Ok,
GMER hat auch nach mehrmaligem probieren nicht funktioniert.

Hier das OSAM log:

OSAM Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 15:57:54 on 05.05.2011

OS: Windows Vista Home Premium Edition Service Pack 1 (Build 6001), 32-bit
Default Browser: Mozilla Corporation Firefox 3.6.17

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[AppInit DLLs]
-----( HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows )-----
"AppInit_DLLs" - "Google" - C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"avgio" (avgio) - "Avira GmbH" - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"catchme" (catchme) - ? - C:\Users\***\AppData\Local\Temp\catchme.sys  (File not found)
"Cisco Systems Inc. IPSec Driver" (CVPNDRVA) - "Cisco Systems, Inc." - C:\Windows\system32\Drivers\CVPNDRVA.sys
"EraserUtilRebootDrv" (EraserUtilRebootDrv) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
"fglorpog" (fglorpog) - ? - C:\Users\***\AppData\Local\Temp\fglorpog.sys  (Hidden registry entry, rootkit activity | File not found)
"IP in IP Tunnel Driver" (IpInIp) - ? - C:\Windows\System32\DRIVERS\ipinip.sys  (File not found)
"IPX Traffic Filter Driver" (NwlnkFlt) - ? - C:\Windows\System32\DRIVERS\nwlnkflt.sys  (File not found)
"IPX Traffic Forwarder Driver" (NwlnkFwd) - ? - C:\Windows\System32\DRIVERS\nwlnkfwd.sys  (File not found)
"MTOnlPktAlyX NDIS Protocol Driver" (MTOnlPktAlyX) - "Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH" - C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis1\MTOnlPktAlyX.SYS
"NAVENG" (NAVENG) - "Symantec Corporation" - C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20100306.004\NAVENG.SYS
"NAVEX15" (NAVEX15) - ? - C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20100306.004\NAVEX15.SYS  (File not found)
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHelp20.sys
"Sony DMI Call service" (DMICall) - "Sony Corporation" - C:\Windows\System32\DRIVERS\DMICall.sys
"SPBBCDrv" (SPBBCDrv) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
"SRTSP" (SRTSP) - "Symantec Corporation" - C:\Windows\System32\Drivers\SRTSP.SYS
"SRTSPL" (SRTSPL) - "Symantec Corporation" - C:\Windows\System32\Drivers\SRTSPL.SYS
"SRTSPX" (SRTSPX) - "Symantec Corporation" - C:\Windows\System32\Drivers\SRTSPX.SYS
"ssmdrv" (ssmdrv) - "AVIRA GmbH" - C:\Windows\System32\DRIVERS\ssmdrv.sys
"Symantec Eraser Control driver" (eeCtrl) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
"Symantec Event Monitor Driver" (VProEventMonitor) - "Symantec Corporation" - C:\Windows\System32\DRIVERS\vproeventmonitor.sys
"Symantec Intrusion Prevention Driver" (IDSvix86) - "Symantec Corporation" - C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20100224.001\IDSvix86.sys
"Symantec V2i Mount Driver" (v2imount) - "Symantec Corporation" - C:\Windows\System32\DRIVERS\v2imount.sys
"Symantec Volume Snap Shot Driver" (symsnap) - "StorageCraft" - C:\Windows\System32\DRIVERS\symsnap.sys
"SYMDNS" (SYMDNS) - "Symantec Corporation" - C:\Windows\System32\Drivers\SYMDNS.SYS
"SymEvent" (SymEvent) - "Symantec Corporation" - C:\Windows\system32\Drivers\SYMEVENT.SYS
"SYMFW" (SYMFW) - "Symantec Corporation" - C:\Windows\System32\Drivers\SYMFW.SYS
"SYMIDS" (SYMIDS) - "Symantec Corporation" - C:\Windows\System32\Drivers\SYMIDS.SYS
"SYMNDISV" (SYMNDISV) - "Symantec Corporation" - C:\Windows\System32\Drivers\SYMNDISV.SYS
"SYMREDRV" (SYMREDRV) - "Symantec Corporation" - C:\Windows\System32\Drivers\SYMREDRV.SYS
"SYMTDI" (SYMTDI) - "Symantec Corporation" - C:\Windows\System32\Drivers\SYMTDI.SYS
