"Erkennungsprogramm des Backdoorprogrammes BDS/Papras.GX" - Entfernung nicht möglich

Steffi72 · 11.06.2010, 13:47

Hat ein Weilchen gedauert, aber hier ist die Auswertung

Combofix Logfile:

Code:

ATTFilter

ComboFix 10-06-10.04 - Gogi 11.06.2010  14:32:20.2.4 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3327.2357 [GMT 2:00]
ausgeführt von:: c:\users\Gogi\Desktop\ComboFix.exe
.

(((((((((((((((((((((((   Dateien erstellt von 2010-05-11 bis 2010-06-11  ))))))))))))))))))))))))))))))
.

2010-06-11 12:40 . 2010-06-11 12:40	--------	d-----w-	c:\users\Public\AppData\Local\temp
2010-06-11 12:40 . 2010-06-11 12:40	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-06-11 10:51 . 2010-06-11 10:51	--------	d-----w-	C:\_OTL
2010-06-05 11:49 . 2010-06-05 14:41	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2010-06-05 11:49 . 2010-06-05 11:53	--------	d-----w-	c:\program files\Spybot - Search & Destroy
2010-06-04 18:06 . 2010-06-05 11:19	--------	d-----w-	c:\programdata\Alwil Software
2010-06-04 18:06 . 2010-06-04 18:06	--------	d-----w-	c:\program files\Alwil Software
2010-06-04 18:02 . 2010-06-04 18:09	--------	d-----w-	c:\programdata\Google Updater
2010-05-26 10:29 . 2010-04-23 14:13	2048	----a-w-	c:\windows\system32\tzres.dll
2010-05-18 16:15 . 2010-05-18 16:15	--------	d-----w-	c:\program files\KELLOGG'S
2010-05-12 13:54 . 2010-01-29 15:40	738816	----a-w-	c:\windows\system32\inetcomm.dll

