Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
TR/Monderb.smp

TR/Monderb.smp


Plagegeister aller Art und deren Bekämpfung: TR/Monderb.smp

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 12.10.2008, 21:10   #16
voltaire
 
TR/Monderb.smp - Standard

TR/Monderb.smp


log.txt:

Logfile of random's system information tool 1.04 (written by random/random)
Run by xxx at 2008-10-12 22:07:00
Microsoft® Windows Vista™ Home Basic Service Pack 1
System drive C: has 2 GB (7%) free of 35 GB
Total RAM: 4094 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:07:02, on 12.10.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Users\xxx\AppData\Local\dzhgtcao.exe
C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe
C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe
C:\Program Files (x86)\Razer\Diamondback 3G\razertra.exe
C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe
C:\Program Files (x86)\World of Warcraft\World of Warcraft\BackgroundDownloader.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEUser.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDMedia.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\xxx\Downloads\RSIT.exe
C:\Program Files (x86)\Trend Micro\HijackThis\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [SoundTray] "C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Diamondback] "C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [dzhgtcao] "c:\users\david\appdata\local\dzhgtcao.exe" dzhgtcao
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6\ICQ.exe
O13 - Gopher Prefix:
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Personal – Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Marvell RAID Event Agent (Marvell RAID) - Unknown owner - C:\Program Files (x86)\Marvell\61xx\svc\mvraidsvc.exe
O23 - Service: MRU Web Service (MRUWebService) - Apache Software Foundation - C:\Program Files (x86)\Marvell\61xx\Apache2\bin\Apache.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7109 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{C1012E01-2736-45A0-A564-BB7807BD7914}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundTray"=C:\Program Files (x86)\Analog Devices\SoundMAX\SoundTray.exe [2007-09-27 53248]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-07-18 266497]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2008-04-01 36352]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2007-10-25 1302528]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"Diamondback"=C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe [2007-08-01 147456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1555968]
"WindowsWelcomeCenter"=C:\Windows\system32\oobefldr.dll [2008-01-21 2153472]
"WMPNSCFG"=C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe []
"dzhgtcao"=c:\users\david\appdata\local\dzhgtcao.exe [2008-10-10 282624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2008-10-12 22:07:00 ----D---- C:\rsit
2008-10-10 02:58:54 ----D---- C:\Program Files (x86)\eMule
2008-10-08 17:52:03 ----D---- C:\Users\David\AppData\Roaming\Malwarebytes
2008-10-08 17:51:59 ----D---- C:\ProgramData\Malwarebytes
2008-10-08 17:51:59 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2008-10-08 15:59:54 ----D---- C:\Program Files (x86)\Trend Micro
2008-09-30 16:35:14 ----D---- C:\Program Files (x86)\Logitech
2008-09-30 16:35:12 ----D---- C:\ProgramData\Logitech
2008-09-30 13:30:22 ----D---- C:\Program Files (x86)\Razer
2008-09-18 23:34:27 ----D---- C:\Program Files (x86)\Sun
2008-09-18 23:34:12 ----A---- C:\Windows\system32\javaws.exe
2008-09-18 23:34:12 ----A---- C:\Windows\system32\javaw.exe
2008-09-18 23:34:12 ----A---- C:\Windows\system32\java.exe
2008-09-18 23:33:36 ----D---- C:\Program Files (x86)\Java
2008-09-18 23:33:11 ----D---- C:\Program Files (x86)\Common Files\Java
2008-09-17 23:55:00 ----A---- C:\Windows\system32\nvwgf2um.dll
2008-09-17 23:55:00 ----A---- C:\Windows\system32\nvoglv32.dll
2008-09-17 23:55:00 ----A---- C:\Windows\system32\nvcuda.dll
2008-09-17 23:55:00 ----A---- C:\Windows\system32\nvapi.dll
2008-09-17 00:52:05 ----D---- C:\ProgramData\SonicFocus
2008-09-17 00:51:38 ----D---- C:\Users\David\AppData\Roaming\InstallShield
2008-09-16 17:33:01 ----D---- C:\Windows\VentriloMix
2008-09-16 17:33:01 ----D---- C:\Program Files (x86)\VentriloMix
2008-09-12 02:01:08 ----A---- C:\Windows\system32\msshooks.dll
2008-09-12 02:01:08 ----A---- C:\Windows\system32\msscb.dll