"WimFltr" (WimFltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\wimfltr.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? -   (File not found | COM-object registry key not found)
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? -   (File not found | COM-object registry key not found)
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? -   (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? -   (File not found | COM-object registry key not found)
{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? -   (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 2.4\program\shlxthdl.dll
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? -   (File not found | COM-object registry key not found)
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - "Avira GmbH" - C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll
{ED58A35B-B554-42AF-A26C-6F3D424200D3} "SPMPanel" - "Sony Corporation" - C:\Program Files\Sony\VAIO Power Management\SPMPanel.dll
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? -   (File not found | COM-object registry key not found)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_23" - ? - C:\Program Files\Java\jdk1.6.0_23\bin\npjpi160_23.dll  (File not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "{8AD9C840-044E-11D1-B3E9-00805F499D93}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} "{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}" - ? -   (File not found | COM-object registry key not found) / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
"ICQ7.2" - "ICQ, LLC." - C:\Program Files\ICQ7.2\ICQ.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
{90222687-F593-4738-B738-FBEE9C7B26DF} "Norton-Symbolleiste anzeigen" - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} "Adobe PDF Reader" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
{CA6319C0-31B7-401E-A518-A07C3DB8F777} "CBrowserHelperObject Object" - "Your Company Name" - C:\PROGRA~1\GOOGLE~1\BAE.dll
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} "Google Dictionary Compression sdch" - "Google Inc." - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} "Google Toolbar Notifier BHO" - "Google Inc." - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{1E8A6170-7264-4D0F-BEAE-D42A53123C75} "{1E8A6170-7264-4D0F-BEAE-D42A53123C75}" - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE  (Shortcut exists | File exists)
"desktop.ini" - ? - C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"OpenOffice.org 2.4.lnk" - ? - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe  (Shortcut exists | File found, but it contains no detailed information | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"VPN Client.lnk" - "Cisco Systems, Inc." - C:\Program Files\Cisco Systems\VPN Client\vpngui.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"DAEMON Tools Lite" - "DT Soft Ltd" - "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
"NSUFloatingUI" - "Sony Corporation" - "C:\Program Files\Sony\Network Utility\LANUtil.exe"
"swg" - "Google Inc." - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"avgnt" - "Avira GmbH" - "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
"ccApp" - "Symantec Corporation" - "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
"Google Desktop Search" - "Google" - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"ISBMgr.exe" - ? - "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
"Malwarebytes' Anti-Malware (reboot)" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
"Norton Save and Restore 2.0" - "Symantec Corporation" - "C:\Program Files\Norton Save and Restore\Agent\VProTray.exe"
