRST.txt
2013-11-08 18:46 - 2013-11-08 18:41 - 00031295 _____ C:\Users\kiwiworld\Downloads\Addition.txt
2013-11-08 18:38 - 2013-11-08 18:38 - 00000000 ____D C:\FRST
2013-11-08 18:36 - 2013-11-08 18:36 - 01089445 _____ (Farbar) C:\Users\kiwiworld\Desktop\FRST.exe
2013-11-08 02:08 - 2008-12-27 04:30 - 00000000 ____D C:\ProgramData\ICQ
2013-11-08 01:27 - 2009-03-22 03:45 - 00000000 ___RD C:\Program Files\Skype
2013-11-08 01:22 - 2013-11-08 01:22 - 02753344 _____ (AVAST Software) C:\Users\kiwiworld\Downloads\avast-browser-cleanup_90.exe
2013-11-07 22:41 - 2011-09-06 03:29 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-07 22:06 - 2013-11-07 22:05 - 00000000 ____D C:\Windows\220FB0354744483A9A0B41DF77061583.TMP
2013-11-07 21:44 - 2013-11-07 21:44 - 00074948 _____ C:\Users\kiwiworld\Downloads\Extras.Txt
2013-11-07 21:40 - 2013-11-07 21:40 - 00117124 _____ C:\Users\kiwiworld\Downloads\OTL.Txt
2013-11-07 21:36 - 2013-10-21 20:28 - 00000382 _____ C:\Windows\Tasks\ReclaimerUpdateXML_kiwiworld.job
2013-11-07 21:04 - 2013-11-07 21:04 - 00602112 _____ (OldTimer Tools) C:\Users\kiwiworld\Downloads\OTL.exe
2013-11-07 18:14 - 2013-11-07 18:14 - 00000000 ____D C:\Users\kiwiworld\AppData\Roaming\eCyber
2013-11-07 17:25 - 2011-03-27 09:18 - 00000145 _____ C:\Users\kiwiworld\Desktop\CD-Laufwerk.lnk
2013-11-07 17:03 - 2013-11-07 17:03 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-11-07 17:00 - 2008-12-29 01:35 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-11-06 17:33 - 2013-10-21 20:29 - 00000386 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_kiwiworld.job
2013-11-06 16:53 - 2012-04-26 21:30 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-05 22:41 - 2013-11-05 22:40 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-04 10:05 - 2013-10-17 02:49 - 00000000 ____D C:\Users\kiwiworld\AppData\Roaming\HpUpdate
2013-11-01 16:57 - 2013-06-27 20:01 - 00002296 _____ C:\Users\kiwiworld\Desktop\Postcrossing beste.lbx
2013-10-28 23:29 - 2010-11-04 09:40 - 00000768 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-10-28 23:29 - 2009-02-05 03:13 - 00000000 ____D C:\Program Files\CCleaner
2013-10-28 23:28 - 2013-10-28 23:28 - 04379048 _____ (Piriform Ltd) C:\Users\kiwiworld\Downloads\ccsetup407.exe
2013-10-26 14:51 - 2013-10-21 20:29 - 00000392 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_kiwiworld.job
2013-10-26 01:01 - 2010-10-16 05:51 - 00000000 ____D C:\Program Files\SlimComputer
2013-10-26 00:46 - 2010-08-20 23:49 - 00000000 ____D C:\Users\kiwiworld\AppData\Roaming\Canon
2013-10-26 00:46 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\twain_32
2013-10-25 23:54 - 2013-01-29 13:51 - 00000000 ____D C:\Program Files\TuneUp Utilities 2013
2013-10-25 23:54 - 2010-10-02 01:02 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-10-25 06:38 - 2013-08-18 08:40 - 00000000 ____D C:\Users\kiwiworld\Desktop\Scanner-Bilder
