Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Hilfe.............. Ttrojan WIN32.Agent.bi

Hilfe.............. Ttrojan WIN32.Agent.bi


Log-Analyse und Auswertung: Hilfe.............. Ttrojan WIN32.Agent.bi

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 13.05.2005, 11:01   #1
firstcommander
 
Hilfe.............. Ttrojan WIN32.Agent.bi - Standard

Hilfe.............. Ttrojan WIN32.Agent.bi


Hallo .
Kann mir jemand bei meinem Trojaner helfen. Habe 4 verschiedene Scanner laufen lassen wurde auch gelöscht , kommt aber immer wieder .

Logfile of HijackThis v1.99.1
Scan saved at 11:49:50, on 13.05.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\LEXBCES.EXE
C:\windows\system32\LEXPPS.EXE
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\windows\System32\RunDll32.exe
C:\windows\System32\LVCOMSX.EXE
C:\Programme\Logitech\Video\LogiTray.exe
C:\Programme\F-Secure\Common\FSM32.EXE
C:\Programme\iWare\iWare Mouse\3.2\lwbwheel.exe
C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system32\javalo.exe
C:\Programme\Netscape\Netscape\Netscp.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Logitech\Video\FxSvr2.exe
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\windows\System32\DRIVERS\CDANTSRV.EXE
C:\Programme\F-Secure\Anti-Virus\fsgk32st.exe
C:\Programme\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Programme\F-Secure\Anti-Virus\FSGK32.EXE
C:\Programme\F-Secure\Common\FSMA32.EXE
C:\Programme\F-Secure\Anti-Virus\fssm32.exe
C:\Programme\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\System32\mnmsrvc.exe
C:\Programme\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\windows\System32\nvsvc32.exe
C:\windows\System32\rundll32.exe
C:\windows\System32\svchost.exe
C:\Programme\HanseNet\HanseNet Speed-Produkte\app\TangoService.exe
C:\Programme\F-Secure\Common\FCH32.EXE
C:\windows\System32\wuauclt.exe
C:\Programme\F-Secure\Common\FAMEH32.EXE
C:\Programme\F-Secure\Common\FNRB32.EXE
C:\Programme\F-Secure\FWES\Program\fsdfwd.exe
C:\Programme\F-Secure\Common\FIH32.EXE
C:\Programme\F-Secure\Anti-Virus\fsav32.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Dokumente und Einstellungen\dirk\Lokale Einstellungen\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\windows\system32\cllbm.dll/sp.html#12047
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\windows\system32\cllbm.dll/sp.html#12047
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\windows\system32\cllbm.dll/sp.html#12047
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\windows\system32\cllbm.dll/sp.html#12047
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\windows\system32\cllbm.dll/sp.html#12047
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\windows\system32\cllbm.dll/sp.html#12047
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {738FA69A-9124-0593-394D-30F1BB7CC130} - C:\windows\iedk32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll
O2 - BHO: GetPostLog module - {C9B0D3DC-DC2B-4a17-8E34-02CD4C1E573F} - C:\windows\gpl.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\windows\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Programme\Elaborate Bytes\CloneDVD\ElbyCheck.exe" /L ElbyDelay
O4 - HKLM\..\Run: [Window Monitor] winmon32.exe
O4 - HKLM\..\Run: [Win32 Configuration] videosd32.exe
O4 - HKLM\..\Run: [Microsoft Update Machine] wuamgrd.exe
O4 - HKLM\..\Run: [System Uptime Server] sysentry32.exe
O4 - HKLM\..\Run: [Win32 USB2 Driver] syscfg32.exe
O4 - HKLM\..\Run: [WindowsRegKeys update] winsysi.exe
O4 - HKLM\..\Run: [Msn Plus Updater] msnplus.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LVCOMSX] C:\windows\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programme\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Programme\F-Secure\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [LWBMOUSE] C:\Programme\iWare\iWare Mouse\3.2\lwbwheel.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Windows AdStatus] C:\Program Files\Windows AdStatus\WinStat.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [javalo.exe] C:\windows\system32\javalo.exe
O4 - HKLM\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKLM\..\RunServices: [Win32 Configuration] videosd32.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] wuamgrd.exe
O4 - HKLM\..\RunServices: [System Uptime Server] sysentry32.exe
O4 - HKLM\..\RunServices: [Win32 USB2 Driver] syscfg32.exe
O4 - HKLM\..\RunServices: [WindowsRegKeys update] winsysi.exe
O4 - HKLM\..\RunOnce: [!CleanupNetMeetingDispDriver] "C:\windows\System32\rundll32.exe" msconf.dll,CleanupNetMeetingDispDriver 0
O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Programme\Netscape\Netscape\Netscp.exe" -turbo
O4 - HKCU\..\Run: [Win32 Configuration] videosd32.exe
O4 - HKCU\..\Run: [Win32 USB2 Driver] syscfg32.exe
O4 - HKCU\..\Run: [Window Monitor] winmon32.exe
O4 - HKCU\..\Run: [WindowsRegKeys update] winsysi.exe
O4 - HKCU\..\Run: [Microsoft Update Machine] wuamgrd.exe
O4 - HKCU\..\Run: [Msn Plus Updater] msnplus.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunServices: [Window Monitor] winmon32.exe
O4 - HKCU\..\RunServices: [Msn Plus Updater] msnplus.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google-Suche - res://C:\Programme\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Ins Deutsche übersetzen - res://C:\Programme\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\Programme\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Verweisseiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Web Rebates - file://C:\Programme\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O8 - Extra context menu item: Ähnliche Seiten - res://C:\Programme\Google\GoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O13 - WWW. Prefix: http://ehttp.cc/?
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_fi...8184a74cdb7fa6
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1094399289514
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.johannrain-softwareentwic...itdefender.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ms...downloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab31267.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O18 - Protocol: bw+0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: haufereader - {39198710-62F7-42CD-9458-069843FA5D32} - C:\Programme\Haufe\HaufeReader\HRInstmon.dll
O18 - Protocol: offline-8876480 - {C0AB330F-232D-4ACF-A954-2E9D141239F5} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: F-Secure Automatic Update (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\windows\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Programme\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Programme\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Programme\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Programme\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Programme\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Programme\F-Secure Internet Security\fswsclds.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\windows\system32\LEXBCES.EXE
O23 - Service: License Management Service ESD - element5 - C:\Programme\Gemeinsame Dateien\element5 Shared\Service\Licence Manager ESD.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\System32\nvsvc32.exe
O23 - Service: PC-Network-Remote-Server (PCNetwork) - Unknown owner - C:\Programme\hastasoft\PC-Network\PCN_RS.EXE (file missing)
O23 - Service: Tango Service (TangoService) - Unknown owner - C:\Programme\HanseNet\HanseNet Speed-Produkte\app\TangoService.exe
O23 - Service: Win32 Configuration (Windows Manage) - Unknown owner - C:\WINDOWS\System32\videosd32.exe" -netsvcs (file missing)