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Symantec PIF AlertEng" - "Symantec Corporation" - "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll  (File found, but it contains no detailed information)
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
"Avira AntiVir Personal - Free Antivirus Guard" (AntiVirService) - "Avira GmbH" - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
"Avira AntiVir Personal - Free Antivirus Planer" (AntiVirScheduler) - "Avira GmbH" - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
"ccEvtMgr" (ccEvtMgr) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
"ccSetMgr" (ccSetMgr) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
"Cisco Systems, Inc. VPN Service" (CVPND) - "Cisco Systems, Inc." - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
"COM Host" (comHost) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
"Google Desktop Manager 5.9.1005.12335" (GoogleDesktopManager-051210-111108) - "Google" - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
"Google Software Updater" (gusvc) - "Google" - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
"LiveUpdate" (LiveUpdate) - "Symantec Corporation" - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
"LiveUpdate Notice Service" (LiveUpdate Notice Service) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
"LiveUpdate Notice Service Ex" (LiveUpdate Notice Ex) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Norton Save and Restore" (Norton Save and Restore) - "Symantec Corporation" - C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe
"NSUService" (NSUService) - "Sony Corporation" - C:\Program Files\Sony\Network Utility\NSUService.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"Symantec Core LC" (Symantec Core LC) - ? - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
"Symantec Lic NetConnect service" (CLTNetCnService) - "Symantec Corporation" - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
"VAIO Content Metadata Intelligent Analyzing Manager" (VcmIAlzMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
"VAIO Content Metadata XML Interface" (VcmXmlIfHelper) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
"VAIO Entertainment Database Service" (VzCdbSvc) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
"VAIO Entertainment File Import Service" (VzFw) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
"VAIO Entertainment TV Device Arbitration Service" (VAIO Entertainment TV Device Arbitration Service) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
"VAIO Entertainment UPnP Client Adapter" (Vcsw) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
"VAIO Event Service" (VAIO Event Service) - "Sony Corporation" - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
"VAIO Media Content Collection" (VAIOMediaPlatform-UCLS-AppServer) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
"VAIO Media Content Collection (HTTP)" (VAIOMediaPlatform-UCLS-HTTP) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
"VAIO Media Content Collection (UPnP)" (VAIOMediaPlatform-UCLS-UPnP) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
"VAIO Media Gateway Server" (VAIOMediaPlatform-Mobile-Gateway) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
"VAIO Media Integrated Server" (VAIOMediaPlatform-IntegratedServer-AppServer) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
"VAIO Media Integrated Server (HTTP)" (VAIOMediaPlatform-IntegratedServer-HTTP) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
"VAIO Media Integrated Server (UPnP)" (VAIOMediaPlatform-IntegratedServer-UPnP) - "Sony Corporation" - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

