Media
Entertainment
Codec


MediaEntertainmentCodec - AdvancedCleaner

weiter OtmoveIt

öffne: OTMoveIt.exe
Kopiere rein: im linken Fenster ,wo steht: Paste Standart List of Files/Folders to be Move

C:\Programme\AdvancedCleaner Free
C:\Programme\Gemeinsame Dateien\AdvancedCleaner


Klicke auf den Roten MoveIt!

weiter wende an (Option 2) smitfraudfix

AdvancedCleaner/MediaEntertainmentCodec - löschen mit Combofix und smitfraudfix

C:\Programme\Gemeinsame Dateien\AdvancedCleaner
C:\Programme\AdvancedCleaner Free
C:\Programme\MediaEntertainmentCodec
C:\Programme\MediaEntertainmentCodec\install.ico
C:\Programme\MediaEntertainmentCodec\MediaEntertainmentCodec.ocx
C:\Programme\MediaEntertainmentCodec\Uninstall.exe

weiter HijackThis

O2 - BHO: SXG Advisor - {54505F14-AFC2-424A-B260-962F1AFDFD78} - C:\WINDOWS\dpvtporkgr.dll
O2 - BHO: SXG Advisor - {76F30661-76C7-48CD-B18E-64F388AE030B} - C:\WINDOWS\dwrmntsdnq.dll
O2 - BHO: SXG Advisor - {E48B3E0C-2D23-4249-BE65-23A8719284E3} - C:\WINDOWS\dmdqdrxgxq.dll

O3 - Toolbar: edfqvrw - {D573EDD4-5DEA-4DF1-9D5A-329D6861EDC8} - C:\WINDOWS\edfqvrw.dll
O3 - Toolbar: The egodktf - {45E9CE94-2C67-4230-92D0-E64ACD6EBA7F} - C:\WINDOWS\egodktf.dll
O3 - Toolbar: The elfwgps - {27A4FA11-A0B1-4AB7-9A78-BD411FDEAA0D} - C:\WINDOWS\elfwgps.dll
O3 - Toolbar: elfwgps - {3BF455E1-0856-4575-AEFB-FE98B34E6E2D} - C:\WINDOWS\elfwgps.dll
O3 - Toolbar: emotrlq - {DEB69875-072C-4EEE-8585-1B6AA76F3E4E} - C:\WINDOWS\emotrlq.dll
O3 - Toolbar: emotrlq - {7B1E78A2-2FC8-4947-A9D1-5177D10B38E6} - C:\WINDOWS\emotrlq.dll

O21 - SSODL: admggxp - {D16CFAA6-EB80-449C-B53F-040F8889EA86} - C:\WINDOWS\admggxp.dll
O21 - SSODL: aswmklt - {C46D63D0-9463-4FDC-834D-BDC314E156FB} - C:\WINDOWS\aswmklt.dll
O21 - SSODL: bfrgnos - {BA540BAE-147A-43F3-99D8-50113EBF7E88} - C:\WINDOWS\bfrgnos.dll
O21 - SSODL: bdmnopx - {F70D6D95-62D5-4561-A7FB-0B6794D4D6D7} - C:\WINDOWS\bdmnopx.dll
O21 - SSODL: bqxomdo - {883C3755-1332-49E2-B94D-496CF04AD7B3} - C:\WINDOWS\bqxomdo.dll
O21 - SSODL: bxsnvqt - {7260D465-1494-4011-8938-268721C3FE96} - C:\WINDOWS\bxsnvqt.dll

weiter Combofix

2008-02-08 20:02 . 2008-02-08 20:15 DIR d-------- C:\Programme\MediaEntertainmentCodec
2008-02-08 20:04 . 2008-02-08 05:30 270,336 --a------ C:\WINDOWS\admggxp.dll
2008-02-08 20:04 . 2008-02-08 05:30 266,240 --a------ C:\WINDOWS\bdmnopx.dll

anderer Rechner

2008-01-24 19:48 . 2008-01-24 19:48 DIR d-------- C:\Program Files\MediaEntertainmentCodec
2008-01-24 19:47 . 2008-01-24 13:50 229,376 --a------ C:\WINDOWS\aswmklt.dll
2008-01-24 19:47 . 2008-01-24 13:50 98,304 --a------ C:\WINDOWS\fvqkfsp.exe

anderer Rechner

2008-01-22 16:34 . 2008-01-22 12:55 323,584 --a------ C:\WINDOWS\bqxomdo.dll
2008-01-22 16:34 . 2008-01-22 12:55 253,952 --a------ C:\WINDOWS\dpvtporxno.dll
2008-01-22 16:34 . 2008-01-22 12:55 217,088 --a------ C:\WINDOWS\aswmklt.dll
2008-01-22 16:34 . 2008-01-22 12:55 172,032 --a------ C:\WINDOWS\elfwgps.dll
2008-01-22 16:34 . 2008-01-22 12:55 81,920 --a------ C:\WINDOWS\fvqkfsp.exe
2008-01-22 16:33 . 2008-01-22 16:36 DIR d-------- C:\Program Files\MediaEntertainmentCodec

