
NEED help badly
Started by
sgtjoebear
, Jul 22 2009 01:41 PM
#1
Posted 22 July 2009 - 01:41 PM

#2
Posted 22 July 2009 - 01:42 PM

this is what i got from the malware scan
000 General info
RunScanner Version 1.8.1.0
Creation time 22.07.2009 14:05:38
User rights Administrator
OS Windows Vista Home Premium
OS Build 6001
OS SP Service Pack 1
User Language Deutsch (Deutschland)
IE version 7.0.6001.18000
Windows folder C:\Windows
Hosts file location %SystemRoot%\System32\drivers\etc
Hosts <> 127.0.0.1 0
002 Autorun registry entries local machine
LanguageShortcut C: \ Program Files \ CyberLink \ PowerDVD \ Language \ Language.exe -
BDAgent C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdagent.exe - BitDefender S.R.L.
BitDefender Antiphishing Helper C: \ Program Files \ BitDefender \ BitDefender 2009 \ IEShow.exe - BitDefender
003 Autorun registry entries Current User
GMX_GMX MultiMessenger C: \ Program Files \ GMX \ GMX MultiMessenger \ MESSENGR.EXE - GMX GmbH
DW6 C: \ Program Files \ The Weather Channel FW \ Desktop \ DesktopWeather... - The Weather Channel Interactive, I...
010 Installed services
BitDefender Arrakis Server C: \ Program Files \ Common Files \ BitDefender \ BitDefender Arrakis ... -
Cyberlink RichVideo Service(CRVS) C: \ Program Files \ CyberLink \ Shared Files \ RichVideo.exe -
BitDefender Virus Shield C: \ Program Files \ BitDefender \ BitDefender 2009 \ vsserv.exe - BitDefender S. R. L.
011 Installed drivers
BDSelfPr C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdselfpr.sys - BitDefender S.R.L.
camfilt2 C: \ Windows \ system32 \ DRIVERS \ camfilt2.sys - Guillemot Corporation
Profos c: \ program files \ common files \ bitdefender \ bitdefender threat s... -
Trufos c: \ program files \ common files \ bitdefender \ bitdefender threat s... - BitDefender S.R.L.
040 Internet Explorer UrlSearchHooks
SweetIM Toolbar Helper Module {EEE6C35D-6118-11DC-9C72-00132... C: \ Program Files \ SweetIM \ Toolbars \ Internet Explorer \ mgHelper... - SweetIM Technologies Ltd.
042 HKLM Internet Explorer Extensions
AIM Toolbar {0b83c99c-1efa-4259-858f-bcb33e007a5b} GUID / CLSID not found
Fill Forms {320AF880-6646-11D3-ABEE-C5DBF3571F46} GUID / CLSID not found
Save {320AF880-6646-11D3-ABEE-C5DBF3571F49} GUID / CLSID not found
RoboForm {724d43aa-0d85-11d4-9908-00400523e39a} GUID / CLSID not found
Recherchieren {92780B25-18CC-41C8-B9BE-3C9C571A8263} GUID / CLSID not found
045 Internet Explorer\Toolbar\WebBrowser
SweetIM Toolbar for Internet Explorer {EEE6C35B-6118-11DC-9C... C: \ Program Files \ SweetIM \ Toolbars \ Internet Explorer \ mgToolba... - SweetIM Technologies Ltd.
052 Explorer Browser Helper Objects (BHO)
{5C255C8A-E604-49b4-9D64-90988571CECB} GUID / CLSID not found
SweetIM Toolbar for Internet Explorer {EEE6C35C-6118-11DC-9C... C: \ Program Files \ SweetIM \ Toolbars \ Internet Explorer \ mgToolba... - SweetIM Technologies Ltd.
062 Shell ColumnHandlers
BitDefender File Vault Shell Extension {9E96C1F5-0EFA-4348-9... C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdfvsctx.dll - BitDefender S.R.L.
073 %windir%\Tasks
SupBackGroundTask.job C: \ Program Files \ Samsung \ Samsung Update Plus \ SUPBackGround.exe -
100 Internet Explorer settings
Start Page HKCU http://dict.leo.org/...lang=de&lp=ende
ProxyServer HKCU 127.0.0.1:8081
104 ActiveX controls (Distribution Units)
CabBuilder GUID / CLSID not found
{48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.c... C: \ Windows \ Downloaded Program Files \ MySpaceUploader.ocx - MySpace, Inc.
{8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} http://games.icq.com/... C: \ Windows \ DOWNLO~1 \ SPINTO~1.DLL - SpinTop Games
{9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.c... C: \ Windows \ Downloaded Program Files \ MySpaceUploader2.ocx - MySpace
{BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} http://icq.oberon-med... C: \ Windows \ Downloaded Program Files \ ddfotg.1.0.0.33.dll - PlayFirst, Inc.
{BD393C14-72AD-4790-A095-76522973D6B8} http://messenger.zone... C: \ Windows \ Downloaded Program Files \ banksht2.dll - pixelStorm entertainment studios I...
