Security Alert: Spyware found |
||
|---|---|---|
| #0
| ||
|
28.09.2007, 21:58
Member
Beiträge: 25 |
||
 
|
|
|
|
28.09.2007, 22:25
Ehrenmitglied
 Beiträge: 6028 |
#2
Entferne auf C:\Qoobox--->Papierkorb leeren
Download Smitfraudfix by S!Ri zum Desktop Starte dein Recher in abgesicherten Modus Doppelklick Smitfraudfix.exe. Wähle die 2 und drücke auf Enter um die infizierten Dateien zu löschen Du wirst dann gefragt: Do you want to clean the registry ? antworte mit Y (ja) und drücke auf Enter, um das DesktopBild zu entfernen und die Registry Schlüssel der Infektion zu bereinigen. Das Programm wird nun überprüfen, ob die wininet.dll infiziert ist. Man wird möglicherweise gefragt, die infizierte Datei entfernen zu lassen (wenn sie gefunden wird): Replace infected file ? antworte Y (ja) und drücke auf Enter, um eine saubere Datei zu bekommen. die Taskleiste verschwindet + Bildschirm..alles wird blau werden...warte... Wenn dein rechner nicht automatisch selbst neu startet,starte dan selbst neu in normal Modus Kopiere den Inhalt des Berichts in diesen Thread (C:\ rapport.txt ) Installiere und scanne mit SuperAntispyware http://www.virus-protect.org/artikel/tools/superantispyware.html Dan ein neuer log von Hijack This __________ MfG Argus |
|
|
|
|
|
|
28.09.2007, 23:58
Member
Themenstarter Beiträge: 25 |
#3
ich hab alles so gemacht wie du es gesagt hast und es ist alles wieder okay.
DANKE!!! Hast mir echt geholfen. hätte echt kein bock auf ne formatierung gehabt. hier der log-file. hoffe dass du mir bestätigen kannst, dass alles okay ist. falls noch was sein sollte, poste ich es dann. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:55:50, on 28.09.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Intel\Wireless\Bin\EvtEng.exe C:\Programme\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe C:\Programme\AntiVir PersonalEdition Classic\sched.exe C:\Programme\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\SAgent2.exe C:\Programme\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programme\Intel\Wireless\Bin\RegSrvc.exe C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Programme\Sony\VAIO Event Service\VESMgr.exe C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\Explorer.EXE C:\Programme\Apoint\Apoint.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\ICO.EXE C:\Programme\Sony\VAIO Power Management\SPMgr.exe C:\Programme\Sony\ISB Utility\ISBMgr.exe C:\Programme\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Programme\Sony\VAIO Update 2\VAIOUpdt.exe C:\Programme\Utimaco\SafeGuard PrivateDisk\pdservice.exe C:\WINDOWS\eHome\ehmsas.exe C:\Programme\Sony\VAIO Camera Utility\VCUServe.exe C:\Programme\Apoint\Apntex.exe C:\Programme\Java\jre1.5.0_05\bin\jusched.exe C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe C:\Programme\WLAN Monitor\wlconfig.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe C:\Programme\QuickTime\qttask.exe C:\Programme\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\DrvMon.exe C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe C:\Programme\iPod\bin\iPodService.exe C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe C:\WINDOWS\system32\wuauclt.exe C:\Programme\internet explorer\iexplore.exe c:\programme\mbctoolbar\taskmgr.exe C:\hjt\hjt.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: OTSI Class - {85CC6BFF-5A5C-4A76-8FC8-DB0787DF1597} - c:\programme\mbctoolbar\ots.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar4.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar4.dll O3 - Toolbar: MBC Åø¹Ù - {E74BC74F-F470-4AD7-9FB4-1A4170A06082} - c:\programme\mbctoolbar\otwiz.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE O4 - HKLM\..\Run: [SonyPowerCfg] C:\Programme\Sony\VAIO Power Management\SPMgr.exe O4 - HKLM\..\Run: [ISBMgr.exe] C:\Programme\Sony\ISB Utility\ISBMgr.exe O4 - HKLM\..\Run: [Switcher.exe] C:\Programme\Sony\Wireless Switch Setting Utility\Switcher.exe O4 - HKLM\..\Run: [VAIO Update 2] "C:\Programme\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary O4 - HKLM\..\Run: [PDService.exe] C:\Programme\Utimaco\SafeGuard PrivateDisk\pdservice.exe O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Programme\Sony\VAIO Camera Utility\VCUServe.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_05\bin\jusched.exe O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [wlconfig] "C:\Programme\WLAN Monitor\wlconfig.exe" -autostart O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [updateMgr] "C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Programme\Online Video Add-on\icthis.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.0.lnk = C:\Programme\OpenOffice.org 2.0\program\quickstart.exe O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Bluetooth Manager.