Sinowal ?!

gerd076 · 26.10.2011, 08:56

Combofix Logfile:

Code:

ATTFilter

ComboFix 11-10-26.01 - gk 26.10.2011   9:33.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.49.1031.18.2813.1756 [GMT 2:00]
ausgeführt von:: c:\users\gk\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0407.exe
c:\windows\system32\CddbCdda.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_RKHIT
-------\Service_RkHit
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-09-26 bis 2011-10-26  ))))))))))))))))))))))))))))))
.
.
2011-10-26 07:42 . 2011-10-26 07:42	56200	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{98D18A51-9D08-4474-B6CE-B1CC87B8234A}\offreg.dll
2011-10-26 07:40 . 2011-10-26 07:40	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-10-25 14:16 . 2011-10-25 14:16	--------	d-----w-	C:\_OTL
2011-10-24 20:00 . 2011-10-24 20:00	--------	d-----w-	c:\program files\ESET
2011-10-24 10:03 . 2011-10-24 10:03	--------	d-----w-	c:\program files\Common Files\Java
2011-10-24 10:02 . 2011-10-03 03:06	476904	----a-w-	c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-10-24 10:02 . 2011-10-03 03:06	472808	----a-w-	c:\windows\system32\deployJava1.dll
2011-10-23 20:07 . 2011-10-23 20:08	--------	d-----w-	C:\log2
2011-10-23 19:43 . 2011-10-23 19:43	--------	d-----w-	c:\users\gk\AppData\Roaming\Malwarebytes
2011-10-23 19:42 . 2011-10-23 19:42	--------	d-----w-	c:\programdata\Malwarebytes
2011-10-23 19:42 . 2011-10-23 19:42	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-10-23 19:42 . 2011-08-31 15:00	22216	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-10-23 17:46 . 2011-10-25 14:20	--------	d-----w-	C:\logs
2011-10-23 14:00 . 2011-10-24 09:44	--------	d-----w-	c:\program files\NetPeeker
2011-10-23 14:00 . 2011-10-23 14:00	236400	----a-w-	c:\windows\system32\drivers\netpeeker.sys
2011-10-23 13:59 . 2011-10-23 13:59	--------	d-----w-	C:\Neuer Ordner
2011-10-22 21:46 . 2011-07-15 09:35	21312	----a-w-	c:\windows\system32\authuitu.dll
2011-10-22 21:46 . 2011-07-15 09:35	30016	----a-w-	c:\windows\system32\uxtuneup.dll
2011-10-22 06:04 . 2011-10-22 06:04	--------	d-----w-	c:\programdata\Uniblue
2011-10-22 06:04 . 2011-10-22 06:04	--------	d-----w-	c:\programdata\Canneverbe Limited
2011-10-22 06:04 . 2011-10-22 06:04	--------	d-----w-	c:\users\gk\AppData\Roaming\Canneverbe Limited
2011-10-22 06:04 . 2011-10-22 06:04	--------	d-----w-	c:\program files\CDBurnerXP
2011-10-22 06:04 . 2011-10-22 06:04	--------	d-----w-	c:\users\gk\AppData\Roaming\OpenCandy
2011-10-22 06:03 . 2011-10-22 06:03	--------	d-----w-	c:\program files\Conduit
2011-10-22 06:03 . 2011-10-25 14:16	--------	d-----w-	c:\program files\Winload
2011-10-22 06:03 . 2011-10-22 06:03	--------	d-----w-	c:\users\gk\AppData\Local\Conduit
2011-10-21 20:33 . 2011-10-21 20:33	--------	d-----w-	c:\windows\Profiles
2011-10-21 20:06 . 2011-10-21 20:06	--------	d-----w-	c:\users\gk\AppData\Roaming\Avira
2011-10-21 20:00 . 2011-10-11 13:06	74640	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2011-10-21 20:00 . 2011-10-11 13:06	36000	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2011-10-21 20:00 . 2011-10-11 13:06	134344	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-10-21 20:00 . 2011-10-21 22:58	--------	d-----w-	c:\programdata\Avira
2011-10-21 20:00 . 2011-10-21 20:00	--------	d-----w-	c:\program files\Avira
2011-10-21 06:57 . 2011-10-07 03:48	6668624	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{98D18A51-9D08-4474-B6CE-B1CC87B8234A}\mpengine.dll
2011-10-21 06:51 . 2011-05-28 06:09	638232	----a-w-	c:\program files\Internet Explorer\iexplore.exe
2011-10-21 06:51 . 2010-05-27 19:16	81920	----a-w-	c:\windows\system32\iccvid.dll
2011-10-21 06:51 . 2010-10-19 04:27	7680	----a-w-	c:\program files\Internet Explorer\iecompat.dll
2011-10-21 06:51 . 2010-08-17 13:32	126464	----a-w-	c:\windows\system32\spoolsv.exe
2011-10-21 06:51 . 2010-09-06 16:24	125952	----a-w-	c:\windows\system32\srvsvc.dll
2011-10-21 06:51 . 2010-09-06 16:23	17920	----a-w-	c:\windows\system32\netevent.dll
2011-10-21 06:49 . 2011-02-18 13:31	304640	----a-w-	c:\windows\system32\drivers\srv.sys
2011-10-21 06:49 . 2011-04-14 14:24	75264	----a-w-	c:\windows\system32\drivers\dfsc.sys
2011-10-21 06:49 . 2010-10-12 15:48	33280	----a-w-	c:\program files\Windows Mail\wabfind.dll
2011-10-21 06:49 . 2010-10-12 13:52	66048	----a-w-	c:\program files\Windows Mail\wabmig.exe
2011-10-21 06:49 . 2010-10-12 13:52	515584	----a-w-	c:\program files\Windows Mail\wab.exe
2011-10-21 06:49 . 2011-02-22 12:51	69632	----a-w-	c:\windows\system32\drivers\bowser.sys
2011-10-21 06:49 . 2010-10-18 14:01	81920	----a-w-	c:\windows\system32\consent.exe
2011-10-21 06:49 . 2011-04-30 06:09	758784	----a-w-	c:\program files\Common Files\Microsoft Shared\vgx\VGX.dll
2011-10-21 06:44 . 2010-12-28 14:57	409600	----a-w-	c:\windows\system32\odbc32.dll
2011-10-21 06:44 . 2010-12-28 14:56	708608	----a-w-	c:\program files\Common Files\System\ado\msado15.dll