2008-09-12 02:01:08 ----A---- C:\Windows\system32\mimefilt.dll
2008-09-12 02:01:05 ----A---- C:\Windows\system32\SearchFilterHost.exe
2008-09-12 02:01:05 ----A---- C:\Windows\system32\propdefs.dll
2008-09-12 02:01:05 ----A---- C:\Windows\system32\msstrc.dll
2008-09-12 02:01:05 ----A---- C:\Windows\system32\mssitlb.dll
2008-09-12 02:01:04 ----A---- C:\Windows\system32\thawbrkr.dll
2008-09-12 02:01:04 ----A---- C:\Windows\system32\propsys.dll
2008-09-12 02:01:04 ----A---- C:\Windows\system32\offfilt.dll
2008-09-12 02:01:04 ----A---- C:\Windows\system32\mssprxy.dll
2008-09-12 02:01:04 ----A---- C:\Windows\system32\msshsq.dll
2008-09-12 02:01:04 ----A---- C:\Windows\system32\korwbrkr.dll
2008-09-12 02:01:04 ----A---- C:\Windows\system32\chsbrkr.dll
2008-09-12 02:01:03 ----A---- C:\Windows\system32\xmlfilter.dll
2008-09-12 02:01:03 ----A---- C:\Windows\system32\rtffilt.dll
2008-09-12 02:01:03 ----A---- C:\Windows\system32\nlhtml.dll
2008-09-12 02:01:03 ----A---- C:\Windows\system32\chtbrkr.dll
2008-09-12 02:01:02 ----A---- C:\Windows\system32\tquery.dll
2008-09-12 02:01:02 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2008-09-12 02:01:02 ----A---- C:\Windows\system32\SearchIndexer.exe
2008-09-12 02:01:02 ----A---- C:\Windows\system32\mssvp.dll
2008-09-12 02:01:02 ----A---- C:\Windows\system32\mssrch.dll
2008-09-12 02:01:02 ----A---- C:\Windows\system32\mssphtb.dll
2008-09-12 02:01:02 ----A---- C:\Windows\system32\mssph.dll
2008-09-12 02:01:02 ----A---- C:\Windows\system32\msscntrs.dll
2008-09-10 19:35:41 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-09-10 19:35:41 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-09-10 19:35:37 ----A---- C:\Windows\system32\wmpeffects.dll
2008-09-10 19:35:34 ----A---- C:\Windows\system32\dataclen.dll
2008-09-10 11:01:09 ----D---- C:\Users\David\AppData\Roaming\vlc
2008-09-10 11:00:02 ----D---- C:\Program Files (x86)\VideoLAN
2008-09-10 10:54:40 ----D---- C:\Windows\system32\quicktime
2008-09-10 10:54:40 ----D---- C:\Program Files (x86)\NimoCodec Pack
2008-09-10 10:48:14 ----D---- C:\Users\David\AppData\Roaming\DivX
2008-08-28 18:43:14 ----A---- C:\Windows\system32\wups.dll
2008-08-28 18:43:14 ----A---- C:\Windows\system32\wudriver.dll
2008-08-28 18:43:14 ----A---- C:\Windows\system32\wuapi.dll
2008-08-28 18:43:03 ----A---- C:\Windows\system32\wuwebv.dll
2008-08-28 18:43:03 ----A---- C:\Windows\system32\wuapp.exe
2008-08-14 02:09:44 ----A---- C:\Windows\system32\tzres.dll
2008-08-14 01:24:44 ----A---- C:\Windows\system32\inetcomm.dll
2008-08-14 01:24:43 ----A---- C:\Windows\system32\es.dll
2008-08-14 01:24:42 ----A---- C:\Windows\system32\winipsec.dll
2008-08-14 01:24:42 ----A---- C:\Windows\system32\polstore.dll
2008-08-14 01:24:42 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2008-08-14 01:24:38 ----A---- C:\Windows\system32\mshtml.dll
2008-08-14 01:24:37 ----A---- C:\Windows\system32\wininet.dll
2008-08-14 01:24:37 ----A---- C:\Windows\system32\ieframe.dll
2008-08-14 01:24:36 ----A---- C:\Windows\system32\urlmon.dll
2008-08-14 01:24:36 ----A---- C:\Windows\system32\mstime.dll
2008-08-14 01:24:35 ----A---- C:\Windows\system32\jsproxy.dll
2008-08-02 19:16:30 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2008-08-02 19:16:27 ----D---- C:\Program Files (x86)\DivX
2008-07-25 10:34:54 ----A---- C:\Windows\system32\dpl100.dll
2008-07-25 10:34:52 ----A---- C:\Windows\system32\dtu100.dll
2008-07-25 10:34:50 ----A---- C:\Windows\system32\dpuGUI10.dll
2008-07-25 10:34:46 ----A---- C:\Windows\system32\dpv11.dll
2008-07-25 10:34:46 ----A---- C:\Windows\system32\dpus11.dll
2008-07-25 10:34:46 ----A---- C:\Windows\system32\dpuGUI11.dll
2008-07-25 10:34:46 ----A---- C:\Windows\system32\dpu11.dll
2008-07-25 10:34:46 ----A---- C:\Windows\system32\dpu10.dll
2008-07-25 10:34:42 ----A---- C:\Windows\system32\divx_xx07.dll
2008-07-25 10:34:40 ----A---- C:\Windows\system32\divx_xx11.dll
2008-07-25 10:34:40 ----A---- C:\Windows\system32\divx_xx0c.dll
2008-07-25 10:34:40 ----A---- C:\Windows\system32\divx_xx0a.dll
2008-07-25 10:34:30 ----A---- C:\Windows\system32\DivXCodecVersionChecker.exe
2008-07-23 18:48:40 ----A---- C:\Windows\system32\ssldivx.dll
2008-07-23 18:48:40 ----A---- C:\Windows\system32\libdivx.dll
2008-07-23 18:47:34 ----A---- C:\Windows\system32\dtu100.dll.manifest
2008-07-23 18:47:34 ----A---- C:\Windows\system32\dpl100.dll.manifest
2008-07-23 18:46:38 ----A---- C:\Windows\system32\DivXWMPExtType.dll