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/de/ O15 - Trusted Zone: http://*.inicis.com O15 - Trusted Zone: http://*.sbs.co.kr O15 - Trusted Zone: *.sony-europe.com O15 - Trusted Zone: *.sonystyle-europe.com O15 - Trusted Zone: *.vaio-link.com O15 - Trusted Zone: http://*.vpay.co.kr O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab O16 - DPF: {1DE9BB01-B121-401D-8877-BCD5ED5B7EE5} (Tpwin Control) - http://www.crezio.com/test/leeyunho/AlwaysOn/AlwaysOn.CAB O16 - DPF: {340CCF52-D65F-4A11-80B3-13DC23697B59} (BugsInstall Control) - http://player.bugs.co.kr/install/BugsInstall.cab O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase2474.cab O16 - DPF: {6A2E758A-028B-46BB-A11D-0608AB5A4ED3} (DaumBGMCtrl Class) - http://listen.daum.net/52st/bgmplayer/Daum52stBGMPlayer.cab O16 - DPF: {84F7A3A9-B92A-41F4-890F-83F2DC0ADB7E} (ToolBarInstall Control) - http://toolbar.imbc.com/toolbar/MBCToolBar.cab O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://download.sopcast.com/download/SOPCORE.CAB O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/activex/dmcc2.cab?Version=1,0,0,10 O16 - DPF: {9BED3AC7-E6D4-43E7-B8A1-1FA502F639E1} (XTools Control) - http://player.bugs.co.kr/install/XTools.cab O16 - DPF: {A1832535-5218-42F9-8959-19E2BCABFABF} (INIwallet50 Control) - http://plugin.inicis.com/wallet50/INIwallet50.cab O16 - DPF: {A671DC03-71D0-4CF0-895C-7D4A248FC1F1} (skcbgmset Class) - http://cyimg7.cyworld.nate.com/cymusic/package/skcbgmset.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {CEAF43B1-E8C1-426D-A63C-92C71212E6E5} (PlayerCue Control) - http://touch.imbc.com/ActiveX/iMBCOnlineService.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O20 - Winlogon Notify: !SASWinLogon - C:\Programme\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: aldoa - {adf64b1b-c68c-4ce8-bb55-258b7b8b0f81} - (no file) O23 - Service: AccSys WiFi Component (accsvc) - AccSys GmbH - C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\SAgent2.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Programme\Sony\Image Converter 2\IcVzMon.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Programme\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- End of file - 15131 bytes |
|
|
|
|
|
|
29.09.2007, 00:21
Ehrenmitglied
Beiträge: 6028 |
#4
Schau mal nach ob unter Software mbctoolbar steht wenn ja entfernen
Schliesse alle Fenster und starte Hijack This Klicke: Do a Systemscan only Setze ein Häckchen in das Kästchen vor den genannten Eintrag bei O2 - BHO: OTSI Class - {85CC6BFF-5A5C-4A76-8FC8-DB0787DF1597} - c:\programme\mbctoolbar\ots.dll O3 - Toolbar: MBC Åø¹Ù - {E74BC74F-F470-4AD7-9FB4-1A4170A06082} - c:\programme\mbctoolbar\otwiz.dll O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Programme\Online Video Add-on\icthis.exe O16 - DPF: {84F7A3A9-B92A-41F4-890F-83F2DC0ADB7E} (ToolBarInstall Control) - http://toolbar.imbc.com/toolbar/MBCToolBar.cab O16 - DPF: {9BED3AC7-E6D4-43E7-B8A1-1FA502F639E1} (XTools Control) - http://player.bugs.co.kr/install/XTools.cab O22 - SharedTaskScheduler: aldoa - {adf64b1b-c68c-4ce8-bb55-258b7b8b0f81} - (no file) klicke: Fix checked Dein Internet Explorer muss geschlossen wenn Du Fix Checked klickst Entferne c:\programme\ mbctoolbar C:\Programme\ Online Video Add-on Download DelDomains.inf zum Desktop Rechter Mausklick und selektiere “Installieren” Unter O16 gibt es ein Anzahl von Websites die ich nicht kenne wenn du sie aucht nicht kennst mit HJ fixen Dein Java software ist veraltet, Download jre-6u2-windows-i586-p.exe Scrolle runter nach ---->Java Runtime Environment (JRE) 6u2 The Java SE Runtime Environment (JRE) allows end-users to run Java applications. Klicke auf " Download " Setze in haeckchen bei --->"Accept License Agreement". Klicke “Windows Offline Installation, Multi-language” um “jre-6-windows-i586.exe” zum Desktop zu installieren Schliesse alle Programme auch dein Webbrowser Ueber "Start -> Einstellungen -> Systemsteuerung -> Software Und entferne alle aeltere versionen von Java Runtime Environment (JRE of J2SE) Auch auf C:\Programme\ Java entfernen! Nachdem alles entfernt wurde ---> Rechner neu starten Installiere jetzt vom Desktop aus ---> “jre-6u2-windows-i586-p.exe ” Benutze ATF cleaner http://board.protecus.de/t23188.htm Stelle Antivir so ein wie hier beschrieben http://board.protecus.de/t23979.htm Systemwiederherstellung Arbeitsplatz-->Rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren. Neu Starten Dann wieder aktivieren (Häkchen entfernen) Tip: Onlinescanner Nod32 Bitdefender F-secure Housecall eTrust __________ MfG Argus |
|
|
|
|
|
|
29.09.2007, 12:59
Member
Themenstarter Beiträge: 25 |
#5
alles erledigt. danke nochmal.
