Virusbust eingefangen Video AcitveX Object |
||
|---|---|---|
| #0
| ||
|
03.12.2006, 15:36
...neu hier
Beiträge: 1 |
||
 
|
|
|
|
03.12.2006, 15:58
Ehrenmitglied
 Beiträge: 29434 |
#2
Sascha27LM
das beste waere, dein Backup [TrueImage] anzuwenden, denn der rechner ist schwer verseucht............. ---------------------------------------------------------------------------------- 1. Avenger http://virus-protect.org/artikel/tools/avenger.html kopiere rein: Zitat Registry values to delete:Klicke die grüne Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten »» lösche das Backup vom Avenger unter C:\Avenger\backup.zip + leere den Papierkorb «« scanne mit smitfraudfix - Option 1 und 2 ( lasse auch die Registry mitreinigen) http://virus-protect.org/artikel/tools/smitfrautfix.html ________ 2. scanne und poste den scanreport http://virus-protect.org/cureit.html _____________________________ 3. Download Registry Search by Bobbi Flekman http://virus-protect.org/artikel/tools/regsearch.html und doppelklicken, um zu starten. in: "Enter search strings" (reinschreiben oder reinkopieren) dllhost32.exe in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. in: "Enter search strings" (reinschreiben oder reinkopieren) spoolsv32.exe in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
ich hoffe jemand kann mir helfen, evtl ja auch Sabina, die schon einem anderen User geholfen hat, der sich das o.g. Zeug eingefangen hat.
Ich mir auch den o.g. Virus (?) eingefangen und bekomme ihn nicht weg. Hier die Log Dateien:
Logfile of HijackThis v1.99.1
Scan saved at 15:07:36, on 03.12.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\FRITZ!DSL\IGDCTRL.EXE
C:\Programme\RDM+\rdmpserv.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Sony\VAIO Event Service\VESMgr.exe
C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Video ActiveX Object\pmsngr.exe
C:\Programme\Apoint\Apoint.exe
C:\WINDOWS\system32\ICO.EXE
C:\Programme\Sony\VAIO Power Management\SPMgr.exe
C:\Programme\Sony\ISB Utility\ISBMgr.exe
C:\Programme\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Programme\Gemeinsame Dateien\Logitech\QCDriver2\LVCOMS.EXE
C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
C:\Programme\SlySoft\AnyDVD\AnyDVD.exe
C:\Programme\Video ActiveX Object\pmmon.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\alphadixxLightS\adlight.exe
C:\Programme\ANYCOM\ANYCOM Blue Card\SppBridge.exe
C:\Programme\Java\jre1.5.0_09\bin\jusched.exe
C:\Programme\Acronis\TrueImage\TrueImageMonitor.exe
C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
C:\PROGRA~1\MT\MT.EXE
C:\Programme\QuickTime\qttask.exe
C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\Macrogaming\SweetIM\SweetIM.exe
C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Programme\RDM+\rdmpserv_cpanel.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Programme\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Programme\Microsoft Office\Office\OSA.EXE
C:\Programme\WinZip\WZQKPICK.EXE
C:\Programme\FRITZ!DSL\StCenter.exe
C:\Programme\Sony\VAIO Launcher\Launcher.exe
C:\Programme\WorldCommunityGrid\UD.EXE
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\PC Connectivity Solution\ServiceLayer.exe
C:\Programme\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Programme\ANYCOM\ANYCOM Blue Card\FileTransfer.exe
C:\Programme\Apoint\Apntex.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Programme\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Programme\Video ActiveX Object\isamini.exe
C:\Programme\Video ActiveX Object\isamonitor.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\ClearProg\ClearProg.exe
C:\Programme\FreshDevices\FreshDownload\fd.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Dokumente und Einstellungen\Sascha Gloazzo\Lokale Einstellungen\Temp\wz6989\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1a1ddc19-5893-43ab-a73f-f41a0f34d115} - C:\Programme\Video ActiveX Object\isaddon.dll
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\Programme\FreshDevices\FreshDownload\fdcatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar3.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar3.dll
