Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Fake Microsoft Security Essentials Alert

Fake Microsoft Security Essentials Alert


Plagegeister aller Art und deren Bekämpfung: Fake Microsoft Security Essentials Alert

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 2 1 2
Alt 25.09.2010, 03:06   #16
DesperateA
 
Fake Microsoft Security Essentials Alert - Standard

Fake Microsoft Security Essentials Alert


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4686

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18943

25.09.2010 04:04:03
mbam-log-2010-09-25 (04-04-03).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 306753
Laufzeit: 1 Stunde(n), 56 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\3FWHZQA3LT (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Alt 25.09.2010, 09:31   #17
Leonixx
/// Helfer-Team
 
Fake Microsoft Security Essentials Alert - Standard

Fake Microsoft Security Essentials Alert


Hast du das manuelle Update vor dem Scan gemacht? Superantispyware öffnen, auf Statistiken und Protokolle klicken, dann auf Protokoll anzeigen klicken, den Bericht speichern und hier posten.
__________________

Geändert von Leonixx (25.09.2010 um 10:03 Uhr)

Alt 25.09.2010, 14:03   #18
DesperateA
 
Fake Microsoft Security Essentials Alert - Standard

Fake Microsoft Security Essentials Alert


Ich hab jetzt nochmal geupdated und dann nen QuickScan gemacht (weil ich das testen wollte)... das ist alles was unter Logs steht.
ist das vielleicht ein einstellungsproblem? ansonsten weiss ich nicht, was ich falsch gemacht haben soll. hab alles genau gemacht wie in der anleitung, bzw. wie du es gesagt hast.

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 09/25/2010 at 02:50 PM

Application Version : 4.43.1000

Core Rules Database Version : 5578
Trace Rules Database Version: 3390

Scan type : Quick Scan
Total Scan Time : 00:46:04

Memory items scanned : 831
Memory threats detected : 0
Registry items scanned : 2740
Registry threats detected : 0
File items scanned : 49344
File threats detected : 2

Adware.Tracking Cookie
media1.break.com [ C:\Users\Annina\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GVP00001 ]
secure-us.imrworldwide.com [ C:\Users\Annina\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\GVP00001 ]
__________________
Geändert von DesperateA (25.09.2010 um 14:12 Uhr)

Alt 25.09.2010, 14:12   #19
Leonixx
/// Helfer-Team
 
Fake Microsoft Security Essentials Alert - Standard

Fake Microsoft Security Essentials Alert


Lass nochmals einen kompletten Scan durchlaufen.

Alt 25.09.2010, 17:24   #20
DesperateA
 
Fake Microsoft Security Essentials Alert - Standard

Fake Microsoft Security Essentials Alert


Hab ich gemacht. Protokoll sieht wieder nur so aus:

SUPERAntiSpyware Scann-Protokoll
hxxp://www.superantispyware.com

Generiert 09/25/2010 bei 05:41 PM

Version der Applikation : 4.43.1000

Version der Kern-Datenbank : 5578
Version der Spur-Datenbank : 3390

Scan Art : kompletter Scann
Totale Scann-Zeit : 02:26:25

Gescannte Speicherelemente : 823
Erfasste Speicher-Bedrohungen : 0
Gescannte Register-Elemente : 10724
Erfasste Register-Bedrohungen : 0
Gescannte Datei-Elemente : 171888
Erfasste Datei-Elemente : 0


Alt 25.09.2010, 18:26   #21
Leonixx
/// Helfer-Team
 
Fake Microsoft Security Essentials Alert - Standard

Fake Microsoft Security Essentials Alert


So, bitte jetzt nochmals RSIT Logfiles. Wie sehen die Probleme aus?

Alt 25.09.2010, 22:33   #22
DesperateA
 
Fake Microsoft Security Essentials Alert - Standard

Fake Microsoft Security Essentials Alert


wieder nur log.txt erschienen... in dem ordner RSIT ist noch die info.txt datei, die ist aber noch vom 22. und die hab ich ja schon gepostet.
Was genau meinst du mit "wie sehen die Probleme aus"?