[Winlogon]
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"VESWinlogon" - "Sony Corporation" - C:\Windows\system32\VESWinlogon.dll

===[ Logfile end ]=========================================[ Logfile end ]===
         

--- --- ---

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru[/QUOTE]




und das MBRCheck log:

Zitat:

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 1 (build 6001), 32-bit
Base Board Manufacturer: Sony Corporation
BIOS Manufacturer: Phoenix Technologies LTD
System Manufacturer: Sony Corporation
System Product Name: VGN-NR11Z_T
Logical Drives Mask: 0x0000007c

Kernel Drivers (total 166):
0x82218000 \SystemRoot\system32\ntkrnlpa.exe
0x825D1000 \SystemRoot\system32\hal.dll
0x8060C000 \SystemRoot\system32\kdcom.dll
0x80614000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x80674000 \SystemRoot\system32\PSHED.dll
0x80685000 \SystemRoot\system32\BOOTVID.dll
0x8068D000 \SystemRoot\system32\CLFS.SYS
0x806CE000 \SystemRoot\system32\CI.dll
0x82C05000 \SystemRoot\system32\drivers\Wdf01000.sys
0x82C81000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x82C8E000 \SystemRoot\system32\drivers\acpi.sys
0x82CD4000 \SystemRoot\system32\drivers\WMILIB.SYS
0x82CDD000 \SystemRoot\system32\drivers\msisadrv.sys
0x82CE5000 \SystemRoot\system32\drivers\pci.sys
0x82D0C000 \SystemRoot\System32\drivers\partmgr.sys
0x82D1B000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x82D1E000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x82D28000 \SystemRoot\system32\drivers\volmgr.sys
0x82D37000 \SystemRoot\System32\drivers\volmgrx.sys
0x82D81000 \SystemRoot\system32\drivers\intelide.sys
0x82D88000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x82D96000 \SystemRoot\system32\DRIVERS\pcmcia.sys
0x82DC3000 \SystemRoot\System32\drivers\mountmgr.sys
0x82DD3000 \SystemRoot\system32\drivers\atapi.sys
0x82DDB000 \SystemRoot\system32\drivers\ataport.SYS
0x807AE000 \SystemRoot\system32\drivers\msahci.sys
0x807B8000 \SystemRoot\system32\drivers\fltmgr.sys
0x807EA000 \SystemRoot\system32\drivers\fileinfo.sys
0x80600000 \SystemRoot\System32\Drivers\PxHelp20.sys
0x82E0A000 \SystemRoot\system32\DRIVERS\symsnap.sys
0x82E29000 \SystemRoot\System32\Drivers\ksecdd.sys
0x82E9A000 \SystemRoot\system32\drivers\ndis.sys
0x82FA5000 \SystemRoot\system32\drivers\msrpc.sys
0x8800F000 \SystemRoot\system32\drivers\NETIO.SYS
0x88049000 \SystemRoot\System32\drivers\tcpip.sys
0x88132000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x88208000 \SystemRoot\System32\Drivers\Ntfs.sys
0x88317000 \SystemRoot\system32\drivers\volsnap.sys
0x88350000 \SystemRoot\System32\Drivers\spldr.sys
0x88358000 \SystemRoot\System32\Drivers\mup.sys
0x88367000 \SystemRoot\System32\drivers\ecache.sys
0x8838E000 \SystemRoot\system32\drivers\disk.sys
0x8839F000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x883C0000 \SystemRoot\system32\drivers\crcdisk.sys
0x883EB000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x883F6000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8814D000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x88200000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8C007000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8815C000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8C5ED000 \SystemRoot\System32\drivers\watchdog.sys
0x88000000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8C802000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8C840000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8C84F000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8C861000 \SystemRoot\system32\DRIVERS\yk60x86.sys
0x8CA0C000 \SystemRoot\system32\DRIVERS\NETw4v32.sys
0x8CC34000 \SystemRoot\system32\DRIVERS\ohci1394.sys
0x8CC44000 \SystemRoot\system32\DRIVERS\1394BUS.SYS
0x8CC52000 \SystemRoot\system32\drivers\ti21sony.sys
0x8CD1E000 \SystemRoot\System32\Drivers\SonyNC.sys
0x8CD25000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8CD38000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8CD43000 \SystemRoot\system32\DRIVERS\Apfiltr.sys
0x8CD6C000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8CD77000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8CD8F000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x8CD92000 \SystemRoot\system32\DRIVERS\dne2000.sys
0x8CDB1000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x8C8A0000 \SystemRoot\system32\DRIVERS\storport.sys
0x8CDDF000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8C8E1000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8CDEA000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8C8F8000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8C91B000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8C92A000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8C93E000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8C953000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8CDF5000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8C963000 \SystemRoot\system32\DRIVERS\ks.sys
