Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   TR/Agent.ruo (2 mal D:) (https://www.trojaner-board.de/84461-tr-agent-ruo-2-mal-d.html)

Rosswurst 02.04.2010 20:56
TR/Agent.ruo (2 mal D:)
 
Ich bin neu hier, und habe ein problem ich habe 2 viren des typs TR/Agent.ruo im verzeichnis
C:\WINDOWS\System32\ntngb.dll und
C:\WINDOWS\System32\drivers\sysakmdl.sys
ich habe mal ein logfile gemacht

Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 21:44:59 on 02.04.2010
OS: Windows Vista Home Premium Edition (Build 6000), 32-bit
Default Browser: Mozilla Corporation Firefox 3.0.18

Scanner Settings
Rootkits detection (hidden registry)
Rootkits detection (hidden files)
Retrieve files information
Check Microsoft signatures

Filters
Trusted entries
Empty entries
Hidden registry entries (rootkit activity)
Exclusively opened files
Not found files
Files without detailed information
Existing files
Non-startable services
Non-startable drivers
Active entries
Disabled entries

Risk Name Publisher Full Path Status
Common
%SystemRoot%\Tasks
|||| "GoogleUpdateTaskMachineCore.job" "Google Inc." C:\Program Files\Google\Update\GoogleUpdate.exe File exists
|||| "GoogleUpdateTaskMachineUA.job" "Google Inc." C:\Program Files\Google\Update\GoogleUpdate.exe File exists
Control Panel Objects
%SystemRoot%\system32
|||||| "nvcpl.cpl" "NVIDIA Corporation" C:\Windows\system32\nvcpl.cpl File exists
|||||| "PhysX.cpl" "NVIDIA Corporation" C:\Windows\system32\PhysX.cpl File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls
|||||| "Adobe Gamma" "Adobe Systems, Inc." C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma.cpl File exists
Drivers
HKLM\SYSTEM\CurrentControlSet\Services
|||||| "artr1ms7" (artr1ms7) "Microsoft Corporation" C:\Windows\system32\drivers\artr1ms7.sys Hidden registry entry, rootkit activity | File signed by Microsoft
|||||| "atksgt" (atksgt) C:\Windows\System32\DRIVERS\atksgt.sys File found, but it contains no detailed information
|||||| "avgio" (avgio) "Avira GmbH" C:\Program Files\Avira\AntiVir Desktop\avgio.sys File exists
|||||| "avgntflt" (avgntflt) "Avira GmbH" C:\Windows\System32\DRIVERS\avgntflt.sys File exists
|||||| "avipbb" (avipbb) "Avira GmbH" C:\Windows\System32\DRIVERS\avipbb.sys File exists
|||||| "FssFltr" (fssfltr) "Microsoft Corporation" C:\Windows\System32\DRIVERS\fssfltr.sys File exists
|||||| "Hamachi Network Interface" (hamachi) "LogMeIn, Inc." C:\Windows\System32\DRIVERS\hamachi.sys File exists
"IP in IP Tunnel Driver" (IpInIp) C:\Windows\System32\DRIVERS\ipinip.sys File not found
"IPX Traffic Filter Driver" (NwlnkFlt) C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
"IPX Traffic Forwarder Driver" (NwlnkFwd) C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
"ISO DVD/CD-ROM Device Driver" (ISODrive) "EZB Systems, Inc." C:\Program Files\UltraISO\drivers\ISODrive.sys File exists
|||||| "lirsgt" (lirsgt) C:\Windows\System32\DRIVERS\lirsgt.sys File found, but it contains no detailed information
|||||| "PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver" (PCD5SRVC{BD6912E3-AC9D80E8-05040000}) "PC-Doctor, Inc." C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms File exists
"PnkBstrK" (PnkBstrK) C:\Windows\system32\drivers\PnkBstrK.sys File found, but it contains no detailed information
|||||| "sptd" (sptd) "Duplex Secure Ltd." C:\Windows\System32\Drivers\sptd.sys File is exclusively opened, access blocked
|||||| "ssmdrv" (ssmdrv) "Avira GmbH" C:\Windows\System32\DRIVERS\ssmdrv.sys File exists
"Symantec Network Security Intermediate Filter Service" (SymIM) C:\Windows\System32\DRIVERS\SymIM.sys File not found
"SymIMMP" (SymIMMP) C:\Windows\System32\DRIVERS\SymIM.sys File not found
"sysakmdl" (sysakmdl) C:\Windows\system32\drivers\sysakmdl.sys File not found
Explorer
HKLM\Software\Classes\Folder\shellex\ColumnHandlers
|||||| {FED7043D-346A-414D-ACD7-550D052499A7} "dBpShell Class" C:\Program Files\Illustrate\dBpowerAMP\dBShell.dll File exists
|||||| {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" "Adobe Systems, Inc." C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll File exists
|||||| {30351349-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll File exists
HKLM\Software\Classes\Protocols\Handler
|||||| {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" "Skype Technologies" C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL File exists
|||| {828030A1-22C1-4009-854F-8E305202313F} "livecall" "Microsoft Corporation" C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL File exists