RSIT Logfile:
Code:
ATTFilter
Logfile of random's system information tool 1.08 (written by random/random)
Run by Annina at 2010-09-25 23:26:50
Microsoft® Windows Vista™ Home Premium  Service Pack 1
System drive C: has 168 GB (61%) free of 275 GB
Total RAM: 2046 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:28:17, on 25.09.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Annina\Desktop\RSIT.exe
C:\Program Files\trend micro\Annina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [EPGServiceTool] C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ Malwarebytes Anti-Malware  (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: An vorhandenes PDF anfügen - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: EPGService - Hauppauge Computer Works - C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 15881 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-09-17 308856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-21 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-17 842296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\PROGRA~1\GOOGLE~1\BAE.dll [2006-06-23 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-21 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2007-06-10 118784]
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2007-06-11 317560]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-22 30192]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-10-14 623992]
""= []
"EPGServiceTool"=C:\PROGRA~1\WinTV\EPG Services\System\EPGClient.exe [2008-04-17 688128]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-02-29 76304]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-15 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-04 1603152]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-09-17 185896]
"googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-06-28 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-06-28 8429568]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-06-28 81920]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-09-01 421160]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
" Malwarebytes Anti-Malware  (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-04-29 1090952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-06-21 68856]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-09-10 2424560]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AutoStart IR.lnk - C:\Program Files\WinTV\Ir.exe
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
VPN Client.lnk - C:\Windows\Installer\{871DF2BE-41D2-4334-AC33-839AF16FC8FE}\Icon3E5562ED7.ico

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2007-07-12 98304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-24 18:57:59 ----D---- C:\Users\Annina\AppData\Roaming\SUPERAntiSpyware.com
2010-09-24 18:57:59 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2010-09-24 18:57:46 ----D---- C:\Program Files\SUPERAntiSpyware
2010-09-22 23:01:07 ----D---- C:\rsit
2010-09-22 23:01:07 ----D---- C:\Program Files\trend micro
2010-09-22 22:50:26 ----D---- C:\Program Files\CCleaner
2010-09-22 18:23:59 ----D---- C:\Users\Annina\AppData\Roaming\Malwarebytes
2010-09-22 18:23:41 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-09-22 18:23:40 ----D---- C:\ProgramData\Malwarebytes
2010-09-22 18:23:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-09-22 18:23:39 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-09-22 18:00:36 ----ASH---- C:\hiberfil.sys
2010-09-21 23:14:04 ----D---- C:\Users\Annina\AppData\Roaming\1AA1D857BECFB68B3D2163F811486A94
2010-09-18 12:33:21 ----D---- C:\ProgramData\WEBREG
2010-09-18 12:29:14 ----D---- C:\Users\Annina\AppData\Roaming\HP
2010-09-18 12:24:14 ----D---- C:\ProgramData\HP Product Assistant
2010-09-18 12:21:36 ----D---- C:\Program Files\Common Files\HP
2010-09-18 12:20:03 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2010-09-18 12:17:20 ----HD---- C:\Config.Msi
2010-09-18 12:15:57 ----D---- C:\Program Files\HP
2010-09-18 12:14:01 ----D---- C:\ProgramData\HP
2010-09-18 12:12:22 ----A---- C:\Windows\system32\hpzids01.dll
2010-09-18 12:12:16 ----A---- C:\Windows\system32\hpf3l70v.dll
2010-09-18 12:10:30 ----A---- C:\Windows\system32\hppldcoi.dll
2010-09-18 12:10:30 ----A---- C:\Windows\system32\hposwia_d02c.dll
2010-09-18 12:10:30 ----A---- C:\Windows\system32\hpost_d02c.dll
2010-09-18 12:10:30 ----A---- C:\Windows\system32\hposc_d02a.dll
2010-09-18 12:10:30 ----A---- C:\Windows\system32\difxapi.dll
2010-09-15 18:11:17 ----A---- C:\Windows\system32\usp10.dll
2010-09-15 18:11:16 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-15 18:11:14 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-15 18:11:09 ----A---- C:\Windows\system32\inetcomm.dll
2010-09-10 14:35:48 ----D---- C:\Program Files\iPod
2010-09-10 14:35:46 ----D---- C:\Program Files\iTunes
2010-09-08 22:43:38 ----D---- C:\Users\Annina\AppData\Roaming\skypePM
2010-09-08 22:42:52 ----RD---- C:\Program Files\Skype
2010-09-08 22:42:52 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 months======

