von meinem Internet-Anschluss wird Schadsoftware versendet

carlshorster · 03.10.2013, 12:05

Hallo Schrauber, hier das logfile

Code:

ATTFilter

ComboFix 13-10-03.01 - Ralf 03.10.2013  12:36:23.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4094.1659 [GMT 2:00]
ausgeführt von:: c:\users\Ralf\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\wetter.com Desktop\wetter.com Desktop.exe
c:\windows\IsUn0407.exe
.
Infizierte Kopie von c:\windows\SysWow64\userinit.exe wurde gefunden und desinfiziert 
Kopie von - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe wurde wiederhergestellt 
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-09-03 bis 2013-10-03  ))))))))))))))))))))))))))))))
.
.
2013-10-03 10:43 . 2013-10-03 10:45	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-10-03 10:43 . 2013-10-03 10:43	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-10-02 10:20 . 2013-10-02 10:20	--------	d-----w-	C:\FRST
2013-10-02 09:47 . 2013-10-02 09:47	--------	d-----w-	c:\program files\Enigma Software Group
2013-10-02 09:46 . 2013-10-02 10:07	--------	d-----w-	c:\windows\86CA3695A4124BAE92B649A60C2AC663.TMP
2013-10-02 09:46 . 2013-10-02 09:46	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2013-09-25 10:44 . 2013-09-25 10:44	--------	d-----w-	c:\users\Ralf\AppData\Local\PDF24
2013-09-25 10:35 . 2013-09-25 10:35	--------	d-----w-	c:\program files (x86)\Common Files\PDF Architect
2013-09-25 10:30 . 2013-09-25 10:30	--------	d-----w-	c:\users\Ralf\AppData\Roaming\PDF Architect
2013-09-25 09:40 . 2013-09-25 09:46	--------	d-----w-	c:\users\Ralf\AppData\Roaming\PDF Software
2013-09-25 09:39 . 2013-09-25 09:42	--------	d-----w-	c:\program files (x86)\Common Files\Soda PDF 5
2013-09-23 13:46 . 2013-09-23 13:46	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-23 13:46 . 2013-09-23 13:46	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-23 07:30 . 2013-09-23 07:31	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2013-09-22 11:25 . 2013-09-22 11:25	--------	d-----w-	c:\users\Ralf\AppData\Roaming\PDAppFlex
2013-09-22 11:10 . 2013-09-22 11:10	--------	d-----w-	c:\users\Ralf\AppData\Roaming\SolidDocuments
2013-09-22 11:01 . 2013-09-22 11:01	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2013-09-22 10:49 . 2013-09-22 10:49	--------	d-----w-	c:\users\Ralf\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2013-09-19 09:29 . 2013-09-19 09:29	--------	d-----w-	c:\users\Ralf\AppData\Roaming\Malwarebytes
2013-09-19 09:29 . 2013-09-19 09:29	--------	d-----w-	c:\programdata\Malwarebytes
2013-09-17 14:28 . 2013-09-17 14:28	--------	d-----w-	c:\windows\SysWow64\jmdp
2013-09-17 14:28 . 2013-09-17 14:28	--------	d-----w-	c:\windows\system32\ljkb
2013-09-13 08:12 . 2013-08-05 02:25	155584	----a-w-	c:\windows\system32\drivers\ataport.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-01 12:08 . 2013-06-22 18:53	83160	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-10-01 12:08 . 2013-06-22 12:38	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-10-01 12:08 . 2013-06-22 12:38	132600	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-10-01 12:08 . 2013-06-22 12:38	105856	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-09-15 12:21 . 2012-08-29 07:57	1762608	----a-w-	c:\windows\system32\dmwu.exe
2013-09-15 12:16 . 2012-08-29 07:57	33792	----a-w-	c:\windows\system32\ImHttpComm.dll
2013-09-13 19:38 . 2010-01-06 06:44	79143768	----a-w-	c:\windows\system32\MRT.exe
2013-09-09 08:52 . 2012-08-29 07:57	829264	----a-w-	c:\windows\system32\msvcr100.dll
2013-09-09 08:52 . 2012-08-29 07:57	608080	----a-w-	c:\windows\system32\msvcp100.dll
2013-09-05 05:32 . 2013-10-02 09:14	9694160	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{7A3E26BB-8811-4B4E-AA5E-9566DF90C0C9}\mpengine.dll
2013-08-07 02:22 . 2010-01-05 20:15	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-08-02 01:48 . 2013-09-13 08:12	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-14 09:22	1888768	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 09:22	1620992	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2013-07-20 14:24 . 2012-08-15 08:12	867240	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-07-20 14:24 . 2010-06-07 19:26	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-07-19 01:58 . 2013-08-14 09:22	2048	----a-w-	c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 09:22	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-14 09:23	224256	----a-w-	c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-14 09:22	1217024	----a-w-	c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-14 09:23	1472512	----a-w-	c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-14 09:23	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-14 09:23	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-14 09:22	663552	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-14 09:23	175104	----a-w-	c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-14 09:23	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 09:23	1166848	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-14 09:23	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-07-06 09:33 . 2012-09-01 08:42	1093032	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-07-06 09:33 . 2011-11-23 08:34	972712	----a-w-	c:\windows\system32\deployJava1.dll
2013-07-06 06:03 . 2013-08-14 09:22	1910208	----a-w-	c:\windows\system32\drivers\tcpip.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-05 39408]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"OV2_Monitor"="c:\program files (x86)\OLYMPUS\OLYMPUS Viewer 2\OV2Monitor.exe" [2010-11-19 230776]
"PCSpeedUp"="c:\program files (x86)\PC Beschleunigen\PCSpeedUp.lnk" [2011-08-17 2425]
"MMAgent"="c:\program files (x86)\Mobile Master\MMAgent.exe" [2012-02-22 1400672]
"Akamai NetSession Interface"="c:\users\Ralf\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PivotSoftware"="c:\program files (x86)\Portrait Displays\Pivot Software\wpctrl.exe" [2007-02-09 694008]
"DT ACR"="c:\program files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe" [2010-06-30 121456]
"OV2_Monitor"="c:\program files (x86)\OLYMPUS\OLYMPUS Viewer 2\FirstStart.exe" [2010-11-19 54648]
"Olympus ib"="c:\program files (x86)\Olympus\ib\olycamdetect.exe" [2011-03-11 93360]
"MDS_Menu"="c:\program files (x86)\Olympus\ib\MUITransfer\MUIStartMenu.exe" [2010-07-01 220336]
"DeskUpdateNotifier"="c:\program files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe" [2013-05-17 101728]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-10-01 681032]
.
c:\users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\
thunderbird - Verknüpfung.lnk - c:\program files (x86)\Mozilla Thunderbird\thunderbird.exe [2013-9-23 389528]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2010-5-28 276328]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-7-3 563416]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LaunchCenter.lnk - c:\program files (x86)\Fujitsu\LaunchCenter\LaunchCenter.exe [2009-9-22 2351104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Hilfe Assistent"=c:\program files (x86)\Hilfe Assistent\Hilfe_Assistent.exe /auto
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R3 OlyCamComm;OLYMPUS USB Communication Device;c:\windows\system32\DRIVERS\OlyCamComm.sys;c:\windows\SYSNATIVE\DRIVERS\OlyCamComm.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TelekomNM6;Telekom Netzmanager Packet Filter Driver;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys;c:\program files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Netzmanager Service;Netzmanager Infrastruktur Informationssystem Dienst;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe ;c:\program files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe  [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
Akamai	REG_MULTI_SZ   	Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2013-10-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-23 13:46]
.
2013-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-05 17:08]
.
2013-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-05 17:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-06 8158240]
"boincmgr"="c:\program files\BOINC\boincmgr.exe" [2013-04-16 5868688]
"boinctray"="c:\program files\BOINC\boinctray.exe" [2013-04-16 72848]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-03 1028896]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube Download - c:\users\Ralf\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Ralf\AppData\Roaming\Mozilla\Firefox\Profiles\Ralf\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://mystart.incredibar.com/mb165/?a=6R8w4hryog&loc=skw&search=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
c:\users\Ralf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\wetter.lnk - c:\program files (x86)\wetter.com Desktop\wetter.com Desktop.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-UnityWebPlayer - c:\users\Ralf\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2720622632-1772534780-353421891-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:a3,14,19,52,65,83,98,57,a8,d4,eb,ac,2c,be,ff,b3,d2,3e,39,a4,85,3b,fa,
   dd,fb,78,9c,c6,e5,b7,2a,01,f7,2c,7d,4a,52,92,3e,f5,71,20,45,c9,b2,96,55,3d,\
"??"=hex:d9,eb,e8,87,54,a1,8d,80,f0,7a,3a,0f,c2,c7,4d,2a
.
[HKEY_USERS\S-1-5-21-2720622632-1772534780-353421891-1000\Software\SecuROM\License information*]
"datasecu"=hex:71,a6,ee,80,38,18,fc,50,89,45,dd,7c,09,66,e9,33,ba,b1,a2,0f,0e,
   ad,72,57,a0,c0,3b,e8,31,42,31,ff,25,ab,7a,c6,8e,c9,2b,77,70,41,ec,cd,27,53,\
"rkeysecu"=hex:65,c9,91,4f,00,9c,6a,0b,39,f1,b5,94,a7,cd,ef,bf
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-10-03  12:54:02 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-10-03 10:54
.
Vor Suchlauf: 15 Verzeichnis(se), 768.011.079.680 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 768.127.352.832 Bytes frei
.
- - End Of File - - 42A7E0C44E072F13FEA9BAB1F246FB2F
A36C5E4F47E84449FF07ED3517B43A31

Grüße und nicht den Feiertag verderben lassen!

von meinem Internet-Anschluss wird Schadsoftware versendet

Log-Analyse und Auswertung: von meinem Internet-Anschluss wird Schadsoftware versendet

von meinem Internet-Anschluss wird Schadsoftware versendet

Ähnliche Themen: von meinem Internet-Anschluss wird Schadsoftware versendet