======List of files/folders modified in the last 3 months======

2008-10-12 22:06:49 ----D---- C:\Windows\Temp
2008-10-12 18:46:38 ----D---- C:\Windows\System32
2008-10-12 18:46:38 ----D---- C:\Windows\inf
2008-10-11 18:11:34 ----D---- C:\Windows\Minidump
2008-10-11 18:11:29 ----D---- C:\Windows
2008-10-11 01:45:42 ----SHD---- C:\System Volume Information
2008-10-10 18:57:25 ----D---- C:\ProgramData\NVIDIA
2008-10-10 18:56:29 ----D---- C:\Windows\SysWOW64
2008-10-10 02:58:54 ----RD---- C:\Program Files (x86)
2008-10-08 23:22:09 ----D---- C:\Windows\Prefetch
2008-10-08 17:52:30 ----D---- C:\Windows\system32\drivers
2008-10-08 17:51:59 ----HD---- C:\ProgramData
2008-10-04 22:59:40 ----D---- C:\Program Files (x86)\ICQ6
2008-10-04 22:55:00 ----D---- C:\Users\David\AppData\Roaming\uTorrent
2008-09-30 16:35:38 ----SHD---- C:\Windows\Installer
2008-09-30 16:35:01 ----RD---- C:\Program Files
2008-09-30 13:51:46 ----D---- C:\Program Files (x86)\Common Files
2008-09-30 13:47:17 ----RD---- C:\Users
2008-09-30 13:30:21 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2008-09-28 22:38:06 ----D---- C:\Program Files (x86)\Mozilla Firefox
2008-09-17 23:55:00 ----A---- C:\Windows\system32\nvd3dum.dll
2008-09-17 00:52:53 ----A---- C:\Windows\system32\wrap_oal.dll
2008-09-17 00:52:53 ----A---- C:\Windows\system32\OpenAL32.dll
2008-09-17 00:52:25 ----D---- C:\Program Files (x86)\Analog Devices
2008-09-16 17:33:35 ----D---- C:\Windows\winsxs
2008-09-16 17:33:21 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2008-09-12 11:52:15 ----D---- C:\Windows\rescache
2008-09-12 11:36:20 ----D---- C:\Windows\system32\de-DE
2008-09-12 11:36:19 ----D---- C:\Windows\PolicyDefinitions
2008-09-11 17:30:09 ----D---- C:\Windows\AppPatch
2008-09-09 19:07:36 ----SD---- C:\Users\David\AppData\Roaming\Microsoft
2008-09-01 18:47:38 ----D---- C:\Users\David\AppData\Roaming\teamspeak2
2008-08-30 11:15:34 ----A---- C:\Windows\ntbtlog.txt
2008-08-27 19:30:38 ----D---- C:\Users\David\AppData\Roaming\Mozilla
2008-08-14 11:38:24 ----D---- C:\Program Files (x86)\Windows Mail
2008-08-14 11:38:22 ----D---- C:\Windows\system32\migration
2008-08-07 23:28:41 ----D---- C:\Windows\LiveKernelReports
2008-07-25 10:36:00 ----A---- C:\Windows\system32\DivXsm.exe
2008-07-23 18:50:52 ----A---- C:\Windows\system32\qt-dx331.dll
2008-07-18 14:25:14 ----SHD---- C:\$Recycle.Bin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 Razerlow;Razer Pro|Solutions; C:\Windows\system32\drivers\DB3G.sys []
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys []
S3 CmBatt;Microsoft-Netzteiltreiber; C:\Windows\system32\DRIVERS\CmBatt.sys []
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys []
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE []
R2 AntiVirScheduler;Avira AntiVir Personal – Free Antivirus Planer; C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-07-18 68865]
R2 AntiVirService;Avira AntiVir Personal – Free Antivirus Guard; C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-15 149761]
R2 Marvell RAID;Marvell RAID Event Agent; C:\Program Files (x86)\Marvell\61xx\svc\mvraidsvc.exe [2007-06-12 61440]
R2 MRUWebService;MRU Web Service; C:\Program Files (x86)\Marvell\61xx\Apache2\bin\Apache.exe [2007-05-23 20539]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-01-21 93696]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]

