Trojaner-Board - Trojaner (hcw.exe, hcx.exe, hcy.exe, hdodia.exe) öffnet falsche Links

Hier mein Log. Allerdings muss ich darauf hinweisen, dass es wieder das Problem gab, dass, nachdem ich auf Ok bei der Anfrage nach einem Neustart gedrückt habe, wieder nichts passiert ist. Man sah nur den Desktophintergrund und konnte nichts machen. Also musste ich wieder den PC aus- und wieder einschalten.

Combofix Logfile:
Code:
ComboFix 11-01-31.02 - **** 03.02.2011   1:35.3.2 - x86

Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.1023.736 [GMT 1:00]

ausgeführt von:: c:\dokumente und einstellungen\****\Desktop\cofi.exe

Benutzte Befehlsschalter :: c:\dokumente und einstellungen\Thomas\Desktop\CFScript.txt

 * Neuer Wiederherstellungspunkt wurde erstellt

.
 

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.
 

c:\windows\system32\lsprst7.dll

c:\windows\system32\ssprs.dll
 

.

(((((((((((((((((((((((   Dateien erstellt von 2011-01-03 bis 2011-02-03  ))))))))))))))))))))))))))))))

.
 

2011-02-02 23:33 . 2011-02-02 23:33        --------        d-----w-        C:\cofi

2011-02-02 22:30 . 2011-02-02 22:30        1025        ----a-w-        c:\windows\system32\sysprs7.dll

2011-02-02 22:30 . 2011-02-02 22:30        1025        ----a-w-        c:\windows\system32\clauth2.dll

2011-02-02 22:30 . 2011-02-02 22:30        1025        ----a-w-        c:\windows\system32\clauth1.dll

2011-02-02 22:30 . 2011-02-02 22:30        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Minnetonka Audio Software

2011-02-02 22:26 . 2011-02-02 22:26        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\FLEXnet

2011-02-02 21:05 . 2011-02-02 21:05        --------        d-----w-        c:\programme\Gemeinsame Dateien\Macrovision Shared

2011-02-02 17:08 . 2011-02-02 17:08        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe

2011-02-02 14:30 . 2010-03-27 17:06        67032        ----a-w-        c:\programme\Mozilla Firefox\plugins\npContribute.dll

2011-02-02 14:06 . 2011-02-02 14:06        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\ALM

2011-02-02 13:36 . 2011-02-02 13:36        --------        d-----w-        c:\dokumente und einstellungen\Thomas\Adobe Flash Builder 4

2011-02-02 12:53 . 2011-02-02 12:53        --------        d-----w-        c:\programme\Adobe Media Player

2011-02-02 12:52 . 2011-02-02 12:52        --------        d-----w-        c:\programme\My Company Name

2011-02-02 12:44 . 2011-02-02 12:44        --------        d-----w-        c:\programme\Gemeinsame Dateien\Adobe AIR

2011-02-01 16:02 . 2011-02-01 16:02        --------        d-----w-        c:\programme\Kroll Ontrack

2011-02-01 15:37 . 2011-02-01 15:37        --------        d-----w-        c:\dokumente und einstellungen\Thomas\Anwendungsdaten\OfficeRecovery

2011-01-31 12:56 . 2011-01-31 12:56        --------        d-----w-        c:\programme\iPod

2011-01-23 19:58 . 2011-01-23 20:10        --------        d-----w-        c:\dokumente und einstellungen\Thomas\Anwendungsdaten\BOM

2011-01-16 14:44 . 2011-01-16 14:44        --------        d-----w-        c:\programme\XviD

2011-01-16 14:43 . 2002-01-05 14:37        344064        ----a-w-        c:\windows\system32\msvcr70.dll

2011-01-16 14:43 . 2002-01-05 13:40        487424        ----a-w-        c:\windows\system32\msvcp70.dll

2011-01-16 14:43 . 2001-08-23 16:00        1700352        ----a-w-        c:\windows\system32\gdiplus.dll

2011-01-16 14:43 . 2011-01-16 14:43        --------        d-----w-        C:\Apex

2011-01-14 18:06 . 2011-01-14 18:06        --------        d-----w-        c:\dokumente und einstellungen\Thomas\Lokale Einstellungen\Anwendungsdaten\Identities

2011-01-13 19:48 . 2011-01-13 19:48        --------        d-----w-        c:\dokumente und einstellungen\All Users\Microsoft

2011-01-13 14:52 . 2011-02-02 18:46        --------        d-----w-        c:\programme\CCleaner

2011-01-13 13:02 . 2011-01-13 13:02        --------        d-----w-        C:\_OTL