{BD8667B7-38D8-4C77-B580-18C3E146372C} http://bmm.imgag.com/... C: \ Windows \ system32 \ Crusher.dll - AmericanGreetings.com
{F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} https://secure.gopets... C: \ Windows \ DOWNLO~1 \ GOPETS~1.OCX - GoPets LTD
105 IE Menu extensions
&AIM Toolbar Search C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search...
Customize Menu file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCust...
Fill Forms file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFill...
Nach Microsoft &Excel exportieren res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
RoboForm Toolbar file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShow...
Save Forms file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSave...
120 Domain/Dns Hijacking
TcpIp NameServer 85.255.112.74,85.255.112.102
NameServer {AC8552FD-AF07-4A9A-9F9E-787580EBDF9A} 85.255.112.74,85.255.112.102
NameServer {D34F4C18-209D-47C8-AA9E-FA776FDB1A46} 85.255.112.74,85.255.112.102
173 ContextMenuHandlers
MagicISO C: \ Program Files \ MagicISO \ misosh.dll - MagicISO, Inc.
BitDefender File Vault Shell Extension C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdfvsctx.dll - BitDefender S.R.L.
BDShellExt Module C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdshelxt.dll - BitDefender S.R.L
221 HKLM *\ShellEx\ContextMenuHandlers
MagicISO C: \ Program Files \ MagicISO \ misosh.dll - MagicISO, Inc.
BitDefender File Vault Shell Extension C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdfvsctx.dll - BitDefender S.R.L.
BDShellExt Module C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdshelxt.dll - BitDefender S.R.L
225 HKCU Folder\ShellEx\ContextMenuHandlers
MagicISO C: \ Program Files \ MagicISO \ misosh.dll - MagicISO, Inc.
BitDefender File Vault Shell Extension C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdfvsctx.dll - BitDefender S.R.L.
BDShellExt Module C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdshelxt.dll - BitDefender S.R.L
MagicISO C: \ Program Files \ MagicISO \ misosh.dll - MagicISO, Inc.
BitDefender File Vault Shell Extension C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdfvsctx.dll - BitDefender S.R.L.
BDShellExt Module C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdshelxt.dll - BitDefender S.R.L
227 HKLM Directory\ShellEx\ContextMenuHandlers
MagicISO C: \ Program Files \ MagicISO \ misosh.dll - MagicISO, Inc.
BitDefender File Vault Shell Extension C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdfvsctx.dll - BitDefender S.R.L.
229 HKLM Directory\Background\ShellEx\ContextMenuHandlers
BitDefender File Vault Shell Extension C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdfvsctx.dll - BitDefender S.R.L.
231 HKLM Folder\Shellex\ColumnHandlers
BitDefender File Vault Shell Extension C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdfvsctx.dll - BitDefender S.R.L.
000 General info
RunScanner Version 1.8.1.0
Creation time 22.07.2009 14:05:38
User rights Administrator
OS Windows Vista Home Premium
OS Build 6001
OS SP Service Pack 1
User Language Deutsch (Deutschland)
IE version 7.0.6001.18000
Windows folder C:\Windows
Hosts file location %SystemRoot%\System32\drivers\etc
Hosts <> 127.0.0.1 0
002 Autorun registry entries local machine
LanguageShortcut C: \ Program Files \ CyberLink \ PowerDVD \ Language \ Language.exe -
BDAgent C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdagent.exe - BitDefender S.R.L.
BitDefender Antiphishing Helper C: \ Program Files \ BitDefender \ BitDefender 2009 \ IEShow.exe - BitDefender
003 Autorun registry entries Current User
GMX_GMX MultiMessenger C: \ Program Files \ GMX \ GMX MultiMessenger \ MESSENGR.EXE - GMX GmbH
DW6 C: \ Program Files \ The Weather Channel FW \ Desktop \ DesktopWeather... - The Weather Channel Interactive, I...
010 Installed services
BitDefender Arrakis Server C: \ Program Files \ Common Files \ BitDefender \ BitDefender Arrakis ... -
Cyberlink RichVideo Service(CRVS) C: \ Program Files \ CyberLink \ Shared Files \ RichVideo.exe -
BitDefender Virus Shield C: \ Program Files \ BitDefender \ BitDefender 2009 \ vsserv.exe - BitDefender S. R. L.
011 Installed drivers
BDSelfPr C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdselfpr.sys - BitDefender S.R.L.
camfilt2 C: \ Windows \ system32 \ DRIVERS \ camfilt2.sys - Guillemot Corporation
Profos c: \ program files \ common files \ bitdefender \ bitdefender threat s... -
Trufos c: \ program files \ common files \ bitdefender \ bitdefender threat s... - BitDefender S.R.L.
040 Internet Explorer UrlSearchHooks
SweetIM Toolbar Helper Module {EEE6C35D-6118-11DC-9C72-00132... C: \ Program Files \ SweetIM \ Toolbars \ Internet Explorer \ mgHelper... - SweetIM Technologies Ltd.