-----------------EOF-----------------

 

Themen zu TR/Monderb.smp
angezeigt, antivir, antivir guard, appdata, c:\windows, dateien, einfach, fehlermeldung, guard, guten, heute, local, pcs, pferd, quarantäne, schonmal, totale, troja, trojanische, trojanische pferd, users, vista, windows, windows vista


« Fritzbox korrumpiert? | Problem mit Trojaner Shark! »


Ähnliche Themen: TR/Monderb.smp


  1. Was heißt "Trojan.Win32.Monderb.achc
    Mülltonne - 04.01.2009 (0)
  2. Hilfe ein "Trojan.Win32.Monderb.del!A2?"
    Log-Analyse und Auswertung - 30.10.2008 (1)
  3. Trojaner Vundo.Gen, TR/Cypt.XPACK.Gen und Monderb.28288.2 gefangen
    Plagegeister aller Art und deren Bekämpfung - 11.08.2008 (1)
  4. TR/Monderb.aql
    Log-Analyse und Auswertung - 10.08.2008 (1)
  5. Trojaner Crypt.XPACK.GEn, Monderb, Vundo.Gen gefangen
    Mülltonne - 09.08.2008 (0)
  6. Problem mit TR/Monderb.aql
    Log-Analyse und Auswertung - 06.08.2008 (27)
  7. TR/Monderb.317696.1 einfangen
    Plagegeister aller Art und deren Bekämpfung - 21.07.2008 (21)
  8. Brauche Hilfe beim entfernen von Trojaner (TR/Monderb.321792)
    Plagegeister aller Art und deren Bekämpfung - 18.07.2008 (1)
  9. Help Trojaner! yayxuvSM.dll - TR/Monderb.322304.1
    Plagegeister aller Art und deren Bekämpfung - 18.07.2008 (3)
  10. TR/Monderb.33664 wird immer von Avira AntiVir angezeigt und kann nicht gelöscht werde
    Log-Analyse und Auswertung - 17.07.2008 (3)
  11. Bitte um Hilfe - diesmal Befall von TR/Monderb.33152
    Plagegeister aller Art und deren Bekämpfung - 14.07.2008 (1)
  12. TR/Vundo.S.1 und TR/Monderb und ich bekomm sie nicht los
    Plagegeister aller Art und deren Bekämpfung - 14.06.2008 (11)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema TR/Monderb.smp - log.txt: Logfile of random's system information tool 1.04 (written by random/random) Run by xxx at 2008-10-12 22:07:00 Microsoft® Windows Vista™ Home Basic Service Pack 1 System drive C: has 2 - TR/Monderb.smp...
Archiv
Du betrachtest: TR/Monderb.smp auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19