0x8C98D000 \SystemRoot\system32\DRIVERS\dtsoftbus01.sys
0x8CA00000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8C9C8000 \SystemRoot\system32\DRIVERS\umbus.sys
0x8F408000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x8F43C000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x8F44D000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x82FD0000 \SystemRoot\system32\drivers\portcls.sys
0x8C9D5000 \SystemRoot\system32\drivers\drmk.sys
0x8F606000 \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
0x8F643000 \SystemRoot\system32\DRIVERS\HSX_DPV.sys
0x8F746000 \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
0x8F804000 \SystemRoot\system32\drivers\modem.sys
0x8F811000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x8F81A000 \SystemRoot\System32\Drivers\Null.SYS
0x8F821000 \SystemRoot\System32\Drivers\Beep.SYS
0x8F831000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x8F838000 \SystemRoot\System32\drivers\vga.sys
0x8F844000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8F865000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8F86D000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8F875000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8F880000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8F88E000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x8F897000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8F8AD000 \SystemRoot\System32\Drivers\SYMTDI.SYS
0x8F8DB000 \??\C:\Windows\system32\Drivers\SYMEVENT.SYS
0x8F900000 \SystemRoot\system32\DRIVERS\smb.sys
0x8F914000 \SystemRoot\system32\drivers\afd.sys
0x8F95C000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8F98E000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8F9A4000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8F9B2000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8F9C5000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x8F9CB000 \SystemRoot\System32\Drivers\SRTSPX.SYS
0x90006000 \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
0x9006F000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x900AB000 \SystemRoot\system32\drivers\nsiproxy.sys
0x900B5000 \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20100224.001\IDSvix86.sys
0x900FF000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
0x9015D000 \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
0x9017A000 \SystemRoot\system32\DRIVERS\DMICall.sys
0x9017B000 \SystemRoot\System32\Drivers\dfsc.sys
0x90192000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x901A3000 \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys
0x901A5000 \SystemRoot\System32\Drivers\crashdmp.sys
0x901B2000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x901BD000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x98E20000 \SystemRoot\System32\win32k.sys
0x901C7000 \SystemRoot\System32\drivers\Dxapi.sys
0x901D1000 \SystemRoot\system32\DRIVERS\monitor.sys
0x99040000 \SystemRoot\System32\TSDDD.dll
0x99060000 \SystemRoot\System32\cdd.dll
0x901E0000 \SystemRoot\system32\drivers\luafv.sys
0xAC40D000 \SystemRoot\system32\drivers\spsys.sys
0xAC4BC000 \SystemRoot\system32\DRIVERS\lltdio.sys
0xAC4CC000 \SystemRoot\system32\DRIVERS\nwifi.sys
0xAC4F6000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xAC500000 \SystemRoot\system32\DRIVERS\rspndr.sys
0xAC513000 \SystemRoot\System32\Drivers\SYMREDRV.SYS
0xAC519000 \SystemRoot\System32\Drivers\SYMDNS.SYS
0xAC51B000 \SystemRoot\System32\Drivers\SYMNDISV.SYS
0xAC526000 \SystemRoot\System32\Drivers\SYMFW.SYS
0xAC548000 \SystemRoot\System32\Drivers\SYMIDS.SYS
0xAC551000 \SystemRoot\system32\DRIVERS\cdfs.sys
0xAC567000 \SystemRoot\system32\drivers\HTTP.sys
0xAC5D4000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x8F9DD000 \SystemRoot\system32\DRIVERS\bowser.sys
0x883C9000 \SystemRoot\System32\drivers\mpsdrv.sys
0xAD80C000 \SystemRoot\system32\drivers\mrxdav.sys
0xAD82C000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xAD84B000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xAD884000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xAD89C000 \SystemRoot\System32\DRIVERS\srv2.sys
0xAD8C4000 \SystemRoot\System32\DRIVERS\srv.sys
0xAD92B000 \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys
0xAD93F000 \??\C:\Windows\system32\Drivers\CVPNDRVA.sys
0xAD9CF000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xAEE0A000 \SystemRoot\system32\drivers\peauth.sys
0xAEEE8000 \SystemRoot\System32\Drivers\secdrv.SYS
0xAEEF2000 \SystemRoot\System32\drivers\tcpipreg.sys
0xAEEFE000 \SystemRoot\system32\DRIVERS\v2imount.sys
0xAEF06000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0xAEF1B000 \SystemRoot\system32\DRIVERS\WUDFPf.sys
0xAEF2D000 \SystemRoot\system32\DRIVERS\xaudio.sys
0xAEF49000 \??\C:\Users\***\AppData\Local\Temp\fglorpog.sys
0x77170000 \Windows\System32\ntdll.dll

