TrojanDownloader:Win32/Deyjalil.A

glueckskind · 31.10.2012, 19:53

hej, vielen dank für die unterstützung schon mal.
hier der inhalt der comofix.txt:
Combofix Logfile:

Code:

ATTFilter

ComboFix 12-10-31.03 - Yvi 31.10.2012  19:40:32.2.4 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3069.1489 [GMT 1:00]
ausgeführt von:: c:\users\Yvi\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Incredibar.com
c:\program files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
c:\program files\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
c:\program files\Incredibar.com\incredibar\1.5.11.14\inCRedibartlbr.dll
c:\program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
c:\program files\kikin
c:\program files\kikin\default_settings.xml
c:\program files\kikin\file_list.txt
c:\program files\kikin\ie_kikin.dll
c:\program files\kikin\kikin.ico
c:\program files\kikin\kikin_updater_2.0.0.11.exe
c:\program files\kikin\KikinBroker.exe
c:\program files\kikin\KikinCrashReporter.exe
c:\program files\kikin\uninst.exe
c:\programdata\Codecv
c:\programdata\Codecv\background.html
c:\programdata\Codecv\bhoclass.dll
c:\programdata\Codecv\cgfnepgoialghmfpnjelhlebjhgbepjb.crx
c:\programdata\Codecv\content.js
c:\programdata\Codecv\data\content.js
c:\programdata\Codecv\data\jsondb.js
c:\programdata\Codecv\settings.ini
c:\programdata\Codecv\uninstall.exe
c:\users\Yvi\AppData\Roaming\kikin
c:\users\Yvi\AppData\Roaming\kikin\ie_configuration.xml
c:\users\Yvi\AppData\Roaming\kikin\ie_kkes.xml
c:\users\Yvi\AppData\Roaming\kikin\ie_settings.xml
c:\users\Yvi\AppData\Roaming\kikin\kikin_updater_2.9.1.exe
c:\windows\IsUn0407.exe
c:\windows\system32\shsvcs.dll.vgorg
c:\windows\system32\themeui.dll.vgorg
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\system32\uxtheme.dll.vgorg
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-09-28 bis 2012-10-31  ))))))))))))))))))))))))))))))
.
.
2012-10-30 09:33 . 2012-10-30 14:49	--------	d-----w-	c:\program files\Mozilla Thunderbird
2012-10-30 08:47 . 2012-10-12 05:56	6918632	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FDE4216C-598A-4F0C-B23D-24C2EFAA4AEF}\mpengine.dll
2012-10-29 16:29 . 2012-10-12 05:56	6918632	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-20 09:32 . 2012-09-28 05:38	740784	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EFFD0FB0-6D54-4AAC-B47F-0CE5AA668999}\gapaengine.dll
2012-10-14 13:32 . 2008-01-01 07:15	--------	d-----w-	c:\program files\Mozilla Maintenance Service
2012-10-10 06:53 . 2012-06-02 00:02	985088	----a-w-	c:\windows\system32\crypt32.dll
2012-10-10 06:53 . 2012-06-02 00:02	98304	----a-w-	c:\windows\system32\cryptnet.dll
2012-10-10 06:53 . 2012-06-02 00:02	133120	----a-w-	c:\windows\system32\cryptsvc.dll
2012-10-10 06:53 . 2012-08-24 15:53	172544	----a-w-	c:\windows\system32\wintrust.dll
2012-10-10 06:53 . 2012-09-13 13:28	2048	----a-w-	c:\windows\system32\tzres.dll
2012-10-10 06:53 . 2012-08-29 11:27	3602816	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-10-10 06:53 . 2012-08-29 11:27	3550080	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-10-04 10:17 . 2012-10-04 10:18	--------	d-----w-	c:\program files\DVDFab 8 Qt
2012-10-03 06:48 . 2012-10-03 06:48	1207568	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-08 19:17 . 2012-04-01 07:42	696760	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-10-08 19:17 . 2011-05-19 06:24	73656	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-28 05:38 . 2011-05-22 01:47	740784	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-09-24 13:32 . 2012-06-18 19:48	477168	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-09-24 13:32 . 2011-09-17 13:29	473072	----a-w-	c:\windows\system32\deployJava1.dll
2012-09-13 13:26 . 2012-09-13 18:55	1006448	----a-w-	c:\windows\system32\dmwu.exe
2012-09-13 13:24 . 2012-09-13 18:55	28160	----a-w-	c:\windows\system32\ImHttpComm.dll
2012-08-30 20:03 . 2012-08-30 20:03	193552	----a-w-	c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:03 . 2010-10-24 19:25	99272	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-24 06:59 . 2012-09-22 10:13	1800704	----a-w-	c:\windows\system32\jscript9.dll
2012-08-24 06:51 . 2012-09-22 10:13	1129472	----a-w-	c:\windows\system32\wininet.dll
2012-08-24 06:51 . 2012-09-22 10:13	1427968	----a-w-	c:\windows\system32\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 10:13	142848	----a-w-	c:\windows\system32\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 10:13	420864	----a-w-	c:\windows\system32\vbscript.dll
2012-08-24 06:43 . 2012-09-22 10:13	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2009-12-14 20:27 . 2008-09-24 21:02	119808	----a-w-	c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2006-05-03 10:06	163328	--sh--r-	c:\windows\System32\flvDX.dll
2007-02-21 11:47	31232	--sh--r-	c:\windows\System32\msfDX.dll
2008-03-16 13:30	216064	--sh--r-	c:\windows\System32\nbDX.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2012-01-22 . 179AF7B52C59EED5635F69870D9E75E0 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
[7] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[7] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[7] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[7] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[7] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\shsvcs.dll
[7] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[7] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
[7] 2008-01-21 . 27F10F348E508243F6254846F8370D0D . 247296 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18000_none_cd305d2a1ced96e2\shsvcs.dll
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\users\Yvi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\users\Yvi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\users\Yvi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17	94208	----a-w-	c:\users\Yvi\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"CrossRiderPlugin"="c:\program files\CrossriderWebApps\Crossrider.exe" [2011-05-15 478720]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"F.lux"="c:\users\Yvi\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"Spotify Web Helper"="c:\users\Yvi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-08-21 1193176]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-07-25 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-04-03 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-04-03 92704]
"hplampc"="c:\windows\system32\hplampc.exe" [2002-01-17 40448]
"EzPrint"="c:\program files\Lexmark S300-S400 Series\ezprint.exe" [2010-05-05 148280]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
"atwtusb"="atwtusb.exe" [2007-05-29 360096]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1387288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
.
c:\users\Yvi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Yvi\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
Rainmeter - Verknüpfung.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 105160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WG311T Smart Wizard.lnk - c:\program files\NETGEAR\WG311T\wlancfg5.exe [2006-5-18 1499136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.0.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 6.0.lnk
backup=c:\windows\pss\PHOTOfunSTUDIO 6.0.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Yvi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^dexpot - Verknüpfung.lnk]
path=c:\users\Yvi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dexpot - Verknüpfung.lnk
backup=c:\windows\pss\dexpot - Verknüpfung.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51	919008	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AeroSnap]
2008-12-06 18:32	886784	----a-w-	c:\program files\AeroSnap\AeroSnap.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-08-21 21:38	1353080	----a-w-	c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-07-25 10:07	68856	----a-w-	c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\thin light]
2007-04-18 09:08	65536	----a-w-	c:\program files\USB Think Light\ThinkLight.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2954106480-3081226885-94457421-1003]
"EnableNotificationsRef"=dword:00000002
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 19:17]
.
2008-01-01 c:\windows\Tasks\DriverScanner.job
- c:\program files\Uniblue\DriverScanner\dsmonitor.exe [2012-01-20 13:43]
.
2012-10-31 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-06 21:33]
.
2012-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-28 21:10]
.
2012-10-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-28 21:10]
.
2012-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2954106480-3081226885-94457421-1003Core.job
- c:\users\Yvi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-01 15:44]
.
2012-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2954106480-3081226885-94457421-1003UA.job
- c:\users\Yvi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-01 15:44]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://mystart.incredibar.com/mb139?a=6R8x5VHtbG&i=26
mStart Page = about:blank
mSearch Bar = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Alles mit FDM herunterladen - file://c:\program files\Free Download Manager\dlall.htm
IE: Auswahl mit FDM herunterladen - file://c:\program files\Free Download Manager\dlselected.htm
IE: Datei mit FDM herunterladen - file://c:\program files\Free Download Manager\dllink.htm
IE: Free YouTube to MP3 Converter - c:\users\Yvi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Videos mit FDM herunterladen - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
BHO-{F76CBCFE-8D3D-F98C-E590-E0EE5AC69CE2} - c:\programdata\Codecv\bhoclass.dll
HKCU-Run-AdobeBridge - (no file)
AddRemove-incredibar - c:\program files\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
AddRemove-{2EF17083-57D4-4D64-AE4F-55F32A2C4571} - c:\programdata\Codecv\uninstall.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
AddRemove-{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA} - c:\program files\kikin\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-10-31 19:49
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
.
c:\users\Yvi\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:25,49,d2,03,42,c2,cc,01
.
Zeit der Fertigstellung: 2012-10-31  19:52:13
ComboFix-quarantined-files.txt  2012-10-31 18:52
.
Vor Suchlauf: 16 Verzeichnis(se), 110.359.486.464 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 115.434.577.920 Bytes frei
.
- - End Of File - - 07FCCCDEEF8C56EA7B73454F4903D9A5

--- --- ---

info: das mit dem piepen und der datumsumstellung hat sich leider auch nach dem combofix-scan noch nicht gegeben.

TrojanDownloader:Win32/Deyjalil.A

Plagegeister aller Art und deren Bekämpfung: TrojanDownloader:Win32/Deyjalil.A

TrojanDownloader:Win32/Deyjalil.A

Ähnliche Themen: TrojanDownloader:Win32/Deyjalil.A