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\Programme\FreshDevices\FreshDownload\fdiebar.dll
O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Programme\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Programme\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Programme\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [LVCOMS] C:\Programme\Gemeinsame Dateien\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [UpdateManager] "C:\Programme\Gemeinsame Dateien\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [Windows Spooler] C:\WINDOWS\system32\spoolsv32.exe
O4 - HKLM\..\Run: [Windows DLL Host] C:\WINDOWS\system32\dllhost32.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [System service79] C:\WINDOWS\\\etb\\pokapoka79.exe
O4 - HKLM\..\Run: [alphadixxLightS] C:\Programme\alphadixxLightS\adlight.exe AUTOSTART
O4 - HKLM\..\Run: [SppBridge] C:\Programme\ANYCOM\ANYCOM Blue Card\SppBridge.exe
O4 - HKLM\..\Run: [BTFileTransfer] C:\Programme\ANYCOM\ANYCOM Blue Card\FTSLauncher.exe C:\Programme\ANYCOM\ANYCOM Blue Card
O4 - HKLM\..\Run: [AddModem] C:\Programme\ANYCOM\ANYCOM Blue Card\BTInst.exe -addmodem
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImage\TrueImageMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [Meine Traffic] C:\PROGRA~1\MT\MT.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Programme\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [RDM+ Control Panel] "C:\Programme\RDM+\rdmpserv_cpanel.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SweetIM] C:\Programme\Macrogaming\SweetIM\SweetIM.exe
O4 - Startup: FRITZ!DSL Startcenter.lnk = C:\Programme\FRITZ!DSL\StCenter.exe
O4 - Startup: VAIO Launcher.lnk = C:\Programme\Sony\VAIO Launcher\Launcher.exe
O4 - Startup: World Community Grid Agent.lnk = C:\Programme\WorldCommunityGrid\UD.EXE
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programme\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Audio Filter.lnk = C:\Programme\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Office-Start.lnk = C:\Programme\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programme\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Programme\AIM95\aim.exe (file missing)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: FreshDownload - {DFB5BB9A-D272-402E-9F2B-580C6C6F4FAF} - C:\Programme\FreshDevices\FreshDownload\fd.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .UVR: C:\Programme\Internet Explorer\Plugins\NPUPano.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/de/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (Steuerung des DownloadManager ) - http://dlmanager.akamaitools.com.edgesuite.net/dlmanager/versions/activex/dlm-activex-2.0.6.0.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://www.metaboli.de/components/Metaboli.ocx
O16 - DPF: {98264495-6376-443C-9340-2996038BD143} (VaCtrl Class) - http://www.totalaibo.com/VaCtrl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O18 - Protocol: bw+0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {B15A2CE9-12FA-4C77-BDCF-7087C5C6C3A6} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: EvtEng - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RDM+ Local Service (RDMPLocalService) - SHAPE Services GmbH - C:\Programme\RDM+\rdmpserv.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programme\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AvLib\SSScsiSV.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Programme\Sony\VAIO Entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Programme\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Programme\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Programme\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
ComboFix Log
ComboFix 06.11.27W - Running from: "C:\Dokumente und Einstellungen\Sascha Gloazzo\Desktop"
((((((((((((((((((((((((((((((( Files Created from 2006-11-03 to 2006-12-03 ))))))))))))))))))))))))))))))))))
2006-12-03 15:08 <DIR> d-------- C:\Programme\CleanUp!