Processes (total 76):
0 System Idle Process
4 System
456 C:\Windows\System32\smss.exe
588 csrss.exe
632 C:\Windows\System32\wininit.exe
640 csrss.exe
680 C:\Windows\System32\winlogon.exe
712 C:\Windows\System32\services.exe
724 C:\Windows\System32\lsass.exe
732 C:\Windows\System32\lsm.exe
892 C:\Windows\System32\svchost.exe
952 C:\Windows\System32\svchost.exe
1004 C:\Windows\System32\svchost.exe
1084 C:\Windows\System32\svchost.exe
1132 C:\Windows\System32\svchost.exe
1160 C:\Windows\System32\svchost.exe
1244 C:\Windows\System32\audiodg.exe
1272 C:\Windows\System32\SLsvc.exe
1308 C:\Windows\System32\svchost.exe
1476 C:\Windows\System32\svchost.exe
1632 C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
1840 C:\Windows\System32\spoolsv.exe
1864 C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
1876 C:\Windows\System32\svchost.exe
196 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
308 C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
1456 C:\Program Files\Sony\Network Utility\NSUService.exe
268 C:\Windows\System32\svchost.exe
1412 C:\Windows\System32\svchost.exe
2160 C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
2212 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
2316 C:\Windows\System32\svchost.exe
2348 C:\Windows\System32\SearchIndexer.exe
2412 C:\Windows\System32\drivers\XAudio.exe
2472 WUDFHost.exe
2500 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
2548 C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
2612 igfxext.exe
2644 igfxsrvc.exe
2768 C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
3000 igfxext.exe
3024 igfxsrvc.exe
3148 C:\Windows\System32\taskeng.exe
3196 C:\Windows\System32\dwm.exe
3276 C:\Windows\System32\taskeng.exe
3304 C:\Windows\explorer.exe
3472 C:\Windows\System32\taskeng.exe
3504 C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
3512 C:\Windows\System32\hkcmd.exe
3524 C:\Windows\System32\igfxpers.exe
3540 C:\Windows\System32\igfxsrvc.exe
3580 C:\Program Files\Apoint\Apoint.exe
3596 C:\Program Files\Sony\ISB Utility\ISBMgr.exe
3628 C:\Program Files\Common Files\Symantec Shared\ccApp.exe
3640 C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
3752 C:\Program Files\Common Files\Java\Java Update\jusched.exe
3924 C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
4048 C:\Program Files\Sony\Network Utility\LANUtil.exe
4068 C:\Windows\ehome\ehtray.exe
2436 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
784 C:\Program Files\Windows Media Player\wmpnscfg.exe
1652 C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
1208 C:\Program Files\Windows Media Player\wmpnetwk.exe
3796 C:\Windows\ehome\ehmsas.exe
4912 C:\Program Files\Apoint\ApMsgFwd.exe
5400 C:\Program Files\Apoint\ApntEx.exe
5464 C:\Windows\System32\conime.exe
5824 C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
1232 C:\Windows\System32\SearchProtocolHost.exe
5492 C:\Windows\System32\wuauclt.exe
5696 C:\Windows\System32\mobsync.exe
3976 C:\Users\***\Desktop\osam_autorun_manager_5_0_portable\osam.exe
4980 C:\Windows\System32\notepad.exe
3068 C:\Program Files\Mozilla Firefox\firefox.exe
4324 C:\Windows\System32\SearchFilterHost.exe
5456 C:\Users\***\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000001`cf300000 (NTFS)

PhysicalDrive0 Model Number: TOSHIBAMK2035GSS, Rev: DK022A

Size Device Name MBR Status
--------------------------------------------
186 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

Yaaaaaaeehhh !


Schonmal vielen vielen VIELEN Dank für deine schnelle und freundliche Hilfe!


SASW hat nichts gefunden, Malwarebytes lass ich gleich noch drüber laufen.


Nochmals





SASW Log:

Zitat:

SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 05/06/2011 at 01:56 AM

Application Version : 4.51.1000

Core Rules Database Version : 6996
Trace Rules Database Version: 4808

Scan type : Complete Scan
Total Scan Time : 05:27:45

Memory items scanned : 782
Memory threats detected : 0
Registry items scanned : 9474
Registry threats detected : 0
File items scanned : 453962
File threats detected : 0