Alt 13.05.2005, 11:32   #2
felix1
/// Helfer-Team
 
Hilfe.............. Ttrojan WIN32.Agent.bi - Standard

Hilfe.............. Ttrojan WIN32.Agent.bi


Hier hast Du erst mal einen Lösungsansatz:
http://www.trojaner-info.de/anleitun...out_blank.html

Ansonsten: Total veraltet, System und IE updaten.
__________________
Alt 13.05.2005, 13:58   #3
firstcommander
 
Hilfe.............. Ttrojan WIN32.Agent.bi - Standard

Hilfe.............. Ttrojan WIN32.Agent.bi


Zitat:
Zitat von felix1
Hier hast Du erst mal einen Lösungsansatz:
http://www.trojaner-info.de/anleitun...out_blank.html

Ansonsten: Total veraltet, System und IE updaten.

Tolles Programm , findet nur leider nichts.

(13.5.05 14:56:29) SPSeHjFix started v1.1.2
(13.5.05 14:56:29) OS: WinXP (5.1.2600)
(13.5.05 14:56:29) Language: deutsch
(13.5.05 14:56:29) Win-Path: C:\windows
(13.5.05 14:56:29) System-Path: C:\windows\System32
(13.5.05 14:56:29) Temp-Path: C:\DOKUME~1\dirk\LOKALE~1\Temp\
(13.5.05 14:56:39) Disinfection started
(13.5.05 14:56:39) Bad-Dll(IEP): (not found)
(13.5.05 14:56:39) Bad-Dll(IEP) in BHO: (not found)
(13.5.05 14:56:39) UBF: 4 - UBB: 3 - UBR: 38
(13.5.05 14:56:39) UBF: 4 - UBB: 3 - UBR: 38
(13.5.05 14:56:39) Bad IE-pages: (none)
(13.5.05 14:56:39) Stealth-String not found
(13.5.05 14:56:39) Not infected->END
__________________
Alt 13.05.2005, 14:05   #4
Haui45
 
Hilfe.............. Ttrojan WIN32.Agent.bi - Standard

Hilfe.............. Ttrojan WIN32.Agent.bi


Hier findest du eine Lösung.
Warum das?
Weil sich u.a. die folgenden Schädlinge im System befinden.
http://castlecops.com/startuplist-4720.html
http://www.trendmicro.com/vinfo/viru...=WORM_SDBOT.WE
http://www.sophos.de/virusinfo/analyses/w32rbothp.html

BTW: das sind noch lange nicht alle...

