html/crypted.gen + runtime 226

Dela · 06.06.2011, 21:06

Code:

ATTFilter

ComboFix 11-06-06.02 - Daniel 06.06.2011  21:53:01.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3068.2054 [GMT 2:00]
ausgeführt von:: c:\users\Daniel\Desktop\Antivir\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: IObit Security 360 *Disabled/Outdated* {FAE2835A-B90A-9E7A-85DA-82DBDA7C1E3A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\users\Daniel\AppData\Roaming\Adobe\plugs
c:\users\Daniel\AppData\Roaming\Adobe\shed
c:\users\Daniel\AppData\Roaming\Local
c:\users\Daniel\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\Daniel\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(2).ddp
c:\users\Daniel\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(3).ddp
c:\users\Daniel\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\(4).ddp
c:\users\Daniel\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\.ddp
c:\users\Daniel\audacity-win-1.2.6.exe
c:\windows\security\Database\tmp.edb
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-05-06 bis 2011-06-06  ))))))))))))))))))))))))))))))
.
.
2011-06-06 20:01 . 2011-06-06 20:01	--------	d-----w-	c:\users\Daniel\AppData\Local\temp
2011-06-06 19:48 . 2011-06-06 19:48	--------	d-----w-	C:\32788R22FWJFW
2011-06-06 18:10 . 2011-06-06 18:10	--------	d-----w-	C:\_OTL
2011-06-06 07:27 . 2011-06-06 07:27	--------	d-----w-	c:\users\Daniel\AppData\Local\{EB20752D-6A99-423C-BC3B-CB026F0A8B48}
2011-06-05 19:26 . 2011-06-05 19:26	--------	d-----w-	c:\users\Daniel\AppData\Local\{50478C0F-7E2A-47FE-A46B-DE4142D518E3}
2011-06-05 17:46 . 2011-06-05 17:46	--------	d-----w-	c:\users\Daniel\AppData\Roaming\Malwarebytes
2011-06-05 17:46 . 2011-05-29 07:11	39984	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-05 17:46 . 2011-06-05 17:46	--------	d-----w-	c:\programdata\Malwarebytes
2011-06-05 17:46 . 2011-05-29 07:11	22712	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-06-05 17:46 . 2011-06-05 17:46	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-06-05 07:41 . 2011-06-05 07:41	--------	d-----w-	c:\users\Daniel\AppData\Roaming\.minecraft
2011-06-05 07:35 . 2011-05-09 20:46	6962000	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{8CC46545-176D-4D3E-BA54-C1B6F26BCEE7}\mpengine.dll
2011-06-05 07:24 . 2011-06-05 07:26	--------	d-----w-	c:\users\Daniel\AppData\Local\{E79944E9-000F-4BCE-917C-36D2910171E6}
2011-05-31 04:48 . 2011-05-31 04:48	--------	d-----w-	c:\users\Daniel\AppData\Local\{7E34F0CC-7608-4A42-B17C-CBEE81A4164D}
2011-05-30 16:47 . 2011-05-30 16:48	--------	d-----w-	c:\users\Daniel\AppData\Local\{F54C8E0D-1128-4FEA-9E54-30ED39A84D08}
2011-05-30 04:44 . 2011-05-30 04:47	--------	d-----w-	c:\users\Daniel\AppData\Local\{8CA3D61E-9EB4-4484-A3B3-7EA681B9C4A3}
2011-05-27 20:09 . 2011-05-29 08:09	--------	d-----w-	c:\users\Daniel\AppData\Local\{5C013681-01B6-42DF-A2B3-E2C6A470FA00}
2011-05-27 20:08 . 2011-05-27 20:08	404640	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-18 16:49 . 2011-05-18 16:49	--------	d-----w-	c:\program files\iPod
2011-05-18 16:49 . 2011-05-18 16:50	--------	d-----w-	c:\program files\iTunes
2011-05-18 16:47 . 2011-05-18 16:47	--------	d-----w-	c:\program files\Bonjour
2011-05-12 04:44 . 2011-05-12 04:44	781272	----a-w-	c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-05-12 04:44 . 2011-05-12 04:44	1874904	----a-w-	c:\program files\Mozilla Firefox\mozjs.dll
2011-05-12 04:44 . 2011-05-12 04:44	89048	----a-w-	c:\program files\Mozilla Firefox\libEGL.dll