2013-10-23 22:53 - 2012-10-10 14:33 - 00000000 ____D C:\Users\kiwiworld\Desktop\Postcrossing
2013-10-23 22:39 - 2013-10-17 04:05 - 00001759 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2013-10-23 21:44 - 2013-10-23 21:44 - 00845448 _____ C:\Users\kiwiworld\Downloads\SCLiteFix_299026.exe
2013-10-23 21:44 - 2013-10-23 21:44 - 00000000 ____D C:\Users\kiwiworld\Documents\HpReg_Backup
2013-10-22 23:45 - 2013-05-14 20:37 - 00001811 _____ C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
2013-10-22 23:45 - 2013-04-03 00:31 - 00054104 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd32.sys
2013-10-21 20:51 - 2013-10-21 20:51 - 00000000 ____D C:\Windows\Hewlett-Packard
2013-10-21 20:51 - 2013-10-17 02:44 - 00000000 ____D C:\Program Files\HP
2013-10-17 05:02 - 2013-08-18 08:30 - 00000000 ____D C:\Users\kiwiworld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2013-10-17 04:18 - 2013-10-17 04:18 - 00000863 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2013-10-17 04:18 - 2008-12-25 02:43 - 00000000 ____D C:\Users\kiwiworld\AppData\Local\Google
2013-10-17 04:17 - 2008-11-22 14:27 - 00000000 ____D C:\Program Files\Google
2013-10-17 04:16 - 2013-10-17 04:16 - 14965064 _____ (Google Inc.) C:\Users\kiwiworld\Downloads\nw_28491_picasasetupexe.exe
2013-10-17 04:05 - 2013-10-17 02:45 - 00000000 ____D C:\ProgramData\HP
2013-10-17 04:04 - 2013-10-17 04:04 - 06110144 _____ C:\Users\kiwiworld\Downloads\HPPSdr.exe
2013-10-17 03:40 - 2013-10-17 03:40 - 00000000 ____D C:\Program Files\Hewlett-Packard
2013-10-17 03:39 - 2013-10-17 03:39 - 04993024 _____ C:\Users\kiwiworld\Downloads\HPSPSetup.msi
2013-10-17 03:28 - 2013-10-17 03:28 - 00001651 _____ C:\Users\Public\Desktop\IrfanView Thumbnails.lnk
2013-10-17 03:28 - 2013-10-17 03:28 - 00000775 _____ C:\Users\Public\Desktop\IrfanView.lnk
2013-10-17 03:28 - 2009-06-11 18:09 - 00000000 ____D C:\Program Files\IrfanView
2013-10-17 03:27 - 2013-10-17 03:27 - 02145888 _____ (Irfan Skiljan) C:\Users\kiwiworld\Downloads\iview436g_setup.exe
2013-10-17 03:13 - 2013-10-17 02:43 - 00000000 ____D C:\Users\kiwiworld\AppData\Local\HP
2013-10-17 02:49 - 2013-10-17 02:49 - 00002091 _____ C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk
2013-10-17 02:49 - 2013-10-17 02:49 - 00001031 _____ C:\Users\Public\Desktop\Shop für Zubehör - HP Officejet Pro 8600.lnk
2013-10-17 02:49 - 2008-12-25 02:39 - 00000000 ____D C:\Users\kiwiworld
2013-10-17 02:44 - 2013-10-17 02:44 - 00000057 _____ C:\ProgramData\Ament.ini
2013-10-16 20:39 - 2011-11-25 23:01 - 00000000 ____D C:\Users\kiwiworld\AppData\Local\CrashDumps
2013-10-16 05:48 - 2013-08-25 13:31 - 00005724 _____ C:\Users\kiwiworld\Desktop\namensliste bernstein lounge.sxw
2013-10-15 00:44 - 2012-06-18 01:41 - 00016048 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2013-10-15 00:44 - 2012-03-29 23:43 - 00030040 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys

Some content of TEMP:
====================
C:\Users\kiwiworld\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-14 02:48

==================== End Of Log ============================
--- --- ---
__________________
Thx

 

Themen zu Nav-link eingefangen und ich werd ihn nicht mehr los
ahnung, chrome, eingefangen, entfern, entfernt, freeware, gefangen, gefunde, gen, google, google chrome, großer, hoffe, kauft, nicht mehr, problem, profi, ratlos, runterladen, sache, sachen, software, tipps, tolle, wörter


« Verdacht auf TR/Kazy und PUP "Downloadsponsor.A" | Virenmeldung von Avira bei Starten eines Videos im Internet (Youtube, etc.) »


Ähnliche Themen: Nav-link eingefangen und ich werd ihn nicht mehr los


  1. Programm (DATEV) funktioniert nicht mehr nachdem ich auf einen Link in einer Mail geklickt habe
    Plagegeister aller Art und deren Bekämpfung - 25.08.2015 (15)
  2. Yahoo startseite eingefangen und nicht mehr los zu werden.
    Plagegeister aller Art und deren Bekämpfung - 14.08.2015 (3)
  3. Hotmail versendet Emails mit Link an alle Kontakte. Ich kann mich nicht mehr einloggen!
    Log-Analyse und Auswertung - 25.03.2014 (12)
  4. HILFE habe mir den Bundestrojaner eingefangen. Kann mich nicht mehr anmelden. Abgesicherter Modus geht auch nicht
    Plagegeister aller Art und deren Bekämpfung - 11.06.2013 (21)
  5. Tatanga eingefangen und werde ihn nicht mehr los ...
    Log-Analyse und Auswertung - 25.07.2012 (6)
  6. Updates funktionieren nicht mehr. hab ich mir was eingefangen?
    Log-Analyse und Auswertung - 28.05.2010 (6)
  7. Werd Rootkit nicht mehr los
    Plagegeister aller Art und deren Bekämpfung - 20.05.2010 (1)
  8. Fz1.exe Fz5.exe über ICQ-Link eingefangen
    Plagegeister aller Art und deren Bekämpfung - 19.04.2010 (7)
  9. Trojaner eingefangen, Antivirenprogramme starten nicht mehr!
    Log-Analyse und Auswertung - 04.01.2010 (7)
  10. Nach MS Antispywareentfernung werd ich google-hijacker nicht mehr los
    Log-Analyse und Auswertung - 11.03.2009 (6)
  11. nach Email Link, startet rechner neu... Explorer.exe wird nicht mehr gestartet
    Plagegeister aller Art und deren Bekämpfung - 10.12.2008 (8)
  12. Hab seit 2 Tagen 2x rundll32.exe am laufen und werd sie nicht mehr los :)
    Mülltonne - 05.11.2008 (1)
  13. Link zu Festplatten auf Arbeitsplatz geht nicht mehr
    Log-Analyse und Auswertung - 14.01.2008 (4)
  14. TR/Click.Delf.HM eingefangen und nicht mehr wegzubekommen!
    Log-Analyse und Auswertung - 08.06.2007 (2)
  15. Backdoor.Win32.Small.os eingefangen und werd ihn nicht los
    Plagegeister aller Art und deren Bekämpfung - 21.05.2007 (2)
  16. Hilfe! Win lädt nicht mehr! Ungültiger Dynamic-Link-VxD-Aufruf
    Alles rund um Windows - 04.02.2007 (1)
  17. Optix Pro eingefangen und jetzt will er nicht mehr weg
    Plagegeister aller Art und deren Bekämpfung - 11.07.2005 (9)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Nav-link eingefangen und ich werd ihn nicht mehr los - so bericht von ADWCLEANER Code: Alles auswählen Aufklappen ATTFilter # AdwCleaner v3.012 - Bericht erstellt am 14/11/2013 um 04:40:05 # Updated 11/11/2013 von Xplode # Betriebssystem : Windows Vista (TM) - Nav-link eingefangen und ich werd ihn nicht mehr los...
Archiv
Du betrachtest: Nav-link eingefangen und ich werd ihn nicht mehr los auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19