2011-01-11 23:26 . 2011-01-11 23:26        --------        d-----w-        c:\dokumente und einstellungen\Thomas\Anwendungsdaten\Malwarebytes

2011-01-11 23:26 . 2010-12-20 17:09        38224        ----a-w-        c:\windows\system32\drivers\mbamswissarmy.sys

2011-01-11 23:26 . 2011-01-11 23:26        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes

2011-01-11 23:26 . 2011-01-11 23:26        --------        d-----w-        c:\programme\Malwarebytes' Anti-Malware

2011-01-11 23:26 . 2010-12-20 17:08        20952        ----a-w-        c:\windows\system32\drivers\mbam.sys

2011-01-11 22:23 . 2011-01-11 22:43        --------        d-----w-        c:\windows\BDOSCAN8

2011-01-11 16:03 . 2011-01-13 15:06        --------        d-----w-        c:\dokumente und einstellungen\Thomas\Anwendungsdaten\Media Player Classic

2011-01-09 20:50 . 2009-05-18 12:17        26600        ----a-w-        c:\windows\system32\drivers\GEARAspiWDM.sys

2011-01-09 20:50 . 2008-04-17 11:12        107368        ----a-w-        c:\windows\system32\GEARAspi.dll

2011-01-09 20:44 . 2011-01-09 20:45        --------        d-----w-        c:\programme\QuickTime

2011-01-06 03:21 . 2011-01-06 03:21        --------        d-----w-        c:\dokumente und einstellungen\Thomas\Lokale Einstellungen\Anwendungsdaten\Conduit

2011-01-06 01:30 . 2011-01-06 16:37        --------        d-----w-        c:\dokumente und einstellungen\Thomas\Anwendungsdaten\vlc

2011-01-04 21:50 . 2004-02-22 09:11        719872        ----a-w-        c:\windows\system32\devil.dll

2011-01-04 21:50 . 2011-01-04 21:50        --------        d-----w-        c:\programme\AviSynth 2.5

2011-01-04 21:50 . 2009-09-27 08:39        369152        ----a-w-        c:\windows\system32\avisynth.dll

2011-01-04 21:50 . 2004-01-24 23:00        70656        ----a-w-        c:\windows\system32\yv12vfw.dll

2011-01-04 21:50 . 2004-01-24 23:00        70656        ----a-w-        c:\windows\system32\i420vfw.dll

2011-01-04 21:29 . 2011-01-11 16:19        --------        d-----w-        c:\dokumente und einstellungen\Thomas\Anwendungsdaten\DVDVideoSoft
 

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-12-12 14:38 . 2010-12-12 14:38        73728        ----a-w-        c:\windows\system32\javacpl.cpl

2010-12-12 14:38 . 2010-12-12 14:38        472808        ----a-w-        c:\windows\system32\deployJava1.dll

2010-12-11 17:23 . 2010-12-11 17:23        21035        ----a-w-        c:\windows\system32\drivers\AegisP.sys

2010-11-29 16:38 . 2010-11-29 16:38        94208        ----a-w-        c:\windows\system32\QuickTimeVR.qtx

2010-11-29 16:38 . 2010-11-29 16:38        69632        ----a-w-        c:\windows\system32\QuickTime.qts

2010-11-18 18:12 . 2010-12-11 16:41        86016        ----a-w-        c:\windows\system32\isign32.dll

2010-11-16 22:41 . 2010-11-16 22:41        323624        ----a-w-        c:\windows\system32\wiaaut.dll

2010-11-12 00:44 . 2010-11-12 00:44        94208        ----a-w-        c:\windows\system32\dpl100.dll

2010-11-09 14:51 . 2004-08-04 12:00        249856        ----a-w-        c:\windows\system32\odbc32.dll

2010-11-08 22:57 . 2010-11-08 22:57        353592        ----a-w-        c:\windows\system32\DivXControlPanelApplet.cpl

2010-11-06 00:21 . 2004-08-04 12:00        916480        ----a-w-        c:\windows\system32\wininet.dll

2010-11-06 00:21 . 2004-08-04 12:00        43520        ------w-        c:\windows\system32\licmgr10.dll

2010-11-06 00:21 . 2004-08-04 12:00        1469440        ------w-        c:\windows\system32\inetcpl.cpl

.
 