Antwort

Themen zu Hilfe.............. Ttrojan WIN32.Agent.bi
adobe, antivir update, antivirus, antivirus scan, bho, desktop, drivers, einstellungen, f-secure, file missing, google, hijack, hijackthis, immer wieder, internet, internet explorer, internet security, launch, monitor, mozilla, msn plus, nvcpl.dll, object, rundll, scan, security center, server, software, symantec, system, temp, trojan, trojaner, urlsearchhook, usb, windows, windows messenger, windows security, windows xp, windows\system32\drivers


« Bitte nicht hauen ... brauche HILFE ... | Hilfe mein hijackthis-log-file! »


Ähnliche Themen: Hilfe.............. Ttrojan WIN32.Agent.bi


  1. Trojan.Win32.Agent.delx ; Trojan-Downloader.Win32.Agent.bvst; HackTool.Win32.Kiser.fb
    Plagegeister aller Art und deren Bekämpfung - 05.01.2010 (3)
  2. win32.rootkit.agent - Hilfe
    Plagegeister aller Art und deren Bekämpfung - 02.09.2009 (6)
  3. Probleme mit Tr/win32.Tiny.h Tr/Win32.Agent.bq! Hilfe
    Mülltonne - 02.10.2008 (0)
  4. Trojaner win32.agent.pz? Bitte um Hilfe
    Log-Analyse und Auswertung - 22.07.2008 (1)
  5. Hilfe! Angeblich Trojan-PSW.Agent.win32.tz gefunden...
    Log-Analyse und Auswertung - 24.02.2008 (6)
  6. Hilfe - Trojaner-Downloader.Win32.Agent variant auf dem sys
    Log-Analyse und Auswertung - 30.10.2007 (1)
  7. Hilfe! Trojan-Downloader.Win32.Agent variant
    Plagegeister aller Art und deren Bekämpfung - 17.06.2007 (3)
  8. Bitte um Hilfe mit Trojan.Downloader.Win32.Agent.bda!!!
    Plagegeister aller Art und deren Bekämpfung - 27.01.2007 (14)
  9. Rootkit.Win32.Agent.q....bitte hilfe!!!
    Plagegeister aller Art und deren Bekämpfung - 02.11.2005 (1)
  10. win32.alcan.a_win32.agent.bq_Taskm_defekt--HILFE!
    Plagegeister aller Art und deren Bekämpfung - 25.10.2005 (27)
  11. Hilfe bez. Trojan-Downloader.Win32.Agent.hr
    Plagegeister aller Art und deren Bekämpfung - 11.10.2005 (10)
  12. Bitte Hilfe bei Trojan-Downloader.Win32.Agent.kb
    Log-Analyse und Auswertung - 03.03.2005 (17)
  13. Hilfe bei Trojan-Downloader.Win32.Agent.jb
    Plagegeister aller Art und deren Bekämpfung - 03.03.2005 (12)
  14. Hilfe !!! Win32.TrojanDownloader.agent.al
    Plagegeister aller Art und deren Bekämpfung - 06.02.2005 (14)
  15. Hilfe !!! Win32.TrojanDownloader.agent.al Teil 2
    Plagegeister aller Art und deren Bekämpfung - 06.02.2005 (1)
  16. HackTool.Win32.Hidd.c / TrojanSpy.Win32.Agent.w / Trojan-Downloader.Win32.Agent.fy
    Plagegeister aller Art und deren Bekämpfung - 21.12.2004 (3)
  17. Hilfe!habe Win32/Agent.AY Trojaner aud dem Rechner
    Plagegeister aller Art und deren Bekämpfung - 09.12.2004 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Hilfe.............. Ttrojan WIN32.Agent.bi - Hallo . Kann mir jemand bei meinem Trojaner helfen. Habe 4 verschiedene Scanner laufen lassen wurde auch gelöscht , kommt aber immer wieder . Logfile of HijackThis v1.99.1 Scan saved - Hilfe.............. Ttrojan WIN32.Agent.bi...
Archiv
Du betrachtest: Hilfe.............. Ttrojan WIN32.Agent.bi auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131