2010-09-25 23:27:31 ----D---- C:\Windows\Prefetch
2010-09-25 23:27:23 ----D---- C:\Windows\Temp
2010-09-25 23:25:05 ----D---- C:\Windows\Tasks
2010-09-25 23:21:23 ----D---- C:\Windows\system32\drivers
2010-09-25 23:21:23 ----D---- C:\Windows\inf
2010-09-25 21:26:18 ----D---- C:\ProgramData\Google Updater
2010-09-25 18:23:23 ----SHD---- C:\System Volume Information
2010-09-24 18:57:59 ----HD---- C:\ProgramData
2010-09-24 18:57:46 ----RD---- C:\Program Files
2010-09-23 21:13:51 ----D---- C:\Users\Annina\AppData\Roaming\Skype
2010-09-22 22:55:24 ----D---- C:\Windows\Minidump
2010-09-22 22:55:24 ----D---- C:\Windows\Debug
2010-09-22 22:55:24 ----D---- C:\Windows
2010-09-22 22:44:22 ----RSD---- C:\Windows\Media
2010-09-22 20:15:23 ----D---- C:\Windows\Performance
2010-09-22 20:14:02 ----D---- C:\Windows\system32\Tasks
2010-09-22 18:21:59 ----D---- C:\Windows\System32
2010-09-22 18:21:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-21 23:56:09 ----D---- C:\Windows\system32\wbem
2010-09-21 23:47:08 ----D---- C:\Windows\system32\spool
2010-09-21 23:47:08 ----D---- C:\Windows\system32\catroot2
2010-09-21 23:47:07 ----D---- C:\Windows\registration
2010-09-21 23:47:07 ----D---- C:\ProgramData\FLEXnet
2010-09-18 12:28:03 ----A---- C:\Windows\win.ini
2010-09-18 12:27:04 ----SHD---- C:\Windows\Installer
2010-09-18 12:24:45 ----RSD---- C:\Windows\Fonts
2010-09-18 12:22:08 ----D---- C:\Windows\winsxs
2010-09-18 12:21:40 ----D---- C:\Windows\twain_32
2010-09-18 12:21:36 ----D---- C:\Program Files\Common Files
2010-09-18 12:10:46 ----D---- C:\Windows\system32\catroot
2010-09-16 20:48:48 ----D---- C:\Program Files\Mozilla Firefox
2010-09-16 07:45:55 ----D---- C:\ProgramData\Microsoft Help
2010-09-16 07:43:05 ----A---- C:\Windows\system32\mrt.exe
2010-09-16 07:42:42 ----D---- C:\Program Files\Windows Mail
2010-09-15 17:58:20 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-10 14:35:47 ----D---- C:\Program Files\Common Files\Apple
2010-09-08 22:42:51 ----D---- C:\ProgramData\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-03-01 277784]
R0 pavboot;pavboot; C:\Windows\system32\drivers\pavboot.sys [2009-06-30 28552]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2007-06-27 10216]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2007-10-26 306300]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-06-05 12672]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-06-05 8192]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-10 140800]
R3 BthEnum;Bluetooth-Auflistungsdienst; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-06-24 19456]
R3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys [2008-06-24 29184]
R3 btwaudio;Bluetooth-Audiogerät; C:\Windows\system32\drivers\btwaudio.sys [2007-07-03 80936]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-03 98608]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2007-07-03 28464]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-03 17712]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2007-01-31 127376]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-06-05 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-06-05 207360]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-06-30 2222080]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-06-28 7115072]
R3 R5U870FLx86;R5U870 UVC Lower Filter  ; C:\Windows\System32\Drivers\R5U870FLx86.sys [2007-06-28 75008]
R3 R5U870FUx86;R5U870 UVC Upper Filter  ; C:\Windows\System32\Drivers\R5U870FUx86.sys [2007-06-28 43904]
R3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-19 49664]
R3 SNC;Sony Firmware Extension Parser Device; C:\Windows\System32\Drivers\SonyNC.sys [2006-11-06 27520]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-06-13 326656]
R3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys [2007-06-06 812544]
R3 usbvideo;R5U870 (UVC) ; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-06-05 659968]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-05-19 240128]
S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys [2008-06-24 220160]
S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 Dot4;MS IEEE-1284.4-Treiber; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Druckerklassentreiber für IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 hcw66xxx;WinTV HVR-900H; C:\Windows\System32\Drivers\hcw66xxx.sys [2008-02-28 418304]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-02-13 128104]
S4 RsFx0102;RsFx0102 Driver; C:\Windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor5.0;Adobe Active File Monitor V5; C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [2006-12-22 108712]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 Bonjour Service;Dienst "Bonjour"; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2007-10-26 1524512]
R2 EPGService;EPGService; C:\PROGRA~1\WinTV\EPG Services\System\EPGService.exe [2008-04-09 436224]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-11 40999448]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\stacsv.exe [2007-06-13 94208]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2007-07-12 182392]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2007-06-28 188416]
R2 VzFw;VAIO Entertainment File Import Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [2007-06-28 184320]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-06-05 386560]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-06-22 654848]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 820008]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2007-06-28 274432]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-06 135664]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-26 183280]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-22 30192]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2007-06-28 73728]
S3 VAIOMediaPlatform-IntegratedServer-AppServer;VAIO Media Integrated Server; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2007-06-20 2523136]
S3 VAIOMediaPlatform-IntegratedServer-HTTP;VAIO Media Integrated Server (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312]
S3 VAIOMediaPlatform-IntegratedServer-UPnP;VAIO Media Integrated Server (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536]
S3 VAIOMediaPlatform-Mobile-Gateway;VAIO Media Gateway Server; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [2007-06-20 499712]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2007-07-05 292152]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2007-07-05 79736]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128]
S4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-11 369688]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]