(((((((((((((((((((((((((((((   SnapShot_2011-02-02_20.17.58   )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-12-11 16:27 . 2011-02-02 23:37        3774120              c:\windows\system32\FNTCACHE.DAT

+ 2011-02-02 21:38 . 2011-02-02 21:38        3717120              c:\windows\Installer\41e730.msi

+ 2011-02-02 21:24 . 2011-02-02 21:24        3241472              c:\windows\Installer\41e708.msi

+ 2011-02-02 21:23 . 2011-02-02 21:23        3098112              c:\windows\Installer\41e6ff.msi

+ 2011-02-02 21:23 . 2011-02-02 21:23        3089920              c:\windows\Installer\41e6ee.msi

+ 2011-02-02 21:22 . 2011-02-02 21:22        3097088              c:\windows\Installer\41e6e4.msi

+ 2011-02-02 21:21 . 2011-02-02 21:21        3104256              c:\windows\Installer\41e6d9.msi

+ 2011-02-02 21:20 . 2011-02-02 21:20        3208704              c:\windows\Installer\41e6cf.msi

+ 2011-02-02 21:19 . 2011-02-02 21:19        3075584              c:\windows\Installer\41e6c6.msi

+ 2011-02-02 21:16 . 2011-02-02 21:16        3089408              c:\windows\Installer\41e6b8.msi

+ 2011-02-02 21:15 . 2011-02-02 21:15        3095552              c:\windows\Installer\41e6b0.msi

+ 2011-02-02 21:14 . 2011-02-02 21:14        3083776              c:\windows\Installer\41e6a8.msi

+ 2011-02-02 21:14 . 2011-02-02 21:14        3087360              c:\windows\Installer\41e6a0.msi

+ 2011-02-02 21:14 . 2011-02-02 21:14        3094016              c:\windows\Installer\41e698.msi

+ 2011-02-02 21:13 . 2011-02-02 21:13        3186176              c:\windows\Installer\41e690.msi

+ 2011-02-02 21:13 . 2011-02-02 21:13        3073024              c:\windows\Installer\41e688.msi

+ 2011-02-02 21:13 . 2011-02-02 21:13        3110912              c:\windows\Installer\41e67f.msi

+ 2011-02-02 21:13 . 2011-02-02 21:13        3150848              c:\windows\Installer\41e677.msi

+ 2011-02-02 21:12 . 2011-02-02 21:12        3074560              c:\windows\Installer\41e66f.msi

+ 2011-02-02 21:12 . 2011-02-02 21:12        3515392              c:\windows\Installer\41e666.msi

+ 2011-02-02 21:09 . 2011-02-02 21:09        3116544              c:\windows\Installer\41e65c.msi

+ 2011-02-02 21:07 . 2011-02-02 21:07        3206144              c:\windows\Installer\41e654.msi

+ 2011-02-02 21:07 . 2011-02-02 21:07        3146240              c:\windows\Installer\41e64c.msi

+ 2011-02-02 21:06 . 2011-02-02 21:06        3228160              c:\windows\Installer\41e644.msi

+ 2011-02-02 21:05 . 2011-02-02 21:05        3070976              c:\windows\Installer\41e63c.msi

+ 2011-02-02 21:01 . 2011-02-02 21:01        3204096              c:\windows\Installer\41e634.msi

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4
 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Rainlendar2"="c:\programme\Rainlendar2\Rainlendar2.exe" [2010-07-11 2199040]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640]

"nwiz"="nwiz.exe" [2009-02-18 1657376]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-18 86016]

"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2010-11-29 421888]

"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2011-01-25 421160]

"AdobeAAMUpdater-1.0"="c:\programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]

"AdobeCS5ServiceManager"="c:\programme\Gemeinsame Dateien\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]

"SwitchBoard"="c:\programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
 

c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\

Launchy.lnk - c:\programme\Launchy\Launchy.exe [2010-12-12 380928]

Wireless LAN Utility.lnk - c:\programme\LevelOne WNC-0301\WlanCU.exe [2007-11-28 626688]
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2001-07-09 10:50        155648        ----a-w-        c:\windows\system32\NeroCheck.exe
 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"TVESched"=2 (0x2)

"TVECapSvc"=2 (0x2)

"TuneUp.UtilitiesSvc"=2 (0x2)

"TuneUp.Defrag"=3 (0x3)

"RichVideo"=2 (0x2)

"osppsvc"=3 (0x3)

"ose"=3 (0x3)

"iPod Service"=3 (0x3)

"gusvc"=3 (0x3)

"JavaQuickStarterService"=2 (0x2)

"MacDrive8Service"=2 (0x2)
 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 10.0\Reader\Reader_sl.exe"

"PlayMovie"="c:\programme\CyberLink\PlayMovie\PMVService.exe"