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7603FD22-36C0-4DE7-A28F-ADFA9CE3ACB8}]
2008-01-22 12:55 253952 --a------ C:\WINDOWS\dpvtporxno.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"bqxomdo"= {AF6DEA11-E5A3-4D74-A9D2-955E06DB8D3D} - C:\WINDOWS\bqxomdo.dll [2008-01-22 12:55 323584]
"aswmklt"= {DDEC6DD1-C27A-48D7-B311-25DCC16E08B6} - C:\WINDOWS\aswmklt.dll [2008-01-22 12:55 217088]
"aswmklt"= {B9C7E145-4440-4AB9-A0C6-5C7B53F53B98} - C:\WINDOWS\aswmklt.dll

KILLALL::

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"SystemManager"=-

[-HKEY_CLASSES_ROOT\clsid\{45e9ce94-2c67-4230-92d0-e64acd6eba7f}]
[-HKEY_CLASSES_ROOT\egodktf.ToolBar.1]
[-HKEY_CLASSES_ROOT\TypeLib\{C1E12CA4-EC1D-40F0-A746-D8BB6E80A8D4}]
[-HKEY_CLASSES_ROOT\egodktf.ToolBar]

[-HKEY_CLASSES_ROOT\clsid\{27a4fa11-a0b1-4ab7-9a78-bd411fdeaa0d}]
[-HKEY_CLASSES_ROOT\elfwgps.ToolBar.1]
[-HKEY_CLASSES_ROOT\TypeLib\{B45B9F9A-BA41-405F-B99B-3A846DB7E9BE}]
[-HKEY_CLASSES_ROOT\elfwgps.ToolBar]

[-HKEY_CLASSES_ROOT\clsid\{3bf455e1-0856-4575-aefb-fe98b34e6e2d}]
[-HKEY_CLASSES_ROOT\elfwgps.1]
[-HKEY_CLASSES_ROOT\TypeLib\{53BA2E8A-653D-46CB-8BF1-B924D9CB64F7}]
[-HKEY_CLASSES_ROOT\elfwgps]

[-HKEY_CLASSES_ROOT\clsid\{deb69875-072c-4eee-8585-1b6aa76f3e4e}]
[-HKEY_CLASSES_ROOT\emotrlq.1]
[-HKEY_CLASSES_ROOT\TypeLib\{0996FC76-1910-4A7C-A6AB-16E39875854E}]
[-HKEY_CLASSES_ROOT\emotrlq]

[-HKEY_CLASSES_ROOT\clsid\{7b1e78a2-2fc8-4947-a9d1-5177d10b38e6}]
[-HKEY_CLASSES_ROOT\emotrlq.1]
[-HKEY_CLASSES_ROOT\TypeLib\{0BF108AC-194F-4AA4-ABF0-5F9E7B5B3ABB}]
[-HKEY_CLASSES_ROOT\emotrlq]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Uninstall\MediaEntertainmentCodec]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"admggxp"=-
"aswmklt"=-
"aslpmqk"=-
"bdmnopx"=-
"bfrgnos"=-
"bxsnvqt"=-
"bqxomdo"=-

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7603FD22-36C0-4DE7-A28F-ADFA9CE3ACB8}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{54505F14-AFC2-424A-B260-962F1AFDFD78}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E48B3E0C-2D23-4249-BE65-23A8719284E3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B2847E28-5D7D-4DEB-8B67-05D28BCF79F5}"=-
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}"=-
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=-
"{3BF455E1-0856-4575-AEFB-FE98B34E6E2D}"=-
"{27A4FA11-A0B1-4AB7-9A78-BD411FDEAA0D}"=-
"{855F3B16-6D32-4FE6-8A56-BBB695989046}"=-
"{7B1E78A2-2FC8-4947-A9D1-5177D10B38E6}"=-
"{45E9CE94-2C67-4230-92D0-E64ACD6EBA7F}"=-