2011-05-12 04:44 . 2011-05-12 04:44	465880	----a-w-	c:\program files\Mozilla Firefox\libGLESv2.dll
2011-05-12 04:44 . 2011-05-12 04:44	1974616	----a-w-	c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-05-12 04:44 . 2011-05-12 04:44	1892184	----a-w-	c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-05-12 04:44 . 2011-05-12 04:44	15832	----a-w-	c:\program files\Mozilla Firefox\mozalloc.dll
2011-05-12 04:44 . 2011-05-12 04:44	142296	----a-w-	c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-05-11 17:34 . 2011-05-11 17:36	--------	d-----w-	c:\program files\ICQ7.5
2011-05-10 21:08 . 2011-04-07 12:01	2409784	----a-w-	c:\program files\Windows Mail\OESpamFilter.dat
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-24 17:14 . 2010-06-16 06:44	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-04-09 16:55 . 2011-04-09 16:55	15453336	----a-w-	c:\windows\system32\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55	13642904	----a-w-	c:\windows\system32\xlivefnt.dll
2011-04-08 05:14 . 2011-05-02 19:53	57960	----a-w-	c:\windows\system32\OpenCL.dll
2011-04-08 05:14 . 2011-05-02 19:53	944232	----a-w-	c:\windows\system32\nvdispco3220140.dll
2011-04-08 05:14 . 2011-05-02 19:53	855656	----a-w-	c:\windows\system32\nvgenco322060.dll
2011-04-08 05:14 . 2011-05-02 19:53	2765928	----a-w-	c:\windows\system32\nvcuvid.dll
2011-04-08 05:14 . 2011-05-02 19:53	2074216	----a-w-	c:\windows\system32\nvcuvenc.dll
2011-04-08 05:14 . 2011-05-02 19:53	15227496	----a-w-	c:\windows\system32\nvoglv32.dll
2011-04-08 05:14 . 2011-05-02 19:53	10690024	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2011-04-08 05:14 . 2011-05-02 19:53	5180824	----a-w-	c:\windows\system32\nvcuda.dll
2011-04-08 05:14 . 2011-05-02 19:53	13007464	----a-w-	c:\windows\system32\nvcompiler.dll
2011-04-08 05:14 . 2011-05-02 19:53	10920	----a-w-	c:\windows\system32\drivers\nvBridge.kmd
2011-04-08 05:14 . 2011-01-24 18:14	6299752	----a-w-	c:\windows\system32\nvwgf2um.dll
2011-04-08 05:14 . 2008-05-23 03:29	2034280	----a-w-	c:\windows\system32\nvapi.dll
2011-04-08 05:14 . 2008-05-23 03:29	10071656	----a-w-	c:\windows\system32\nvd3dum.dll
2011-04-07 20:43 . 2011-04-07 20:43	580200	----a-w-	c:\windows\system32\easyUpdatusAPIU.dll
2011-04-07 20:43 . 2011-04-07 20:43	612456	----a-w-	c:\windows\system32\nvvsvc.exe
2011-04-07 20:43 . 2011-04-07 20:43	293992	----a-w-	c:\windows\system32\nvhotkey.dll
2011-04-07 20:43 . 2011-04-07 20:43	2582120	----a-w-	c:\windows\system32\nvsvcr.dll
2011-04-07 20:43 . 2011-04-07 20:43	111208	----a-w-	c:\windows\system32\nvmctray.dll
2011-04-07 20:43 . 2011-04-07 20:43	3701352	----a-w-	c:\windows\system32\nvcpl.dll
2011-04-07 20:43 . 2011-04-07 20:43	2565224	----a-w-	c:\windows\system32\nvsvc.dll
2011-04-06 14:20 . 2011-04-06 14:20	91424	----a-w-	c:\windows\system32\dnssd.dll
2011-04-06 14:20 . 2011-04-06 14:20	197920	----a-w-	c:\windows\system32\dnssdX.dll
2011-04-06 14:20 . 2011-04-06 14:20	107808	----a-w-	c:\windows\system32\dns-sd.exe
2011-03-17 09:41 . 2010-06-24 10:33	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-16 17:07 . 2010-06-17 05:08	137656	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-03-12 21:55 . 2011-04-27 09:34	876032	----a-w-	c:\windows\system32\XpsPrint.dll
2011-03-10 17:03 . 2011-04-13 21:28	1162240	----a-w-	c:\windows\system32\mfc42u.dll
2011-03-10 17:03 . 2011-04-13 21:28	1136640	----a-w-	c:\windows\system32\mfc42.dll
2011-05-12 04:44 . 2011-05-12 04:44	142296	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.