-----------------EOF-----------------
--- --- ---


hab auch noch mal malewarebytes drüber laufen lassen:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4693

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18943

25.09.2010 23:17:42
mbam-log-2010-09-25 (23-17-42).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 307070
Laufzeit: 1 Stunde(n), 59 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Annina\AppData\Local\Temp\hgksfg.bat (Malware.Trace) -> Quarantined and deleted successfully.

Alt 26.09.2010, 08:28   #23
Leonixx
/// Helfer-Team
 
Fake Microsoft Security Essentials Alert - Standard

Fake Microsoft Security Essentials Alert


Zitat:
Was genau meinst du mit "wie sehen die Probleme aus"?
Damit meine ich ob du noch Probleme hast mit dem System oder ob es weiter Auffälligkeiten gibt?

Im Logfile sehe ich im Moment nichts.

Alt 26.09.2010, 09:32   #24
DesperateA
 
Fake Microsoft Security Essentials Alert - Standard

Fake Microsoft Security Essentials Alert


Hey,
also mir fällt momentan nichts außergewöhnliches auf. Alles funktioniert einwandfrei.

Bin nur etwas beunruhigt, dass Malwarebytes beim dritten Durchlauf (den ich hier gestern gepostet habe) wieder irgendwas entdeckt hat. Meinst du denn, dass jetzt alles weg ist? Oder soll ich das jetzt nochmal machen?