"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" -atboottime

"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe"
 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)
 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Programme\\Bonjour\\mDNSResponder.exe"=

"c:\\Programme\\ICQ6.5\\ICQ.exe"=

"c:\\Programme\\Skype\\Phone\\Skype.exe"=

"c:\\Programme\\Skype\\Plugin Manager\\skypePM.exe"=

"c:\\Programme\\Microsoft Office\\Office14\\GROOVE.EXE"=

"c:\\Programme\\Microsoft Office\\Office14\\ONENOTE.EXE"=

"c:\\Programme\\Microsoft Office\\Office14\\OUTLOOK.EXE"=

"c:\\Programme\\CyberLink\\TV Enhance\\TVEnhance.exe"=

"c:\\Programme\\CyberLink\\TV Enhance\\TVEService.exe"=

"c:\\Programme\\iTunes\\iTunes.exe"=
 

R1 LWMouCon;LWMouCon;c:\windows\system32\drivers\LWMOUCON.sys [06.10.2010 16:54 33168]

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\programme\CyberLink\PlayMovie\000.fcl [13.12.2010 21:18 61424]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\programme\Microsoft Office\Office14\GROOVE.EXE [25.03.2010 10:25 30969208]

S3 osppsvc;Office Software Protection Platform;c:\programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09.01.2010 21:37 4640000]

S3 SwitchBoard;SwitchBoard;c:\programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe [19.02.2010 13:37 517096]

S4 TVECapSvc;TVEnhance Background Capture Service (TBCS);c:\programme\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe [13.12.2010 21:23 364635]

S4 TVESched;TVEnhance Task Scheduler (TTS));c:\programme\CyberLink\TV Enhance\Kernel\TV\TVESched.exe [13.12.2010 21:23 172121]

.

Inhalt des "geplante Tasks" Ordners
 

2011-02-01 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\programme\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = about:blank

uInternet Settings,ProxyOverride = *.local

IE: add to &BOM - c:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: Free YouTube Download - c:\dokumente und einstellungen\Thomas\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\dokumente und einstellungen\Thomas\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

FF - ProfilePath - c:\dokumente und einstellungen\Thomas\Anwendungsdaten\Mozilla\Firefox\Profiles\z2dunjtc.default\

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\programme\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: Java Quick Starter: jqs@sun.com - c:\programme\Java\jre6\lib\deploy\jqs\ff

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - Ext: DivX Plus Web Player HTML5 &lt;video&gt;: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\programme\DivX\DivX Plus Web Player\firefox\html5video

FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\programme\DivX\DivX Plus Web Player\firefox\wpa

.
 

**************************************************************************
 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net

Rootkit scan 2011-02-03 02:00

Windows 5.1.2600 Service Pack 3 NTFS
 

Scanne versteckte Prozesse... 
 

Scanne versteckte Autostarteinträge... 
 

Scanne versteckte Dateien... 
 

Scan erfolgreich abgeschlossen

versteckte Dateien: 0
 

**************************************************************************
 

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]

"ImagePath"="\??\c:\programme\CyberLink\PlayMovie\000.fcl"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------
 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe,-101"
 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001
 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe"
 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]

"Version"=hex:f6,62,7c,69,2b,38,1c,95,7a,1e,a8,6f,2a,15,80,4a,a7,9e,4d,6b,a4,

   eb,53,6a,f8,84,5e,85,d7,3f,9d,04,64,28,9c,50,81,05,9e,d4,a7,14,e9,63,14,b9,\
 

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"
 

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"
 

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"
 

[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]

"Version"=hex:f6,62,7c,69,2b,38,1c,95,7a,1e,a8,6f,2a,15,80,4a,a7,9e,4d,6b,a4,

   eb,53,6a,f8,84,5e,85,d7,3f,9d,04,64,28,9c,50,81,05,9e,d4,a7,14,e9,63,14,b9,\

.

--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
 

- - - - - - - > 'winlogon.exe'(920)

c:\windows\SYSTEM32\Wireless\WirelessGina.DLL

.

Zeit der Fertigstellung: 2011-02-03  02:05:24

ComboFix-quarantined-files.txt  2011-02-03 01:05

ComboFix2.txt  2011-02-02 20:24

ComboFix3.txt  2011-01-13 18:48
 

Vor Suchlauf: 15 Verzeichnis(se), 28.437.340.160 Bytes frei

Nach Suchlauf: 16 Verzeichnis(se), 28.529.430.528 Bytes frei
 

- - End Of File - - 4A3D8E6415E3056E791C5407EECE796E
--- --- ---