File::
C:\WINDOWS\admggxp.dll
C:\WINDOWS\aslpmqk.dll
C:\WINDOWS\aswmklt.dll
C:\WINDOWS\bdmnopx.dll
C:\WINDOWS\bfrgnos.dll
C:\WINDOWS\bxsnvqt.dll
C:\WINDOWS\bqxomdo.dll
C:\WINDOWS\dmdqdrxgxq.dll
C:\WINDOWS\dopfwrlgwx.dll
C:\WINDOWS\dpvtporxno.dll
C:\WINDOWS\edfqvrw.dll
C:\WINDOWS\elfwgps.dll
C:\WINDOWS\fvqkfsp.exe
C:\WINDOWS\_detmp.1
C:\WINDOWS\System32\comusys.exe
C:\Dokumente und Einstellungen\%Username%\Anwendungsdaten\inst.exe

Folder::
C:\Programme\MediaEntertainmentCodec
C:\Programme\Media Entertainment Codec v1.6
C:\Programme\Gemeinsame Dateien\AdvancedCleaner
C:\Programme\AdvancedCleaner Free

anderer Rechner

2008-01-25 17:20 . 2008-01-25 15:31 344,064 --a------ C:\WINDOWS\dpvtporkgr.dll
2008-01-25 17:20 . 2008-01-25 15:31 290,816 --a------ C:\WINDOWS\bqxomdo.dll
2008-01-25 17:20 . 2008-01-25 15:31 217,088 --a------ C:\WINDOWS\aswmklt.dll
2008-01-25 17:20 . 2008-01-25 15:31 172,032 --a------ C:\WINDOWS\elfwgps.dll
2008-01-25 17:20 . 2008-01-25 15:31 81,920 --a------ C:\WINDOWS\fvqkfsp.exe
2008-01-25 17:19 . 2008-01-25 17:19 DIR d-------- C:\Program Files\MediaEntertainmentCodec

anderer Rechner

C:\Dokumente und Einstellungen\%Username%\Desktop\Error Cleaner.url
C:\Dokumente und Einstellungen\%Username%\Desktop\Privacy Protector.url
C:\Dokumente und Einstellungen\%Username%\Desktop\SpywareMalware Protection.url
C:\Dokumente und Einstellungen\%Username%\Favoriten\Error Cleaner.url
C:\Dokumente und Einstellungen\%Username%\Favoriten\Privacy Protector.url
C:\Dokumente und Einstellungen\%Username%\Favoriten\SpywareMalware Protection.url

C:\WINDOWS\Downloaded Program Files\UWFX5_0001_N57M2112NetInstaller.exe
C:\WINDOWS\Downloaded Program Files\UWFX5U_0001_N56M1711NetInstaller.exe
C:\WINDOWS\Downloaded Program Files\UWFX5U_0001_N57M1412NetInstaller.exe

C:\WINDOWS\rs.txt
C:\WINDOWS\system32\bszip.dll
C:\WINDOWS\system32\cmd.com
C:\WINDOWS\system32\expiorer.exe
C:\WINDOWS\system32\netstat.com
C:\WINDOWS\system32\ping.com
C:\WINDOWS\system32\regedit.com
C:\WINDOWS\system32\taskkill.com
C:\WINDOWS\system32\tasklist.com
C:\WINDOWS\system32\tracert.com

2008-02-11 13:25 . 2006-12-24 21:12 12,337 --a------ C:\WINDOWS\_detmp.1
2008-02-10 20:25 . 2008-02-09 19:09 299,008 --a------ C:\WINDOWS\bdmnopx.dll
2008-02-10 20:25 . 2008-02-09 19:09 290,816 --a------ C:\WINDOWS\dmdqdrxgxq.dll
2008-02-10 20:25 . 2008-02-09 19:09 241,664 --a------ C:\WINDOWS\admggxp.dll
2008-02-10 20:25 . 2008-02-09 19:09 204,800 --a------ C:\WINDOWS\emotrlq.dll
2008-02-10 20:25 . 2008-02-09 19:09 98,304 --a------ C:\WINDOWS\fsxloqf.exe

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E48B3E0C-2D23-4249-BE65-23A8719284E3}]
2008-02-09 19:09 290816 --a------ C:\WINDOWS\dmdqdrxgxq.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046}
{7B1E78A2-2FC8-4947-A9D1-5177D10B38E6}

[HKEY_CLASSES_ROOT\clsid\{7b1e78a2-2fc8-4947-a9d1-5177d10b38e6}]
[HKEY_CLASSES_ROOT\emotrlq.1]
[HKEY_CLASSES_ROOT\TypeLib\{0BF108AC-194F-4AA4-ABF0-5F9E7B5B3ABB}]
[HKEY_CLASSES_ROOT\emotrlq]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"SystemManager"= C:\WINDOWS\System32\comusys.exe


--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.2180]
-> C:\WINDOWS\bdmnopx.dll
Advanced Cleaner - gefaktes Programm
Advanced Cleaner







virus-protect.org
startseite Valid HTML 4.01 Ranking-Hits antispam