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-11 12:37 . 2008-01-21 07:15	664044	----a-w-	c:\windows\system32\perfh007.dat
2010-06-11 12:37 . 2008-01-21 07:15	142416	----a-w-	c:\windows\system32\perfc007.dat
2010-06-10 21:49 . 2008-11-08 15:31	--------	d-----w-	c:\program files\Google
2010-06-10 05:49 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
2010-06-09 10:27 . 2008-12-07 13:34	1	----a-w-	c:\users\Gogi\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-06-05 11:52 . 2009-02-22 19:41	--------	d-----w-	c:\programdata\Lavasoft
2010-06-05 11:52 . 2009-02-22 19:41	--------	d-----w-	c:\program files\Lavasoft
2010-05-26 17:06 . 2010-06-09 21:18	34304	----a-w-	c:\windows\system32\atmlib.dll
2010-05-26 14:47 . 2010-06-09 21:18	289792	----a-w-	c:\windows\system32\atmfd.dll
2010-05-12 09:21 . 2009-10-02 18:59	221568	------w-	c:\windows\system32\MpSigStub.exe
2010-05-07 12:58 . 2008-12-13 13:25	--------	d-----w-	c:\users\Gogi\AppData\Roaming\Apple Computer
2010-05-07 07:37 . 2009-01-24 15:35	--------	d-----w-	c:\users\Gogi\AppData\Roaming\Canon
2010-05-06 22:51 . 2010-05-06 22:50	--------	d-----w-	c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-05-06 22:51 . 2010-05-06 22:50	--------	d-----w-	c:\program files\iTunes
2010-05-06 22:50 . 2010-05-06 22:50	--------	d-----w-	c:\program files\iPod
2010-05-06 22:50 . 2009-10-11 17:46	--------	d-----w-	c:\program files\Common Files\Apple
2010-05-06 22:48 . 2010-05-06 22:48	--------	d-----w-	c:\program files\QuickTime
2010-05-06 22:45 . 2010-05-06 22:45	--------	d-----w-	c:\program files\Bonjour
2010-05-06 22:42 . 2010-05-06 22:42	73000	----a-w-	c:\programdata\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe
2010-05-05 22:07 . 2010-01-21 10:45	--------	d-----w-	c:\program files\pdf24
2010-05-04 05:59 . 2010-06-09 21:18	916480	----a-w-	c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-09 21:18	71680	----a-w-	c:\windows\system32\iesetup.dll
2010-05-04 05:55 . 2010-06-09 21:18	109056	----a-w-	c:\windows\system32\iesysprep.dll
2010-05-04 04:31 . 2010-06-09 21:18	133632	----a-w-	c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-06-09 21:18	2037248	----a-w-	c:\windows\system32\win32k.sys
2010-04-22 07:18 . 2008-11-20 19:19	--------	d-----w-	c:\program files\SWiSH Video3
2010-04-22 07:17 . 2008-12-31 19:02	--------	d-----w-	c:\program files\Free FLV Converter
2010-04-22 07:17 . 2009-01-03 16:50	--------	d-----w-	c:\program files\Common Files\DVDVideoSoft
2010-04-22 07:14 . 2008-11-16 12:23	--------	d-----w-	c:\programdata\AOL
2010-04-22 07:12 . 2008-09-10 21:50	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-04-16 06:33 . 2010-04-16 06:33	41472	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2010-04-16 06:33 . 2010-04-16 06:33	3003680	----a-w-	c:\windows\system32\usbaaplrc.dll
2010-04-15 19:49 . 2010-04-15 17:14	--------	d-----w-	c:\users\Gogi\AppData\Roaming\CyberLink
2010-04-15 17:45 . 2010-01-05 22:06	--------	d-----w-	c:\users\Gogi\AppData\Roaming\DivX
2010-04-15 17:14 . 2010-04-15 17:12	--------	d-----w-	c:\programdata\CyberLink
2010-04-15 17:12 . 2010-04-15 17:10	--------	d-----w-	c:\program files\CyberLink
2010-04-15 17:12 . 2010-04-15 17:12	--------	d-----w-	c:\program files\Common Files\CyberLink
2010-04-15 17:09 . 2010-04-15 17:10	29480	----a-w-	c:\windows\system32\msxml3a.dll
2010-04-15 17:09 . 2010-04-15 17:10	53319	----a-w-	c:\programdata\Temp\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\PostBuild.exe
2010-04-15 15:53 . 2010-04-15 15:53	54073	----a-w-	c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-04-15 15:53 . 2010-04-15 15:53	56969	----a-w-	c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2010-04-15 15:53 . 2010-01-02 18:20	--------	d-----w-	c:\program files\Common Files\DivX Shared
2010-04-15 15:52 . 2010-04-15 15:52	144696	----a-w-	c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-04-15 15:52 . 2010-04-15 15:54	754984	----a-w-	c:\programdata\DivX\Setup\Resource.dll
2010-04-15 15:52 . 2010-04-15 15:54	1180952	----a-w-	c:\programdata\DivX\Setup\DivXSetup.exe
2010-04-08 11:20 . 2010-04-08 11:20	91424	----a-w-	c:\windows\system32\dnssd.dll
2010-04-08 11:20 . 2010-04-08 11:20	107808	----a-w-	c:\windows\system32\dns-sd.exe
2010-04-05 17:01 . 2010-06-09 21:18	67072	----a-w-	c:\windows\system32\asycfilt.dll
2010-03-31 01:58 . 2007-10-29 01:00	44944	------w-	c:\windows\system32\drivers\pxhelp20.sys
2009-11-17 21:46 . 2009-11-17 21:46	119808	----a-w-	c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2010-01-07 17:46 . 2009-10-03 03:40	88	--sh--r-	c:\windows\System32\EBD1821E4F.sys
2010-01-07 17:46 . 2009-10-03 03:30	2516	--sha-w-	c:\windows\System32\KGyGaAvL.sys
.

(((((((((((((((((((((((((((((   SnapShot@2010-06-11_12.21.29   )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-21 01:58 . 2010-06-11 11:39	62926              c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-01-21 01:58 . 2010-06-11 12:31	62926              c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2010-06-11 12:31	75360              c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-11-08 16:21 . 2010-06-11 11:39	11990              c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2546707314-2983746973-2447176769-1000_UserData.bin
+ 2008-11-08 16:21 . 2010-06-11 12:31	11990              c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2546707314-2983746973-2447176769-1000_UserData.bin
- 2008-11-08 15:22 . 2010-06-11 11:36	16384              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-11-08 15:22 . 2010-06-11 12:40	16384              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-11-08 15:22 . 2010-06-11 12:40	49152              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-11-08 15:22 . 2010-06-11 11:36	49152              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-11-08 15:22 . 2010-06-11 12:40	32768              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-11-08 15:22 . 2010-06-11 11:36	32768              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-12-02 21:26 . 2010-06-11 11:37	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-12-02 21:26 . 2010-06-11 12:28	16384              c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-12-02 21:26 . 2010-06-11 11:37	32768              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-12-02 21:26 . 2010-06-11 12:28	32768              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-12-02 21:26 . 2010-06-11 12:28	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-12-02 21:26 . 2010-06-11 11:37	16384              c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-06-11 12:28 . 2010-06-11 12:28	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-06-11 11:36 . 2010-06-11 11:36	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-06-11 11:36 . 2010-06-11 11:36	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-06-11 12:28 . 2010-06-11 12:28	2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 10:33 . 2010-06-11 12:37	625384              c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-06-11 11:43	625384              c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-06-11 11:43	116946              c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2010-06-11 12:37	116946              c:\windows\System32\perfc009.dat
+ 2009-03-19 19:55 . 2010-06-11 12:40	245760              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-03-19 19:55 . 2010-06-11 11:46	245760              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"T-Online_Software_6\WLAN-Access Finder"="c:\program files\T-Online\WLAN-Access Finder\ToWLaAcF.exe" [2008-04-08 671796]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-06-04 39408]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"RtHDVCpl"="RtHDVCpl.exe" [2008-07-03 6266880]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-11-17 30192]
"OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-28 136600]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"LifeChat"="c:\program files\Microsoft LifeChat\LifeChat.exe" [2008-08-21 267296]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"Skytel"="Skytel.exe" [2008-06-25 1826816]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-12-10 198160]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-04-13 47392]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-04-12 1135912]
"RemoteControl10"="c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-03-13 75048]
"PDFPrint"="c:\program files\pdf24\pdf24.exe" [2010-03-11 208528]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"InfoCockpit"="c:\program files\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE" [2007-07-30 176128]
"T-Online_Software_6\WLAN-Access Finder"="c:\program files\T-Online\WLAN-Access Finder\ToWLaAcF.exe" [2008-04-08 671796]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google EULA Launcher]
2008-05-28 11:40	20480	----a-w-	c:\program files\Google\Google EULA\GoogleEULALauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):2f,94,bc,de,4b,65,ca,01

R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R2 gupdate1ca08a3ac5dc7e8;Google Update Service (gupdate1ca08a3ac5dc7e8);c:\program files\Google\Update\GoogleUpdate.exe [2009-07-19 133104]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-11-17 30192]
R3 MTOnlPktAlyX;MTOnlPktAlyX NDIS Protocol Driver;c:\progra~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS [2006-10-09 17536]
R3 U6000ALL;U6000 TV Box(ALL);c:\windows\system32\DRIVERS\U6000ALL.sys [2007-07-13 230784]
R3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/04/15 19:12];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-03-13 10:58 87536]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
Inhalt des "geplante Tasks" Ordners

2010-05-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-06-11 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-04 18:02]

2010-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-19 19:03]

2010-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-19 19:03]

2010-06-11 c:\windows\Tasks\User_Feed_Synchronization-{C4770312-A458-4C09-926A-F9775C20A2EC}.job
- c:\windows\system32\msfeedssync.exe [2010-06-09 04:30]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: LastPass - file://c:\program files\LastPass\context.html?cmd=lastpass
IE: LastPass Ausfüllformulare - file://c:\program files\LastPass\context.html?cmd=fillforms
IE: LastPass Fill Forms - file://c:\program files\LastPass\context.html?cmd=fillforms
FF - ProfilePath - c:\users\Gogi\AppData\Roaming\Mozilla\Firefox\Profiles\1k68sy6j.default\
FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\Gogi\AppData\Roaming\Mozilla\Firefox\Profiles\1k68sy6j.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2010-06-11 14:40
Windows 6.0.6002 Service Pack 2 NTFS

Scanne versteckte Prozesse... 

Scanne versteckte Autostarteinträge... 

Scanne versteckte Dateien... 

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'Explorer.exe'(4572)
c:\program files\ScanSoft\OmniPageSE2.0\ophookSE2.dll
.
Zeit der Fertigstellung: 2010-06-11  14:43:57
ComboFix-quarantined-files.txt  2010-06-11 12:43
ComboFix2.txt  2010-06-11 12:24

Vor Suchlauf: 17 Verzeichnis(se), 142.137.176.064 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 142.127.271.936 Bytes frei

- - End Of File - - B52AC78A228C3AB24CBB53CDE3DA002A

--- --- ---

"Erkennungsprogramm des Backdoorprogrammes BDS/Papras.GX" - Entfernung nicht möglich

Log-Analyse und Auswertung: "Erkennungsprogramm des Backdoorprogrammes BDS/Papras.GX" - Entfernung nicht möglich

"Erkennungsprogramm des Backdoorprogrammes BDS/Papras.GX" - Entfernung nicht möglich

Ähnliche Themen: "Erkennungsprogramm des Backdoorprogrammes BDS/Papras.GX" - Entfernung nicht möglich