2011-10-21 06:44 . 2010-12-28 14:56	57344	----a-w-	c:\program files\Common Files\System\msadc\msadcs.dll
2011-10-21 06:44 . 2010-12-28 14:56	253952	----a-w-	c:\program files\Common Files\System\ado\msadox.dll
2011-10-21 06:44 . 2010-12-28 14:56	241664	----a-w-	c:\program files\Common Files\System\ado\msadomd.dll
2011-10-21 06:44 . 2010-12-28 14:56	180224	----a-w-	c:\program files\Common Files\System\msadc\msadco.dll
2011-10-21 06:43 . 2010-12-17 16:43	2067456	----a-w-	c:\windows\system32\mstscax.dll
2011-10-21 06:43 . 2010-12-17 15:06	677888	----a-w-	c:\windows\system32\mstsc.exe
2011-10-21 06:43 . 2010-08-31 15:40	531968	----a-w-	c:\windows\system32\comctl32.dll
2011-10-21 06:42 . 2011-04-29 14:54	276992	----a-w-	c:\windows\system32\schannel.dll
2011-10-21 05:47 . 2011-10-21 05:47	--------	d-----w-	c:\windows\system32\IO
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-30 06:38 . 2011-06-23 21:17	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ7.4\ICQ.exe" [2011-03-28 119608]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-12 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-10-31 6609440]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2008-12-18 690720]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2009-01-09 870920]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-01-09 1418536]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-11 13560352]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-11 92704]
"MobileConnect"="c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2008-07-04 2072576]
"FreePDF Assistant"="c:\program files\FreePDF_XP\fpassist.exe" [2009-09-05 385024]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ehTray.exe"=c:\windows\ehome\ehTray.exe
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe"
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"NvCplDaemonTool"=rundll32.exe _IWMPEvents
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Windows Mobile-based device management"=%windir%\WindowsMobile\wmdSync.exe
"WinampAgent"="c:\program files\Winamp\winampa.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"Ocs_SM"=c:\users\gk\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 135664]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 135664]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-12-29 109920]
R3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [2008-08-09 419328]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 36000]
S1 NetPeeker;Net-Peeker Kernel Driver;c:\windows\system32\DRIVERS\netpeeker.sys [2011-10-23 236400]
S2 AntiVirMailService;Avira Email Schutz;c:\program files\Avira\AntiVir Desktop\avmailc.exe [2011-10-11 342480]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-10-11 463824]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-10-04 69632]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2008-12-18 653856]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2011-07-15 1052480]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-07-04 14336]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-09-29 223232]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-09-05 45600]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile	REG_MULTI_SZ   	wcescomm rapimgr
LocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgr
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
.
2011-10-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 23:09]
.
2011-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 23:09]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = 
mStart Page = 
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Felder mit Bestellhelfer ausfüllen - file://c:\program files\DHL\DHL Bestellhelfer\fillFormContext.html
IE: Felder mit Bestellhelfer merken - file://c:\program files\DHL\DHL Bestellhelfer\assignContext.html
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\gk\AppData\Roaming\Mozilla\Firefox\Profiles\ysoa0361.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-FRITZ!DSL - c:\windows\IsUn0407.exe
.
.
.
**************************************************************************
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1356)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ger.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\FRITZ!DSL\IGDCTRL.EXE
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\acer\Mobility Center\MobilityService.exe
c:\program files\Cyberlink\Shared files\RichVideo.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-10-26  09:50:43 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-10-26 07:50
.
Vor Suchlauf: 13 Verzeichnis(se), 92.838.678.528 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 92.480.536.576 Bytes frei
.
- - End Of File - - E677ACAE66776C03C5508E4987343E16

--- --- ---

MfG Gerd

Sinowal ?!

Plagegeister aller Art und deren Bekämpfung: Sinowal ?!

Sinowal ?!

Ähnliche Themen: Sinowal ?!