Alt 26.09.2010, 12:05   #25
Leonixx
/// Helfer-Team
 
Fake Microsoft Security Essentials Alert - Standard

Fake Microsoft Security Essentials Alert


Ich denke es wird immer noch Reste auf dem System geben. Auf jeden Fall mit Malwarebytes und AV den Rechner routinemäßig scannen. Solltest du öfter Probleme haben, dann wieder melden.

Antwort
Seite 2 von 2 1 2

Themen zu Fake Microsoft Security Essentials Alert
abend, ahnung, alert, anwendungen, dankbar, essen, excel, explorer, fake, fake microsoft security essentials alert, firefox, gestern, interne, internet, mehrfach, microsoft, microsoft security, microsoft security essentials, momentan, nichts, problem, relativ, security, skype, spanien, tan, virus


« Win XP SP3 | Befall mit Trojan.PWS.Gen / 20-TAN-Trojaner »


Ähnliche Themen: Fake Microsoft Security Essentials Alert


  1. Microsoft security essentials alert ; Laptop ist blockiert
    Plagegeister aller Art und deren Bekämpfung - 31.10.2012 (17)
  2. Microsoft Security Essentials Alert
    Plagegeister aller Art und deren Bekämpfung - 03.03.2011 (16)
  3. Microsoft Security Essentials Alert legt PC lahm
    Log-Analyse und Auswertung - 16.02.2011 (3)
  4. Microsoft Security Essentials Alert --> Malwarebytes Anti-Malware ... und weiter?
    Antiviren-, Firewall- und andere Schutzprogramme - 14.02.2011 (8)
  5. Logfile nach Infizierung durch Microsoft Security Essentials Alert und soo -.-
    Log-Analyse und Auswertung - 15.01.2011 (58)
  6. Microsoft Security Essentials Alert entfernen
    Plagegeister aller Art und deren Bekämpfung - 10.11.2010 (5)
  7. Think Point Virus /Microsoft Security Essentials Alert - Problem
    Plagegeister aller Art und deren Bekämpfung - 23.10.2010 (3)
  8. Microsoft Security Essentials Alert
    Plagegeister aller Art und deren Bekämpfung - 15.10.2010 (9)
  9. Microsoft Security Essentials Alert - wie werde ich den Trojaner los?
    Plagegeister aller Art und deren Bekämpfung - 11.10.2010 (3)
  10. Microsoft Security Essentials Alert
    Plagegeister aller Art und deren Bekämpfung - 10.10.2010 (1)
  11. Startprobleme XP SP2 nach Entfernung von Microsoft Security Essentials Alert
    Plagegeister aller Art und deren Bekämpfung - 01.10.2010 (0)
  12. Microsoft Security Essentials Alert
    Plagegeister aller Art und deren Bekämpfung - 28.09.2010 (39)
  13. Microsoft Security Essentials Alert - fast alles ausprobiert
    Plagegeister aller Art und deren Bekämpfung - 27.09.2010 (1)
  14. Microsoft Security Essentials Alert
    Plagegeister aller Art und deren Bekämpfung - 24.09.2010 (27)
  15. Microsoft Security Essentials Alert die zweite
    Plagegeister aller Art und deren Bekämpfung - 24.09.2010 (12)
  16. Fake-Microsoft Essentials Security + fünf Trojaner!
    Plagegeister aller Art und deren Bekämpfung - 10.09.2010 (5)
  17. Microsoft Security Essentials Alert entfernen
    Anleitungen, FAQs & Links - 22.08.2010 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Fake Microsoft Security Essentials Alert - Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4686 Windows 6.0.6001 Service Pack 1 Internet Explorer 8.0.6001.18943 25.09.2010 04:04:03 mbam-log-2010-09-25 (04-04-03).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 306753 Laufzeit: 1 - Fake Microsoft Security Essentials Alert...
Archiv
Du betrachtest: Fake Microsoft Security Essentials Alert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130