|
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
während dem Surfen wurde ich aufgefordert, ein
ONLINE VIDEO ADD-ON zu installieren, damit ich mir ein video angucken kann.
seitdem werde ich ständig mit pop-ups genervt, dass ich spywäre hätte.
ich hatte auch den trojaner win.zlob32. hatte den auch mit dem microsoft-tool entfernen lassen.
aber die pop-ups sind immer noch da.
zu erwähnen wäre auch, dass der Ordner namens video online add-on sich nicht mehr löschen lässt.
ausserdem ist im internet explorer jetzt eine security toolbar drin.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:37:48, on 28.09.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Intel\Wireless\Bin\EvtEng.exe
C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe
C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\SAgent2.exe
C:\Programme\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Sony\VAIO Event Service\VESMgr.exe
C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\dllhost.exe
C:\Programme\Online Video Add-on\icthis.exe
C:\Programme\Apoint\Apoint.exe
C:\Programme\Online Video Add-on\icmntr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\ICO.EXE
C:\Programme\Sony\VAIO Power Management\SPMgr.exe
C:\Programme\Sony\ISB Utility\ISBMgr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Programme\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Programme\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Programme\Apoint\Apntex.exe
C:\Programme\Utimaco\SafeGuard PrivateDisk\pdservice.exe
C:\Programme\Sony\VAIO Camera Utility\VCUServe.exe
C:\Programme\Java\jre1.5.0_05\bin\jusched.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\WLAN Monitor\wlconfig.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\DrvMon.exe
C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\notepad.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\internet explorer\iexplore.exe
c:\programme\mbctoolbar\taskmgr.exe
C:\hjt\hjt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: OTSI Class - {85CC6BFF-5A5C-4A76-8FC8-DB0787DF1597} - c:\programme\mbctoolbar\ots.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {D579A683-0CC7-4023-BAE7-0544D0D1DA3A} - C:\Programme\Online Video Add-on\isfmdl.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar4.dll
O3 - Toolbar: MBC Åø¹Ù - {E74BC74F-F470-4AD7-9FB4-1A4170A06082} - c:\programme\mbctoolbar\otwiz.dll
O3 - Toolbar: IE Custom Tools - {41F6170D-6AF8-4188-8D92-9DDAB3C71A78} - C:\Programme\Online Video Add-on\ictmdl.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Programme\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Programme\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Programme\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Programme\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [PDService.exe] C:\Programme\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Programme\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [wlconfig] "C:\Programme\WLAN Monitor\wlconfig.exe" -autostart
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DrvMon.exe] C:\WINDOWS\system32\DrvMon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Programme\Online Video Add-on\icthis.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Programme\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/de/
O15 - Trusted Zone: http://*.inicis.com
O15 - Trusted Zone: http://*.sbs.co.kr
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O15 - Trusted Zone: http://*.vpay.co.kr
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/german/partner/de/kavwebscan_unicode.cab
O16 - DPF: {1DE9BB01-B121-401D-8877-BCD5ED5B7EE5} (Tpwin Control) - http://www.crezio.com/test/leeyunho/AlwaysOn/AlwaysOn.CAB
O16 - DPF: {340CCF52-D65F-4A11-80B3-13DC23697B59} (BugsInstall Control) - http://player.bugs.co.kr/install/BugsInstall.cab
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - http://www.king.com/ctl/kingcomie.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase2474.cab
O16 - DPF: {6A2E758A-028B-46BB-A11D-0608AB5A4ED3} (DaumBGMCtrl Class) - http://listen.daum.net/52st/bgmplayer/Daum52stBGMPlayer.cab
O16 - DPF: {84F7A3A9-B92A-41F4-890F-83F2DC0ADB7E} (ToolBarInstall Control) - http://toolbar.imbc.com/toolbar/MBCToolBar.cab
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://download.sopcast.com/download/SOPCORE.CAB
O16 - DPF: {938527D1-CDB7-4147-998A-B20FCA5CC976} (Cdmcco Class) - http://cafeimg.hanmail.net/activex/dmcc2.cab?Version=1,0,0,10
O16 - DPF: {9BED3AC7-E6D4-43E7-B8A1-1FA502F639E1} (XTools Control) - http://player.bugs.co.kr/install/XTools.cab
O16 - DPF: {A1832535-5218-42F9-8959-19E2BCABFABF} (INIwallet50 Control) - http://plugin.inicis.com/wallet50/INIwallet50.cab
O16 - DPF: {A671DC03-71D0-4CF0-895C-7D4A248FC1F1} (skcbgmset Class) - http://cyimg7.cyworld.nate.com/cymusic/package/skcbgmset.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {CEAF43B1-E8C1-426D-A63C-92C71212E6E5} (PlayerCue Control) - http://touch.imbc.com/ActiveX/iMBCOnlineService.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O22 - SharedTaskScheduler: aldoa - {adf64b1b-c68c-4ce8-bb55-258b7b8b0f81} - (no file)
O23 - Service: AccSys WiFi Component (accsvc) - AccSys GmbH - C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Programme\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Programme\Gemeinsame Dateien\EPSON\EBAPI\SAgent2.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Programme\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Programme\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Programme\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
--
End of file - 15289 bytes
ComboFix 07-09-21.2 - "Sung-Ae" 2007-09-28 21:17:27.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.49.1031.18.380 [GMT 2:00]
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\DOKUME~1\ALLUSE~1\Desktop.\UUSEE~1.LNK
C:\DOKUME~1\ALLUSE~1\STARTM~1.\UUSEE~1.LNK
C:\Programme\uusee
C:\Programme\uusee\AD\1\000\index_new.html
C:\Programme\uusee\AD\1\000\uue_new.jpg
C:\Programme\uusee\AD\1\001\index_new.html
C:\Programme\uusee\AD\1\001\uue_new.jpg
C:\Programme\uusee\AD\1\cy\cy.html
C:\Programme\uusee\AD\1\dsj\dsj.html
C:\Programme\uusee\AD\1\dy\dy.html
C:\Programme\uusee\AD\1\jk\jk.html
C:\Programme\uusee\AD\1\ty\ty.html
C:\Programme\uusee\AD\1\yl\yl.html
C:\Programme\uusee\AD\1\yx\yx1.html
C:\Programme\uusee\AD\2\100\index.html
C:\Programme\uusee\AD\2\200\index.html
C:\Programme\uusee\AD\2\300\index.html
C:\Programme\uusee\AD\UUAD_Banner_1.html
C:\Programme\uusee\AD\UUAD_Banner_3.html
C:\Programme\uusee\AD\UUAD_Buffering.html
C:\Programme\uusee\AD\UUAD_Buffering.jpg
C:\Programme\uusee\AD\UUAD_TextLink_0.xml
C:\Programme\uusee\ARMP.ocx
C:\Programme\uusee\ARMPD.dll
C:\Programme\uusee\check_cmd.exe
C:\Programme\uusee\flvplayer.swf
C:\Programme\uusee\in_psp.dll
C:\Programme\uusee\MultiVMR9.dll
C:\Programme\uusee\out_mmshttp.dll
C:\Programme\uusee\rmsp011.ax
C:\Programme\uusee\skins\UUPlayer\About.bmp
C:\Programme\uusee\skins\UUPlayer\Control_Button_pause_1.bmp
C:\Programme\uusee\skins\UUPlayer\Control_Button_pause_2.bmp
C:\Programme\uusee\skins\UUPlayer\Control_Button_pause_3.bmp
C:\Programme\uusee\skins\UUPlayer\Control_Button_pause_4.bmp
C:\Programme\uusee\skins\UUPlayer\Control_Button_Recording_1.bmp
C:\Programme\uusee\skins\UUPlayer\Control_Button_Recording_2.bmp
C:\Programme\uusee\skins\UUPlayer\Control_Button_Recording_3.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_CheckBox_1.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_CheckBox_2.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_CheckBox_3.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_CheckBox_4.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_CheckBox_C1.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_CheckBox_C2.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_CheckBox_C3.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_CheckBox_C4.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_ComboBox_1.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_ComboBox_2.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_ComboBox_3.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_ComboBox_4.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_Edit_1.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_Edit_4.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_PushButton_1.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_PushButton_2.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_PushButton_3.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_PushButton_4.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_RadioButton_1.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_RadioButton_2.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_RadioButton_3.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_RadioButton_4.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_RadioButton_C1.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_RadioButton_C2.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_RadioButton_C3.bmp
C:\Programme\uusee\skins\UUPlayer\Ctrl_RadioButton_C4.bmp
C:\Programme\uusee\skins\UUPlayer\Dlg_Back.bmp
C:\Programme\uusee\skins\UUPlayer\Dlg_Detect.bmp
C:\Programme\uusee\skins\UUPlayer\Dlg_Frame_1.bmp
C:\Programme\uusee\skins\UUPlayer\Dlg_Frame_2.bmp
C:\Programme\uusee\skins\UUPlayer\Dlg_Frame_3.bmp
C:\Programme\uusee\skins\UUPlayer\Dlg_Record_Task_1.bmp
C:\Programme\uusee\skins\UUPlayer\Icon_Information.bmp
C:\Programme\uusee\skins\UUPlayer\Icon_Question.bmp
C:\Programme\uusee\skins\UUPlayer\Icon_Stop.bmp
C:\Programme\uusee\skins\UUPlayer\ListHeader_1.bmp
C:\Programme\uusee\skins\UUPlayer\ListHeader_2.bmp
C:\Programme\uusee\skins\UUPlayer\ListHeader_3.bmp
C:\Programme\uusee\skins\UUPlayer\ListHeader_ArrowD.bmp
C:\Programme\uusee\skins\UUPlayer\ListHeader_ArrowU.bmp
C:\Programme\uusee\skins\UUPlayer\ListHeader_SP.bmp
C:\Programme\uusee\skins\UUPlayer\Play_Window_Rec_icon.bmp
C:\Programme\uusee\skins\UUPlayer\Progressbar_Block_1.bmp
C:\Programme\uusee\skins\UUPlayer\Progressbar_Block_2.bmp
C:\Programme\uusee\skins\UUPlayer\Progressbar_Block_3.bmp
C:\Programme\uusee\skins\UUPlayer\Progressbar_Block_4.bmp
C:\Programme\uusee\skins\UUPlayer\Resource.h
C:\Programme\uusee\skins\UUPlayer\Setting_Group_1_1.bmp
C:\Programme\uusee\skins\UUPlayer\Setting_Group_1_2.bmp
C:\Programme\uusee\skins\UUPlayer\Setting_Group_1_3.bmp
C:\Programme\uusee\skins\UUPlayer\Setting_Group_2_1.bmp
C:\Programme\uusee\skins\UUPlayer\Setting_Group_2_2.bmp
C:\Programme\uusee\skins\UUPlayer\Setting_Group_2_3.bmp
C:\Programme\uusee\skins\UUPlayer\Setting_Group_3_1.bmp
C:\Programme\uusee\skins\UUPlayer\Setting_Group_3_2.bmp
C:\Programme\uusee\skins\UUPlayer\Setting_Group_3_3.bmp
C:\Programme\uusee\skins\UUPlayer\Sidebar_Button_1_1.bmp
C:\Programme\uusee\skins\UUPlayer\Sidebar_Button_1_2.bmp
C:\Programme\uusee\skins\UUPlayer\Sidebar_Button_1_3.bmp
C:\Programme\uusee\skins\UUPlayer\Sidebar_Group_1.bmp
C:\Programme\uusee\skins\UUPlayer\Sidebar_Group_2.bmp
C:\Programme\uusee\skins\UUPlayer\Sidebar_Group_3.bmp
C:\Programme\uusee\skins\UUPlayer\Sidebar_Group_x1.bmp
C:\Programme\uusee\skins\UUPlayer\Sidebar_Group_x2.bmp
C:\Programme\uusee\skins\UUPlayer\Sidebar_Group_x3.bmp
C:\Programme\uusee\skins\UUPlayer\Titlebar_button_Res_1.bmp
C:\Programme\uusee\skins\UUPlayer\Titlebar_button_Res_2.bmp
C:\Programme\uusee\skins\UUPlayer\Titlebar_button_Res_3.bmp
C:\Programme\uusee\skins\UUPlayer\Toolbar_Button_Compact_1.bmp
C:\Programme\uusee\skins\UUPlayer\Toolbar_Button_Compact_2.bmp
C:\Programme\uusee\skins\UUPlayer\Toolbar_Button_Compact_3.bmp
C:\Programme\uusee\skins\UUPlayer\Toolbar_Button_FullScreen_1.bmp
C:\Programme\uusee\skins\UUPlayer\Toolbar_Button_FullScreen_2.bmp
C:\Programme\uusee\skins\UUPlayer\Toolbar_Button_FullScreen_3.bmp
C:\Programme\uusee\skins\UUPlayer\Toolbar_Button_TopMost_1.bmp
C:\Programme\uusee\skins\UUPlayer\Toolbar_Button_TopMost_2.bmp
C:\Programme\uusee\skins\UUPlayer\Toolbar_Button_TopMost_3.bmp
C:\Programme\uusee\skins\UUPlayer\TopTab_Browse.bmp
C:\Programme\uusee\skins\UUPlayer\TopTab_Browse1.bmp
C:\Programme\uusee\skins\UUPlayer\TopTab_Play.bmp
C:\Programme\uusee\skins\UUPlayer\TopTab_Play1.bmp
C:\Programme\uusee\skins\UUPlayer\TopTab_Record.bmp