	Code: 

 ATTFilter

  
	<pre>
c:\program files\Opera\opera .exe
</pre>
         
 .
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-15 178712]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-02 281768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-09-11 446556]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
"Corel Photo Downloader"="c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2007-08-28 531272]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-16 727592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
2007-08-28 11:00	531272	----a-w-	c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager]
2010-12-08 21:15	63360	----a-w-	c:\program files\DivX\DivX Plus Web Player\DDMService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-12-08 19:17	1226608	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2008-04-15 11:42	70912	----a-w-	c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Security 360]
2010-06-11 17:14	1280344	----a-w-	c:\program files\IObit\IObit Security 360\is360tray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2008-02-26 12:08	2289664	----a-w-	c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
2011-01-13 17:18	187776	----a-w-	c:\users\Daniel\AppData\Roaming\QipGuard\QipGuard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2008-03-14 06:45	202032	----a-w-	c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2008-04-23 21:51	468264	----a-w-	c:\program files\HP\QuickPlay\QPService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38	421888	----a-w-	c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
2007-12-24 13:55	222504	------w-	c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-02-07 193840]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-03-20 101504]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2010-03-20 116736]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-06-19 9728]
R3 massfilter_hs;USB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2009-02-03 9728]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-05-29 39984]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32-Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2008-03-18 19456]
R4 QipGuard;QipGuard;c:\program files\QipGuard\QipGuard.exe [2011-01-13 187776]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe [2008-06-27 77824]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
S2 DCService.exe;DCService.exe;c:\programdata\DatacardService\DCService.exe [2010-05-08 229376]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 GtDetectSc;GtDetectSc;c:\program files\Option\Option WWAN Driver 5.0.32.0 Installer\GtDetectSc.exe [2009-05-04 545792]
S2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [2010-06-11 312152]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-03-26 341328]
S2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\program files\o2\Mobile Connection Manager\ImpWiFiSvc.exe [2010-09-29 200624]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-01-24 52736]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-04-09 63616]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-04-01 81296]
S3 NETwNv32;___ Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows Vista 32-Bit;c:\windows\system32\DRIVERS\NETwNv32.sys [2011-01-19 6923264]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-03-03 139368]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs	REG_MULTI_SZ   	BthServ
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-02-26 12:06	451872	----a-w-	c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=Pavilion&pf=cnnb
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: An OneNote s&enden - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\kp37epfs.default\
FF - prefs.js: browser.search.selectedEngine - Google (Language: DE)
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=723823&p=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-06-06 22:01
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1352641042-1096886337-3699757790-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ab,80,a2,26,a7,97,92,4e,37,f6,79,f1,c2,f4,ce,1a,02,1f,f5,50,2c,fb,94,
   2e,e1,e3,54,19,7c,4e,d7,ce,01,e2,e8,7e,05,c7,a4,e9,85,49,dc,f9,6b,89,c7,e3,\
"??"=hex:41,e0,42,8c,cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2011-06-06  22:04:14
ComboFix-quarantined-files.txt  2011-06-06 20:03
.
Vor Suchlauf: 15 Verzeichnis(se), 153.540.329.472 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 154.530.996.224 Bytes frei
.
- - End Of File - - 9DFA53048223AA4AFB52E415B22268CA

html/crypted.gen + runtime 226

Plagegeister aller Art und deren Bekämpfung: html/crypted.gen + runtime 226

html/crypted.gen + runtime 226

Ähnliche Themen: html/crypted.gen + runtime 226