2006-12-03 15:01 <DIR> d-------- C:\Programme\ClearProg
2006-12-03 14:04 <DIR> d-------- C:\Programme\Video ActiveX Object
2006-12-02 11:33 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InterVideo
2006-12-02 10:18 73,728 --a------ C:\WINDOWS\system32\DBOPCSC1.dll
2006-12-02 08:18 21,060 --------- C:\WINDOWS\system32\drivers\iviaspi.sys
2006-12-02 08:16 <DIR> d-------- C:\Programme\Gemeinsame Dateien\InterVideo
2006-12-01 19:16 <DIR> d-------- C:\Programme\Xilisoft
2006-12-01 18:50 <DIR> d-------- C:\Programme\FreshDevices
2006-11-30 12:27 <DIR> d-------- C:\Programme\Witcobber
2006-11-30 08:57 <DIR> d-------- C:\Dokumente und Einstellungen\Sascha Gloazzo\Anwendungsdaten\DivX
2006-11-30 08:46 68,888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2006-11-30 08:46 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2006-11-30 08:46 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2006-11-30 08:46 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2006-11-30 08:46 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2006-11-30 08:46 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2006-11-30 08:46 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2006-11-30 08:26 <DIR> d-------- C:\Programme\RM Converter
2006-11-30 08:17 <DIR> d-------- C:\Programme\STOIK Imaging
2006-11-30 08:17 <DIR> d-------- C:\Dokumente und Einstellungen\Sascha Gloazzo\Anwendungsdaten\STOIK
2006-11-29 05:44 <DIR> d-------- C:\Programme\WinZip
2006-11-25 10:13 <DIR> d-------- C:\Programme\RDM+
2006-11-18 09:53 <DIR> d-------- C:\Programme\Gemeinsame Dateien\PCSuite
2006-11-18 09:51 <DIR> d-------- C:\Programme\PC Connectivity Solution
2006-11-18 09:50 9,216 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2006-11-18 09:50 4,608 --a------ C:\WINDOWS\system32\nmwcdlog.dll
2006-11-18 09:50 30,720 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2006-11-18 09:50 138,240 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2006-11-18 09:50 12,800 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2006-11-18 09:50 12,800 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-03 14:35 -------- d-------- C:\Programme\Macrogaming
2006-12-02 10:04 -------- d-------- C:\Programme\Mozilla Firefox
2006-12-02 08:16 -------- d-------- C:\Programme\Gemeinsame Dateien
2006-12-02 08:15 -------- d--h----- C:\Programme\InstallShield Installation Information
2006-12-02 08:15 -------- d-------- C:\Programme\InterVideo
2006-11-30 13:03 -------- d-------- C:\Programme\MSN Messenger
2006-11-30 08:57 -------- d-------- C:\Programme\DivX
2006-11-21 10:16 33280 --a------ C:\WINDOWS\system32\drivers\avgntdd.sys
2006-11-20 17:29 -------- d-------- C:\Programme\Apple Software Update
2006-11-18 10:08 -------- d-------- C:\Programme\Nokia
2006-11-18 10:08 -------- d-------- C:\Programme\Gemeinsame Dateien\Nokia
2006-11-18 09:55 -------- d-------- C:\Programme\Java
2006-11-18 09:53 -------- d-------- C:\Dokumente und Einstellungen\Sascha Gloazzo\Anwendungsdaten\Nokia
2006-11-02 17:42 -------- d-------- C:\Dokumente und Einstellungen\Sascha Gloazzo\Anwendungsdaten\Nokia Multimedia Player
2006-11-02 17:28 -------- d-------- C:\Programme\eRightSoft
2006-10-28 20:48 -------- d-------- C:\Programme\Google
2006-10-22 09:13 -------- d-------- C:\Dokumente und Einstellungen\Sascha Gloazzo\Anwendungsdaten\G10 Software AG
2006-10-22 09:11 -------- d-------- C:\Programme\G10 Software AG
2006-10-14 15:28 -------- d-------- C:\Programme\Opera
2006-10-14 14:16 -------- d-------- C:\Programme\Lonely Cat Games
2006-10-13 13:35 146432 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-10 08:54 50688 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2006-10-02 20:04 806912 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2006-10-02 20:04 806912 --a------ C:\WINDOWS\system32\divx_xx07.dll
2006-10-02 20:04 790528 --a------ C:\WINDOWS\system32\divx_xx11.dll
2006-10-02 20:04 635486 --a------ C:\WINDOWS\system32\DivX.dll
2006-09-13 06:02 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"LDM"="C:\\Programme\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
"MsnMsgr"="~\"C:\\Programme\\MSN Messenger\\MsnMsgr.Exe\" /background"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Programme\\Gemeinsame Dateien\\Ahead\\lib\\NMBgMonitor.exe\""
"Sonic RecordNow!"=""
"swg"="C:\\Programme\\Google\\GoogleToolbarNotifier\\1.0.720.3640\\GoogleToolbarNotifier.exe"
"SweetIM"="C:\\Programme\\Macrogaming\\SweetIM\\SweetIM.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Apoint"="C:\\Programme\\Apoint\\Apoint.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"Mouse Suite 98 Daemon"="ICO.EXE"
"Alcmtr"="ALCMTR.EXE"
"SonyPowerCfg"="C:\\Programme\\Sony\\VAIO Power Management\\SPMgr.exe"
"ISBMgr.exe"="C:\\Programme\\Sony\\ISB Utility\\ISBMgr.exe"
"VAIO Update 2"="\"C:\\Programme\\Sony\\VAIO Update 2\\VAIOUpdt.exe\" /Stationary"
"LVCOMS"="C:\\Programme\\Gemeinsame Dateien\\Logitech\\QCDriver2\\LVCOMS.EXE"
"Ulead AutoDetector"="C:\\Programme\\Ulead Systems\\Ulead Photo Explorer 8.0 SE Basic\\Monitor.exe"
"TkBellExe"="\"C:\\Programme\\Gemeinsame Dateien\\Real\\Update_OB\\realsched.exe\" -osboot"
"UpdateManager"="\"C:\\Programme\\Gemeinsame Dateien\\Sonic\\Update Manager\\sgtray.exe\" /r"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe"
"igfxpers"="C:\\WINDOWS\\system32\\igfxpers.exe"
"Microsoft Works Update Detection"="C:\\Programme\\Gemeinsame Dateien\\Microsoft Shared\\Works Shared\\WkUFind.exe"
"AnyDVD"="C:\\Programme\\SlySoft\\AnyDVD\\AnyDVD.exe"
"Windows Spooler"="C:\\WINDOWS\\system32\\spoolsv32.exe"
"Windows DLL Host"="C:\\WINDOWS\\system32\\dllhost32.exe"
"avgnt"="\"C:\\Programme\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
"System service79"="C:\\WINDOWS\\\\\\etb\\\\pokapoka79.exe"
"alphadixxLightS"="C:\\Programme\\alphadixxLightS\\adlight.exe AUTOSTART"
"SppBridge"="C:\\Programme\\ANYCOM\\ANYCOM Blue Card\\SppBridge.exe"
"BTFileTransfer"="C:\\Programme\\ANYCOM\\ANYCOM Blue Card\\FTSLauncher.exe C:\\Programme\\ANYCOM\\ANYCOM Blue Card"
"AddModem"="C:\\Programme\\ANYCOM\\ANYCOM Blue Card\\BTInst.exe -addmodem"
"SunJavaUpdateSched"="\"C:\\Programme\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"Media Access"="C:\\Program Files\\Media Access\\MediaAccK.exe"
"TrueImageMonitor.exe"="C:\\Programme\\Acronis\\TrueImage\\TrueImageMonitor.exe"
"Acronis Scheduler2 Service"="\"C:\\Programme\\Gemeinsame Dateien\\Acronis\\Schedule2\\schedhlp.exe\""
"Meine Traffic"="C:\\PROGRA~1\\MT\\MT.EXE"
"QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Programme\\iTunes\\iTunesHelper.exe\""
"SweetIM"="C:\\Programme\\Macrogaming\\SweetIM\\SweetIM.exe"
"PCSuiteTrayApplication"="C:\\Programme\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -startup"
"RDM+ Control Panel"="\"C:\\Programme\\RDM+\\rdmpserv_cpanel.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000002
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Die derzeitige Homepage"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,02,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=dword:40000004
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"PcSync"="C:\\Programme\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
"PcSync"="C:\\Programme\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
"{553858A7-4922-4e7e-B1C1-97140C1C16EF}"="IE Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=hex:91,00,00,00
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"isamonitor.exe"="C:\\Programme\\Video ActiveX Object\\isamonitor.exe"
"pmsngr.exe"="C:\\Programme\\Video ActiveX Object\\pmsngr.exe"
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1100 series#1106838388.job
Completion time: 06-12-03 15:34:59.09
C:\ComboFix.txt ... 06-12-03 15:34
Ich denke das waren die Files, die hier zur Hilfe benötigt werden, oder? Ich hoffe mir kann jemand helfen.
Danke schonmal!
Sascha[/b]