|||||| {0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" "Microsoft Corporation" C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll File exists
|||| {828030A1-22C1-4009-854F-8E305202313F} "msnim" "Microsoft Corporation" C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL File exists
|||||| {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" "Microsoft Corporation" C:\Program Files\Windows Live\Mail\mailcomm.dll File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" File not found | COM-object registry key not found
|||||| {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" "Igor Pavlov" C:\Program Files\7-Zip\7-zip.dll File exists
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" File not found | COM-object registry key not found
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" File not found | COM-object registry key not found
|||||| {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" "Microsoft Corporation" C:\Program Files\Windows Live\Mail\mailcomm.dll File exists
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" File not found | COM-object registry key not found
|||||| {FED7043D-346A-414D-ACD7-550D052499A7} "dBpShell Class" C:\Program Files\Illustrate\dBpowerAMP\dBShell.dll File exists
|||||| {A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" "NVIDIA Corporation" C:\Windows\system32\nvcpl.dll File exists
|||||| {2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5} "dMCIShell Class" C:\Program Files\Illustrate\dBpowerAMP\dMCShell.dll File exists
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" File not found | COM-object registry key not found
{00020d75-0000-0000-c000-000000000046} "lnkfile" File not found | COM-object registry key not found
|||||| {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" "Microsoft Corporation" C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll File exists
|||||| {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" "Microsoft Corporation" C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll File exists
|||||| {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" "NVIDIA Corporation" C:\Windows\system32\nvshext.dll File exists
|||||| {FFB699E0-306A-11d3-8BD1-00104B6F7516} "NVIDIA CPL Extension" "NVIDIA Corporation" C:\Windows\system32\nvcpl.dll File exists
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" File not found | COM-object registry key not found
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" File not found | COM-object registry key not found
|||||| {45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" "Avira GmbH" C:\Program Files\Avira\AntiVir Desktop\shlext.dll File exists
|||||| {7F67036B-66F1-411A-AD85-759FB9C5B0DB} "ShellViewRTF" "XSS" C:\Windows\System32\ShellvRTF.dll File exists
|||||| {30351346-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll File exists
|||||| {30351347-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll File exists
|||||| {30351348-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll File exists
|||||| {30351349-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll File exists
|||||| {3035134A-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll File exists
|||||| {3035134B-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll File exists
|||||| {3035134C-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll File exists
|||||| {3035134D-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll File exists
|||||| {3035134E-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll File exists
|||||| {3035134F-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll File exists
|||||| {30351350-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll File exists
|||||| {C5994560-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll File exists
|||||| {C5994561-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll File exists
|||||| {C5994562-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll File exists
|||||| {C5994563-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll File exists
|||||| {C5994564-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll File exists
|||||| {C5994565-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll File exists
|||||| {C5994566-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll File exists
|||||| {C5994567-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll File exists
|||||| {C5994568-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" "hxxp://tortoisesvn.net" C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll File exists
|||||| {AD392E40-428C-459F-961E-9B147782D099} "UIContextMenu Class" "EZB Systems, Inc." C:\Program Files\UltraISO\isoshell.dll File exists
|||||| {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" "Microsoft Corporation" C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe File exists
|||||| {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" "Microsoft Corporation" C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe File exists
|||||| {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" "Microsoft Corporation" C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll File exists
|||||| {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" "Microsoft Corporation" C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll File exists
|||||| {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" "Microsoft Corporation" C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll File exists
|||||| {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" "Microsoft Corporation" C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe File exists
|||||| {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" "Microsoft Corporation" C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll File exists
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" File not found | COM-object registry key not found
|||||| {B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" C:\Program Files\WinRAR\rarext.dll File exists
|||||| {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" "Microsoft Corporation" C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe File exists
Internet Explorer
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
|||| "&Windows Live Toolbar" "Microsoft Corporation" C:\Program Files\Windows Live\Toolbar\wltcore.dll File exists
"AOL Toolbar" "AOL LLC" C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll File exists
"Ask Toolbar" "Ask.com" C:\Program Files\Ask.com\GenericAskToolbar.dll File exists
|| "DVDVideoSoft Toolbar" "Conduit Ltd." C:\Program Files\DVDVideoSoft\tbDVD1.dll File exists
"ITBar7Layout" File not found | COM-object registry key not found
|| "PHPNukeDE Toolbar" "Conduit Ltd." C:\Program Files\PHPNukeDE\tbPHPN.dll File exists
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks
|| {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} "DVDVideoSoft Toolbar" "Conduit Ltd." C:\Program Files\DVDVideoSoft\tbDVD1.dll File exists
|||| {855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" "ICQ" C:\Program Files\ICQ6Toolbar\ICQToolBar.dll File exists
|| {c9508125-4747-4733-b048-e4b82dc9716d} "PHPNukeDE Toolbar" "Conduit Ltd." C:\Program Files\PHPNukeDE\tbPHPN.dll File exists
{00000000-6E41-4FD3-8538-502F5495E5FC} "UrlSearchHook Class" "Ask.com" C:\Program Files\Ask.com\GenericAskToolbar.dll File exists
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units
|||| {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} "Java Plug-in 1.6.0_01"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab "Sun Microsystems, Inc." C:\Program Files\Java\jre6\bin\jp2iexp.dll File exists
|||| {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_18"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab "Sun Microsystems, Inc." C:\Program Files\Java\jre6\bin\jp2iexp.dll File exists
|||| {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} "Java Plug-in 1.6.0_18"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab "Sun Microsystems, Inc." C:\Program Files\Java\jre6\bin\jp2iexp.dll File exists
|||| {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_18"
hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab "Sun Microsystems, Inc." C:\Program Files\Java\jre6\bin\npjpi160_18.dll File exists
|||| {1E54D648-B804-468d-BC78-4AFFED8E262F} "System Requirements Lab Class"
hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab "Husdawg, LLC" C:\Windows\Downloaded Program Files\sysreqlab_nvd.dll File exists
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} "{E2883E8F-472F-4FB0-9522-AC9BF37916A7}"
hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab File not found | COM-object registry key not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars
|||| {855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" "ICQ" C:\Program Files\ICQ6Toolbar\ICQToolBar.dll File exists
HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions
{DE9C389F-3316-41A7-809B-AA305ED9D922} "AOL Toolbar" "AOL LLC" C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll File exists
"BitComet" res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.10.dll/206 File not found
{E601996F-E400-41CA-804B-CD6373A7EEE2} "ClsidExtension" "kikin" C:\Program Files\kikin\ie_kikin.dll File exists
|||| "ICQ6" "ICQ, LLC." C:\Program Files\ICQ6.5\ICQ.exe File exists
|||| {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" "Microsoft Corporation" C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll File exists
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
|||| "&Windows Live Toolbar" "Microsoft Corporation" C:\Program Files\Windows Live\Toolbar\wltcore.dll File exists
{DE9C389F-3316-41A7-809B-AA305ED9D922} "AOL Toolbar" "AOL LLC" C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll File exists
"Ask Toolbar" "Ask.com" C:\Program Files\Ask.com\GenericAskToolbar.dll File exists
|| {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} "DVDVideoSoft Toolbar" "Conduit Ltd." C:\Program Files\DVDVideoSoft\tbDVD1.dll File exists
|||| {855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" "ICQ" C:\Program Files\ICQ6Toolbar\ICQToolBar.dll File exists
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} "NCO Toolbar 2.0" File not found | COM-object registry key not found
|| {c9508125-4747-4733-b048-e4b82dc9716d} "PHPNukeDE Toolbar" "Conduit Ltd." C:\Program Files\PHPNukeDE\tbPHPN.dll File exists
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
|||||| {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" "Adobe Systems Incorporated" C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll File exists
{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} "AOL Toolbar Launcher" "AOL LLC" C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll File exists
{D4027C7F-154A-4066-A1AD-4243D8127440} "Ask Toolbar" "Ask.com" C:\Program Files\Ask.com\GenericAskToolbar.dll File exists
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} "BitComet Helper" "BitComet" C:\Program Files\BitComet\tools\BitCometBHO_1.4.1.10.dll File exists
|| {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} "DVDVideoSoft Toolbar" "Conduit Ltd." C:\Program Files\DVDVideoSoft\tbDVD1.dll File exists
|||| {CC59E0F9-7E43-44FA-9FAA-8377850BF205} "FDMIECookiesBHO Class" C:\Program Files\Free Download Manager\iefdm2.dll File exists
|||| {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" "Sun Microsystems, Inc." C:\Program Files\Java\jre6\bin\jp2ssv.dll File exists
{E601996F-E400-41CA-804B-CD6373A7EEE2} "kikin Plugin" "kikin" C:\Program Files\kikin\ie_kikin.dll File exists
|| {c9508125-4747-4733-b048-e4b82dc9716d} "PHPNukeDE Toolbar" "Conduit Ltd." C:\Program Files\PHPNukeDE\tbPHPN.dll File exists
|| {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} "Search Helper" "Microsoft Corporation" C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll File exists
|||||| {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" "Microsoft Corporation" C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll File exists
|||| {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} "Windows Live Toolbar Helper" "Microsoft Corporation" C:\Program Files\Windows Live\Toolbar\wltcore.dll File exists
{5C255C8A-E604-49b4-9D64-90988571CECB} "{5C255C8A-E604-49b4-9D64-90988571CECB}" File not found | COM-object registry key not found
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} "{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}" File not found | COM-object registry key not found
Logon
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup
|||| "Adobe Gamma.lnk" "Adobe Systems, Inc." C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe Shortcut exists | File exists
|||||| "desktop.ini" C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini File exists
%AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup
|||||| "desktop.ini" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini File exists
"McAfee Security Scan Plus.lnk" "McAfee, Inc." C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe Shortcut exists | File exists
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|||| "DAEMON Tools Lite" "DT Soft Ltd" "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun File exists
"EA Core" "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent File not found
|||| "Free Download Manager" "FreeDownloadManager.ORG" C:\Program Files\Free Download Manager\fdm.exe -autorun File exists
|||||| "HPADVISOR" "Hewlett-Packard" C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY File exists
|||| "ICQ" "ICQ, LLC." "C:\Program Files\ICQ6.5\ICQ.exe" silent File exists
|||| "msnmsgr" "Microsoft Corporation" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File exists
|||| "Skype" "Skype Technologies S.A." "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized File exists
"Steam" "Valve Corporation" "c:\program files\steam\steam.exe" -silent File exists
HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd
"StartupPrograms" rdpclip File not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
|||| "Adobe Reader Speed Launcher" "Adobe Systems Incorporated" "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" File exists
|||||| "avgnt" "Avira GmbH" "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min File exists
"HP Health Check Scheduler" [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
|||| "HP Software Update" "Hewlett-Packard" C:\Program Files\HP\HP Software Update\HPWuSchd2.exe File exists
|||||| "hpsysdrv" "Hewlett-Packard Company" c:\hp\support\hpsysdrv.exe File exists
|||| "IAAnotif" "Intel Corporation" "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" File exists
|| "KBD" C:\HP\KBD\KbdStub.EXE File found, but it contains no detailed information
"LogMeIn Hamachi Ui" "LogMeIn Inc." "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start File exists
|||| "OsdMaestro" "OsdMaestro" "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" File exists
|||| "SunJavaUpdateSched" "Sun Microsystems, Inc." "C:\Program Files\Common Files\Java\Java Update\jusched.exe" File exists
Services
HKLM\SYSTEM\CurrentControlSet\Services
|||||| "Adobe LM Service" (Adobe LM Service) "Adobe Systems" C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe File exists
|||||| "Avira AntiVir Guard" (AntiVirService) "Avira GmbH" C:\Program Files\Avira\AntiVir Desktop\avguard.exe File exists
|||||| "Avira AntiVir Planer" (AntiVirSchedulerService) "Avira GmbH" C:\Program Files\Avira\AntiVir Desktop\sched.exe File exists
|| "GameConsoleService" (GameConsoleService) "WildTangent, Inc." C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe File exists
|||| "Google Update Service (gupdate)" (gupdate) "Google Inc." C:\Program Files\Google\Update\GoogleUpdate.exe File exists
|||||| "HP Health Check Service" (HP Health Check Service) "Hewlett-Packard" c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe File exists
|||| "ICQ Service" (ICQ Service) C:\Program Files\ICQ6Toolbar\ICQ Service.exe File exists
|||||| "Intel(R) Matrix Storage Event Monitor" (IAANTMON) "Intel Corporation" C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe File exists
|||||| "LightScribeService Direct Disc Labeling Service" (LightScribeService) "Hewlett-Packard Company" C:\Program Files\Common Files\LightScribe\LSSrvc.exe File exists
"LogMeIn Hamachi 2.0 Tunneling Engine" (Hamachi2Svc) "LogMeIn Inc." C:\Program Files\LogMeIn Hamachi\hamachi-2.exe File exists
"McAfee Security Scan Component Host Service" (McComponentHostService) "McAfee, Inc." C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe File exists
|||||| "NVIDIA Display Driver Service" (nvsvc) "NVIDIA Corporation" C:\Windows\system32\nvvsvc.exe File exists
|||||| "PnkBstrA" (PnkBstrA) C:\Windows\system32\PnkBstrA.exe File found, but it contains no detailed information
|||||| "PnkBstrB" (PnkBstrB) C:\Windows\system32\PnkBstrB.exe File found, but it contains no detailed information
|||||| "SeaPort" (SeaPort) "Microsoft Corporation" C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe File exists
"Shockvoice Service" (Shockvoice Service) C:\Program Files\Shockvoice Server\shockvoice_service.exe File exists
"Steam Client Service" (Steam Client Service) "Valve Corporation" C:\Program Files\Common Files\Steam\SteamService.exe File exists
|||||| "TeamViewer 5" (TeamViewer5) "TeamViewer GmbH" C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe File exists
|||||| "Windows Live Family Safety-Dienst" (fsssvc) "Microsoft Corporation" C:\Program Files\Windows Live\Family Safety\fsssvc.exe File exists

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru

cosinus 03.04.2010 16:34
Hallo und :hallo:

Code:
[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"sysakmdl" (sysakmdl) C:\Windows\system32\drivers\sysakmdl.sys File not found
Bitte mit OSAM deaktivieren (siehe Anleitung zu OSAM). Poste danach ein neues Log von OSAM und lass die Datei (falls noch vorhanden)


C:\Windows\system32\drivers\sysakmdl.sys


bei https://www.Virustotal.com auswerten. Bitte dann den Ergebnislink posten.


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:42 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131