C:\Programme\uusee\skins\UUPlayer\TopTab_Record1.bmp
C:\Programme\uusee\skins\UUPlayer\Tree_Arrow.bmp
C:\Programme\uusee\skins\UUPlayer\Tree_Collapse.bmp
C:\Programme\uusee\skins\UUPlayer\Tree_Expand.bmp
C:\Programme\uusee\skins\UUPlayer\Tree_Header.bmp
C:\Programme\uusee\skins\UUPlayer\Tree_ScrollBar_D.bmp
C:\Programme\uusee\skins\UUPlayer\Tree_ScrollBar_H.bmp
C:\Programme\uusee\skins\UUPlayer\Tree_ScrollBar_N.bmp
C:\Programme\uusee\skins\UUPlayer\Tree_ScrollBar_S.bmp
C:\Programme\uusee\skins\UUPlayer\Tree_ScrollBarThumb_D.bmp
C:\Programme\uusee\skins\UUPlayer\Tree_ScrollBarThumb_H.bmp
C:\Programme\uusee\skins\UUPlayer\Tree_ScrollBarThumb_N.bmp
C:\Programme\uusee\skins\UUPlayer\Tree_ScrollBarThumb_S.bmp
C:\Programme\uusee\skins\UUPlayer\Tree_SortIconDown.bmp
C:\Programme\uusee\skins\UUPlayer\Tree_SortIconUp.bmp
C:\Programme\uusee\skins\UUPlayer\UUSEE.ui
C:\Programme\uusee\skins\UUPlayer\Volume_Bar_Block_1.bmp
C:\Programme\uusee\skins\UUPlayer\Volume_Bar_Block_2.bmp
C:\Programme\uusee\skins\UUPlayer\Volume_Bar_Block_3.bmp
C:\Programme\uusee\skins\UUPlayer\Volume_Button_2_1.bmp
C:\Programme\uusee\skins\UUPlayer\Volume_Button_2_2.bmp
C:\Programme\uusee\skins\UUPlayer\Volume_Button_2_3.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Browser_1.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Browser_2.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Browser_3.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_ChannelInfo.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_ChannelInfo_5.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Control_1.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Control_2.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Control_3.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Control_4.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Main_1.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Main_2.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Main_3.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Main_5.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Play_1.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Record_1.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Record_2.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Record_3.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Record_4.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Setting_1.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Setting_2.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Setting_3.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Side_1.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Side_2.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Side_3.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Toolbar_1.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Toolbar_2.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Toolbar_3.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Toolbar_4.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Top_1.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Top_2.bmp
C:\Programme\uusee\skins\UUPlayer\Wnd_Top_3.bmp
C:\Programme\uusee\u264Dec.ax
C:\Programme\uusee\UFDeMux.ax
C:\Programme\uusee\uninst.exe
C:\Programme\uusee\updateC2.ocx
C:\Programme\uusee\UUPlayer.dll
C:\Programme\uusee\UUPlayer.ocx
C:\Programme\uusee\UUPlayer_update.ini
C:\Programme\uusee\UUSee.url
C:\Programme\uusee\uusee_video.dll
C:\Programme\uusee\UUSEEAudioDec.ax
C:\Programme\uusee\UUSeePlayer.exe
C:\Programme\uusee\UUTV_MY.xml
C:\Programme\uusee\UUTV_UUPlayer.xml
C:\Programme\uusee\UUUpgrade.exe
C:\Programme\uusee\UUUpgrade.ini
C:\Programme\uusee\UUUpgrade.ocx
C:\Programme\uusee\vermini.ini
C:\Programme\uusee\vermini_x.ini
C:\Programme\uusee\vermini_x1.ini
C:\Programme\uusee\What's new.txt
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\Packet.dll
C:\WINDOWS\system32\WanPacket.dll
C:\WINDOWS\system32\wpcap.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_NPF
-------\NPF
((((((((((((((((((((((((( Files Created from 2007-08-28 to 2007-09-28 )))))))))))))))))))))))))))))))
.
2007-09-28 21:16 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-28 20:41 <DIR> d-------- C:\Programme\Windows Live Safety Center
2007-09-28 19:56 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-09-28 19:56 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-09-28 19:56 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-09-28 19:56 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-09-28 19:56 25,088 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-09-28 18:35 4,524 --a------ C:\WINDOWS\system32\tmp.reg
2007-09-28 18:19 <DIR> d-------- C:\!KillBox
2007-09-28 17:53 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-09-28 16:33 <DIR> d-------- C:\Programme\Online Video Add-on
2007-09-22 00:01 700,416 --a------ C:\WINDOWS\ishield.exe
2007-09-19 10:08 54,792 --a------ C:\WINDOWS\mbcunin.exe
2007-09-19 10:08 174,336 --a------ C:\WINDOWS\system32\drivers\_ishieldB.sys
2007-09-19 10:08 108,416 --a------ C:\WINDOWS\system32\drivers\_ishieldA.sys
2007-09-01 16:25 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Synacast
2007-09-01 16:25 <DIR> d-------- C:\ppmaterecord
2007-09-01 16:24 4,431,981 --a------ C:\ppmate-2.3.1.65.exe
2007-09-01 15:41 <DIR> d-------- C:\Programme\TVUPlayer
2007-09-01 15:41 <DIR> d-------- C:\DOKUME~1\Sung-Ae\ANWEND~1\TVU Networks
2007-09-01 12:13 <DIR> d-------- C:\SAMSTAGSKLAUSUREN
2007-08-28 16:38 64,512 --a------ C:\WINDOWS\system32\MSCC2DE.DLL
2007-08-28 16:38 23,552 --a------ C:\WINDOWS\system32\MSMPIDE.DLL
2007-08-28 16:38 158,208 --a------ C:\WINDOWS\system32\MSCMCDE.DLL
2007-08-28 16:38 116,224 --a------ C:\WINDOWS\system32\pdfcmnnt.dll
2007-08-28 16:38 <DIR> d-------- C:\Programme\PDFCreator
2007-08-28 16:37 13,256,032 --a------ C:\PDFCreator-0_9_3_GPLGhostscript.exe
2007-08-28 13:15 87,280 --a------ C:\WINDOWS\system32\wsatrace.dll
2007-08-28 13:15 <DIR> d-------- C:\Programme\Poker Tracker V2
2007-08-28 13:14 17,662,084 --a------ C:\pt2su.exe
2007-08-28 13:02 <DIR> d-------- C:\HHConverterTitan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-28 20:32 --------- d-------- C:\Programme\WLAN Monitor
2007-09-28 17:40 --------- d-------- C:\Programme\DivX
2007-09-28 17:37 --------- d-------- C:\Programme\OpenOffice.org 2.0
2007-09-28 17:36 --------- d-------- C:\DOKUME~1\Sung-Ae\ANWEND~1\OpenOffice.org2
2007-09-28 17:33 --------- d--h----- C:\Programme\InstallShield Installation Information
2007-09-28 17:08 --------- d-------- C:\Programme\Yahoo!
2007-09-28 00:04 --------- d-------- C:\Programme\MBCToolBar
2007-09-26 21:51 --------- d-------- C:\Programme\Zoom Player
2007-09-22 16:01 --------- d-------- C:\Programme\MSN Messenger
2007-09-22 15:44 --------- d-------- C:\DOKUME~1\Sung-Ae\ANWEND~1\ppStream
2007-09-21 23:53 --------- d-------- C:\Programme\Everest Poker
2007-09-13 19:06 --------- d-------- C:\DOKUME~1\Sung-Ae\ANWEND~1\Ahead
2007-09-03 10:48 --------- d-------- C:\Programme\eMule
2007-09-01 16:33 --------- d-------- C:\Programme\TVAnts
2007-09-01 16:25 --------- d-------- C:\Programme\PPMate
2007-08-18 00:13 --------- d-------- C:\Programme\PokerStars
2007-08-12 17:31 --------- d-------- C:\Programme\PPLive
2007-08-06 00:58 --------- d-------- C:\DOKUME~1\Sung-Ae\ANWEND~1\Apple Computer
2007-08-02 21:54 --------- d-------- C:\Programme\Full Tilt Poker
2007-08-02 21:43 --------- d-------- C:\Programme\PartyGaming
2007-07-30 21:12 --------- d-------- C:\Programme\Windows Media Connect 2
2007-07-08 18:54 10468630 --a------ C:\FullTiltSetup.exe
2007-07-02 20:48 8170368 --a------ C:\Alcohol120_trial_1.9.6.5429.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{85CC6BFF-5A5C-4A76-8FC8-DB0787DF1597}]
2007-07-11 18:14 91656 --a------ c:\programme\mbctoolbar\ots.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D579A683-0CC7-4023-BAE7-0544D0D1DA3A}]
2007-09-28 20:28 11264 --a------ C:\Programme\Online Video Add-on\isfmdl.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{E74BC74F-F470-4AD7-9FB4-1A4170A06082}"= c:\programme\mbctoolbar\otwiz.dll [2007-07-18 11:47 652808]
"{41F6170D-6AF8-4188-8D92-9DDAB3C71A78}"= C:\Programme\Online Video Add-on\ictmdl.dll [2007-09-28 16:33 64512]
[HKEY_CLASSES_ROOT\CLSID\{E74BC74F-F470-4AD7-9FB4-1A4170A06082}]
[HKEY_CLASSES_ROOT\OTWiz.OTWizBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{5B420B1B-AC69-47B4-AB5B-267DC087252C}]
[HKEY_CLASSES_ROOT\OTWiz.OTWizBand]
[HKEY_CLASSES_ROOT\CLSID\{41F6170D-6AF8-4188-8D92-9DDAB3C71A78}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-11-29 15:06]
"Apoint"="C:\Programme\Apoint\Apoint.exe" [2004-11-17 13:47]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 14:34]
"Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 17:46 C:\WINDOWS\system32\ico.exe]
"SonyPowerCfg"="C:\Programme\Sony\VAIO Power Management\SPMgr.exe" [2005-11-28 17:42]
"ISBMgr.exe"="C:\Programme\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 15:12]
"Switcher.exe"="C:\Programme\Sony\Wireless Switch Setting Utility\Switcher.exe" [2005-11-24 12:47]
"VAIO Update 2"="C:\Programme\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-10-11 22:36]
"PDService.exe"="C:\Programme\Utimaco\SafeGuard PrivateDisk\pdservice.exe" [2004-07-06 15:15]
"VAIOCameraUtility"="C:\Programme\Sony\VAIO Camera Utility\VCUServe.exe" [2005-12-01 03:20]
"SunJavaUpdateSched"="C:\Programme\Java\jre1.5.0_05\bin\jusched.exe" [2005-08-26 19:14]
"avgnt"="C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" [2007-09-08 15:04]
"wlconfig"="C:\Programme\WLAN Monitor\wlconfig.exe" [2006-03-06 13:45]
"TkBellExe"="C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [2006-09-26 23:15]
"Adobe Photo Downloader"="C:\Programme\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-23 21:33]
"NWEReboot"="" []
"NeroFilterCheck"="C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe" [2006-01-12 17:40]
"Samsung Common SM"="C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" [2005-07-03 09:20]
"QuickTime Task"="C:\Programme\QuickTime\qttask.exe" [2007-04-27 09:41]
"iTunesHelper"="C:\Programme\iTunes\iTunesHelper.exe" [2007-04-27 11:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00]
"DrvMon.exe"="C:\WINDOWS\system32\DrvMon.exe" [2004-09-10 04:16]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 14:32]
"swg"="C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-11 02:08]
"updateMgr"="C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45]
C:\DOKUME~1\ALLUSE~1\STARTM~1\PROGRA~1\AUTOST~1\
Adobe Reader - Schnellstart.lnk - C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
Bluetooth Manager.lnk - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2005-10-11 12:46:50]
Microsoft Office.lnk - C:\Programme\Microsoft Office\Office\OSA9.EXE [1999-04-29 23:00:00]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 2005-05-20 18:42 73728 C:\WINDOWS\system32\VESWinlogon.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\_ishieldA.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\_ishieldB.sys"
R0 SI3132;SiI-3132 SATALink Controller;C:\WINDOWS\system32\DRIVERS\SI3132.sys
R1 _ishieldA;_ishieldA;\??\C:\WINDOWS\system32\drivers\_ishieldA.sys
R1 _ishieldB;_ishieldB;\??\C:\WINDOWS\system32\drivers\_ishieldB.sys
R1 PrivateDisk;PrivateDisk;C:\WINDOWS\system32\Drivers\PrivateDiskM.sys
R2 accsvc;AccSys WiFi Component;C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;C:\Programme\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB
R3 SonyImgF;Sony Image Conversion Filter Driver;C:\WINDOWS\system32\DRIVERS\SonyImgF.sys
R3 ti21sony;ti21sony;C:\WINDOWS\system32\drivers\ti21sony.sys
R3 usbvm321;Sony Visual Communication Camera VGP-VCC1;C:\WINDOWS\system32\Drivers\usbvm321.sys
S2 DgiVecp;Team MFP Comm Driver;C:\WINDOWS\system32\Drivers\DgiVecp.sys
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Programme\Sony\Image Converter 2\IcVzMon.exe
S3 scsk4;SCSK4 Driver Service;C:\WINDOWS\system32\drivers\scsk4.sys
S3 scskusbf;USB SCSK Filter Driver Service;C:\WINDOWS\system32\drivers\scskusbf.sys
S3 scskusbs;USB SCSK Driver Service;C:\WINDOWS\system32\drivers\scskusbs.sys
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;C:\Programme\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{79ebd424-e765-11da-9e13-0013020cb9f2}]
AutoRun\command- G:\loader.exe
.
Contents of the 'Scheduled Tasks' folder
"2007-09-18 18:54:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Programme\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-28 21:23:29
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\SonyCPU]
"ImagePath"="\??\C:\Programme\Sony\VAIO Power Management\SonyCPU.sys"
.
Completion time: 2007-09-28 21:26:12 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-09-28 21:25
.
--- E O F ---
wär cool, wenn ihr mir helfen könntet. DANKE im voraus!!!