042 HKLM Internet Explorer Extensions
AIM Toolbar {0b83c99c-1efa-4259-858f-bcb33e007a5b} GUID / CLSID not found
Fill Forms {320AF880-6646-11D3-ABEE-C5DBF3571F46} GUID / CLSID not found
Save {320AF880-6646-11D3-ABEE-C5DBF3571F49} GUID / CLSID not found
RoboForm {724d43aa-0d85-11d4-9908-00400523e39a} GUID / CLSID not found
Recherchieren {92780B25-18CC-41C8-B9BE-3C9C571A8263} GUID / CLSID not found
045 Internet Explorer\Toolbar\WebBrowser
SweetIM Toolbar for Internet Explorer {EEE6C35B-6118-11DC-9C... C: \ Program Files \ SweetIM \ Toolbars \ Internet Explorer \ mgToolba... - SweetIM Technologies Ltd.
052 Explorer Browser Helper Objects (BHO)
{5C255C8A-E604-49b4-9D64-90988571CECB} GUID / CLSID not found
SweetIM Toolbar for Internet Explorer {EEE6C35C-6118-11DC-9C... C: \ Program Files \ SweetIM \ Toolbars \ Internet Explorer \ mgToolba... - SweetIM Technologies Ltd.
062 Shell ColumnHandlers
BitDefender File Vault Shell Extension {9E96C1F5-0EFA-4348-9... C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdfvsctx.dll - BitDefender S.R.L.
073 %windir%\Tasks
SupBackGroundTask.job C: \ Program Files \ Samsung \ Samsung Update Plus \ SUPBackGround.exe -
100 Internet Explorer settings
Start Page HKCU http://dict.leo.org/...lang=de&lp=ende
ProxyServer HKCU 127.0.0.1:8081
104 ActiveX controls (Distribution Units)
CabBuilder GUID / CLSID not found
{48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.c... C: \ Windows \ Downloaded Program Files \ MySpaceUploader.ocx - MySpace, Inc.
{8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} http://games.icq.com/... C: \ Windows \ DOWNLO~1 \ SPINTO~1.DLL - SpinTop Games
{9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.c... C: \ Windows \ Downloaded Program Files \ MySpaceUploader2.ocx - MySpace
{BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19} http://icq.oberon-med... C: \ Windows \ Downloaded Program Files \ ddfotg.1.0.0.33.dll - PlayFirst, Inc.
{BD393C14-72AD-4790-A095-76522973D6B8} http://messenger.zone... C: \ Windows \ Downloaded Program Files \ banksht2.dll - pixelStorm entertainment studios I...
{BD8667B7-38D8-4C77-B580-18C3E146372C} http://bmm.imgag.com/... C: \ Windows \ system32 \ Crusher.dll - AmericanGreetings.com
{F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} https://secure.gopets... C: \ Windows \ DOWNLO~1 \ GOPETS~1.OCX - GoPets LTD
105 IE Menu extensions
&AIM Toolbar Search C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search...
Customize Menu file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCust...
Fill Forms file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFill...
Nach Microsoft &Excel exportieren res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
RoboForm Toolbar file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShow...
Save Forms file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSave...
120 Domain/Dns Hijacking
TcpIp NameServer 85.255.112.74,85.255.112.102
NameServer {AC8552FD-AF07-4A9A-9F9E-787580EBDF9A} 85.255.112.74,85.255.112.102
NameServer {D34F4C18-209D-47C8-AA9E-FA776FDB1A46} 85.255.112.74,85.255.112.102
173 ContextMenuHandlers
MagicISO C: \ Program Files \ MagicISO \ misosh.dll - MagicISO, Inc.
BitDefender File Vault Shell Extension C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdfvsctx.dll - BitDefender S.R.L.
BDShellExt Module C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdshelxt.dll - BitDefender S.R.L
221 HKLM *\ShellEx\ContextMenuHandlers
MagicISO C: \ Program Files \ MagicISO \ misosh.dll - MagicISO, Inc.
BitDefender File Vault Shell Extension C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdfvsctx.dll - BitDefender S.R.L.
BDShellExt Module C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdshelxt.dll - BitDefender S.R.L
225 HKCU Folder\ShellEx\ContextMenuHandlers
MagicISO C: \ Program Files \ MagicISO \ misosh.dll - MagicISO, Inc.
BitDefender File Vault Shell Extension C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdfvsctx.dll - BitDefender S.R.L.
BDShellExt Module C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdshelxt.dll - BitDefender S.R.L
MagicISO C: \ Program Files \ MagicISO \ misosh.dll - MagicISO, Inc.
BitDefender File Vault Shell Extension C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdfvsctx.dll - BitDefender S.R.L.
BDShellExt Module C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdshelxt.dll - BitDefender S.R.L
227 HKLM Directory\ShellEx\ContextMenuHandlers
MagicISO C: \ Program Files \ MagicISO \ misosh.dll - MagicISO, Inc.
BitDefender File Vault Shell Extension C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdfvsctx.dll - BitDefender S.R.L.
229 HKLM Directory\Background\ShellEx\ContextMenuHandlers
BitDefender File Vault Shell Extension C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdfvsctx.dll - BitDefender S.R.L.
231 HKLM Folder\Shellex\ColumnHandlers
BitDefender File Vault Shell Extension C: \ Program Files \ BitDefender \ BitDefender 2009 \ bdfvsctx.dll - BitDefender S.R.L.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:






