Win32.AutoRun.tmp Trojans

Essener · 05.02.2012, 06:59

Hallo zusammen!

Ich habe mir wohl auch was eingefangen, habe natürlich als erstes gegoogelt und bin dadurch auf diese Seite gekommen.

Um ehrlich zu sein, habe ich zu wenig Ahnung vom PC um auf eigene Faust etwas zu machen :-(

habe über Spybot Search & Destroy gestern und heute die Info erhalten, dass ich mir wohl etwas eingefangen habe.

Erhalte immer die Wahrung Win32.AutoRun.tmp

hier ein paar weiter Info. Ich hoffe, dass ist o.k. so und Ihr könnt mir weiter helfen!

--- Search result list ---
Win32.AutoRun.tmp: [SBI $751B1850] Einstellungen (Registrierungsdatenbank-Wert, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman

--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2010-09-23 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2010-06-29 Includes\Adware.sbi (*)
2010-08-24 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2010-09-22 Includes\Dialer.sbi (*)
2010-09-22 Includes\DialerC.sbi (*)
2010-01-25 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2010-07-27 Includes\HijackersC.sbi (*)
2010-06-02 Includes\iPhone.sbi (*)
2010-08-02 Includes\Keyloggers.sbi (*)
2010-08-31 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2010-09-13 Includes\Malware.sbi (*)
2010-09-21 Includes\MalwareC.sbi (*)
2010-05-18 Includes\PUPS.sbi (*)
2010-09-21 Includes\PUPSC.sbi (*)
2010-01-25 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2010-07-27 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2010-06-29 Includes\Spyware.sbi (*)
2010-07-27 Includes\SpywareC.sbi (*)
2010-03-08 Includes\Tracks.uti
2010-08-04 Includes\Trojans.sbi (*)
2010-07-28 Includes\TrojansC-02.sbi (*)
2010-07-28 Includes\TrojansC-03.sbi (*)
2010-07-28 Includes\TrojansC-04.sbi (*)
2010-09-21 Includes\TrojansC-05.sbi (*)
2010-09-13 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

--- System information ---
Unknown Windows version 6.1 (Build: 7601) Service Pack 1 (6.1.7601)

--- Startup entries list ---
Located: HK_LM:Run,
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, Adobe ARM
command: "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
file: C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
size: 843712
MD5: B8E421C0890356CD4A793D8A346D9096

Located: HK_LM:Run, avgnt
command: "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
file: C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
size: 281768
MD5: 61941D4566C3B09F377E0E1A97BD0D9A

Located: HK_LM:Run, Browser companion helper
command: C:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /S=7
file: C:\Program Files\BrowserCompanion\BCHelper.exe
size: 192816
MD5: 15F986CC4BAA199A27E517723A581260

Located: HK_LM:Run, CLMLServer
command: "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
file: C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
size: 103720
MD5: 54FA8528EDA1B6B34615F4EA3FCB35E6

Located: HK_LM:Run, DivXUpdate
command: "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
file: C:\Program Files\DivX\DivX Update\DivXUpdate.exe
size: 1230704
MD5: 7636713B4F0944045AB4AF7CED5245AB

Located: HK_LM:Run, HotKeysCmds
command: C:\Windows\system32\hkcmd.exe
file: C:\Windows\system32\hkcmd.exe
size: 171032
MD5: 3CD5BBDA19A1AB4EBA359E0A14FDF0F0

Located: HK_LM:Run, IgfxTray
command: C:\Windows\system32\igfxtray.exe
file: C:\Windows\system32\igfxtray.exe
size: 136216
MD5: 1029B84ECBE4B95ACB8491A3FE63D70F

Located: HK_LM:Run, KiesTrayAgent
command: C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
file: C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!

Located: HK_LM:Run, Malwarebytes' Anti-Malware (reboot)
command: "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
file: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
size: 981680
MD5: B8F49232247D0825B2B82E08A9E10753

Located: HK_LM:Run, Persistence
command: C:\Windows\system32\igfxpers.exe
file: C:\Windows\system32\igfxpers.exe
size: 170520
MD5: 3142195521FEE436088EE8A5748DE1B1

Located: HK_LM:Run, PlusService
command: C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
file: C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe
size: 801792
MD5: 30183A68E8EFDE4CB7D65C815081DADA

Located: HK_LM:Run, RtHDVCpl
command: C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
file: C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
size: 7739936
MD5: 0EE886B38B4A4BC23338887005AB8F29

Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
file: C:\Program Files\Common Files\Java\Java Update\jusched.exe
size: 254696
MD5: 6E3245DF783E58375B3465F03274743E

Essener · 05.02.2012, 07:51

übrigens, habe gerad Malwarebytes laufen lassen, da wird nichts gefunden

Essener · 08.02.2012, 04:27

Guten Morgen!

Ich habe noch ein paar Dinge gemacht und hoffe, dass wir nun ein Schritt weiter sind.

Würde mich über Hilfe echt freuen!

Win32.AutoRun.tmp Trojans

Plagegeister aller Art und deren Bekämpfung: Win32.AutoRun.tmp Trojans