Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   TR/Dldr.Agent.awb - Problem mit diesem Trojaner (https://www.trojaner-board.de/32966-tr-dldr-agent-awb-problem-diesem-trojaner.html)

walla_hilla 18.10.2006 15:51
TR/Dldr.Agent.awb - Problem mit diesem Trojaner
 
Hi,

ich habe folgenden Trojaner auf meinem PC: TR/Dldr.Agent.awb

Weiß nicht, was ich damit anfangen soll. Kann mir irgendjemand helfen und mir sagen, wie ich diesen löschen kann oder zumindest außer Gefecht setzen?

Danke für eure Hilfe!

Nycomex 18.10.2006 15:52
Welches Programm hat den Schädling wo gefunden? Also Dateiname wäre nützlich ;).

walla_hilla 18.10.2006 16:47
Zitat:
Zitat von Nycomex
Welches Programm hat den Schädling wo gefunden? Also Dateiname wäre nützlich ;).

Hi, erst mal danke für die schnelle antwort. Antivir hat diesen Virus gefunden und der Dateiname ist : C:\WINDOWS\system32\vegf3a99.dll

Nycomex 18.10.2006 21:30
Kannst Du mal bitte einen HiJackThis Log posten? Danke :).

walla_hilla 24.10.2006 15:04
Sorry für die späte Antwort. Hier das Logfile:

Logfile of HijackThis v1.99.1
Scan saved at 16:03:23, on 24.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Network Monitor\netmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\Java\jre1.5.0_05\bin\jusched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programme\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\dfndrff_16.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\Gemeinsame Dateien\{58BB7A3C-0C08-1031-1211-020303250031}\Update.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programme\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\alg.exe
C:\Programme\ICQLite\ICQLite.exe
C:\Programme\Steam\Steam.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Programme\Windows Media Player\wmplayer.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\tools\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - C:\Programme\SurfSideKick 3\SskBho.dll
O2 - BHO: DeskbarBHO - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - C:\Programme\Deskbar\deskbar.dll
O2 - BHO: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Programme\ToolBar888\MyToolBar.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Programme\ToolBar888\MyToolBar.dll
O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Programme\TheSearchAccelerator\UCMTSAIE.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [razertra] C:\Programme\Razer\razertra.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programme\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programme\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [outlook] C:\Programme\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_16.exe
O4 - HKLM\..\Run: [vegf3a99] RUNDLL32.EXE w01cbadb.dll,n 002f3a970000000a01cbadb
O4 - HKLM\..\Run: [newname] C:\\nwnmff_16.exe
O4 - HKLM\..\Run: [defender] C:\\dfndrff_16.exe
O4 - HKLM\..\Run: [SurfSideKick 3] C:\Programme\SurfSideKick 3\Ssk.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Programme\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [wkor] C:\PROGRA~1\GEMEIN~1\wkor\wkorm.exe
O4 - HKCU\..\Run: [SurfSideKick 3] C:\Programme\SurfSideKick 3\Ssk.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programme\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programme\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O15 - Trusted Zone: http://download.windowsupdate.com
O15 - Trusted Zone: http://*.windowsupdate.com
O18 - Protocol: bw+0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {FB8B825B-B72F-47EA-9D3E-EB8BB44DA4A7} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: repairs303169590.dll
O20 - Winlogon Notify: App Management - C:\WINDOWS\system32\cwc.dll
O20 - Winlogon Notify: App Paths - C:\WINDOWS\system32\kkdla.dll
O20 - Winlogon Notify: Control Panel - C:\WINDOWS\system32\vsajet32.dll
O20 - Winlogon Notify: DateTime - C:\WINDOWS\system32\nytlogon.dll
O20 - Winlogon Notify: Explorer - C:\WINDOWS\system32\dGdxof.dll
O20 - Winlogon Notify: Hints - C:\WINDOWS\system32\ivetpp.dll
O20 - Winlogon Notify: Internet Settings - C:\WINDOWS\system32\bStt.dll
O20 - Winlogon Notify: IPConfTSP - C:\WINDOWS\system32\iZsrad.dll
O20 - Winlogon Notify: MS-DOS Emulation - C:\WINDOWS\system32\mm3216.dll
O20 - Winlogon Notify: OptimalLayout - C:\WINDOWS\system32\mewdat10.dll
O20 - Winlogon Notify: Reliability - C:\WINDOWS\system32\moxml4r.dll
O20 - Winlogon Notify: RunOnce - C:\WINDOWS\system32\kcdhe220.dll
O20 - Winlogon Notify: ShellCompatibility - C:\WINDOWS\system32\krdcz.dll
O20 - Winlogon Notify: ShellScrap - C:\WINDOWS\system32\kydsw.dll
O20 - Winlogon Notify: SideBySide - C:\WINDOWS\system32\fnsrch.dll
O20 - Winlogon Notify: Syncmgr - C:\WINDOWS\system32\uvrdpa.dll
O20 - Winlogon Notify: Telephony - C:\WINDOWS\system32\kmdpl1.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: WindowsUpdate - C:\WINDOWS\system32\mooeacct.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TWFydGlu\command.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Network Monitor - Unknown owner - C:\Programme\Network Monitor\netmon.exe

nochdigger 24.10.2006 19:28
mOIn auch

es ist ein Wunder, dass dein Rechner überhaupt noch so läuft.
Das System ist komplett verseucht, da gibbet nix mehr zu richten (es laufen mehrere aktive Backdoors), hier findest du eine sehr gute Anleitung zum Neuaufsetzen.

Du könntest aber anderen Usern einen Dienst erweisen, in dem du bitte diese Datei :

C:\PROGRA~1\GEMEIN~1\wkor\wkorm.exe

hier
Virustotal
oder hier
Jotti
überprüfen lässt (kann bisschen dauern), über diese Datei ist leider nicht viel herauszufinden.
Dann poste bitte die Ergebnisse mit der Angabe der größe der hochgeladenen Datei, auch wenn nichts gefunden wurde.

MFG

walla_hilla 30.10.2006 17:30
Naja ich denke ich werde mein pc dann demnächst einfach formatieren. Wird wohl das beste sein. Trotzdem danke für eure Zeit und Hilfe. :daumenhoc


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:31 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19