Home » Viren, Trojaner & Malware Forum » Trojaner "TR/Spy.Agent.wck" » Themenansicht

Trojaner "TR/Spy.Agent.wck"
#0
30.01.2009, 20:05
sir.steffus
...neu hier

Beiträge: 3
#1 Hallo Leute,

bei mir ist o.g. Trojaner, welchen ich bisher vergeblich versucht habe zu löschen

kann mir jemand einen Tip geben.


gruss sir.steffus
Seitenanfang Seitenende
30.01.2009, 20:12
virenfinder
Member

Beiträge: 3716
#2 http://board.protecus.de/t23188.htm
abarbeiten logs posten
Seitenanfang Seitenende
30.01.2009, 20:48
sir.steffus
...neu hier

Themenstarter

Beiträge: 3
#3 Habe mal den Antivir laufen lassen und schicke mal eine Kopie der Meldung mit

gruss

Anhang: trojaner.JPG
Seitenanfang Seitenende
30.01.2009, 20:50
virenfinder
Member

Beiträge: 3716
#4 bitte arbeite die anleitung ab
Seitenanfang Seitenende
30.01.2009, 21:51
sir.steffus
...neu hier

Themenstarter

Beiträge: 3
#5 so anbeidie liste von hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:46:22, on 30.01.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programme\Apoint\Apoint.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\Sony\HotKey Utility\HKserv.exe
C:\Programme\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\Programme\sony\isb utility\ISBMgr.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Fighters\spywarefighter\SpywarefighterUser.exe
C:\Programme\Apoint\Apntex.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Sony\HotKey Utility\HKWnd.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Programme\FRITZ!DSL\IGDCTRL.EXE
C:\WINDOWS\system32\cisvc.exe
C:\Programme\Fighters\configservice.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\sony\VAIO Media Integrated Server\VMISrv.exe
C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Programme\Canon\CAL\CALMAIN.exe
C:\Programme\Fighters\licenseservice.exe
C:\Programme\Fighters\updateservice.exe
C:\Programme\Fighters\ScannerService.exe
C:\Programme\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Programme\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.com/de
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: addestination - {6a8fed03-dfed-736c-7457-54b571320b78} - C:\WINDOWS\system32\nse9.dll
O4 - HKLM\..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HKSERV.EXE] C:\Programme\Sony\HotKey Utility\HKserv.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Programme\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Programme\sony\isb utility\ISBMgr.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [spywarefighterguard] C:\Programme\Fighters\spywarefighter\SpywarefighterUser.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [teyafukosi] Rundll32.exe "C:\WINDOWS\system32\zijokomo.dll",s (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: *.club-vaio.com
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.de/SnapfishActivia.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: etseil.dll c:\windows\system32\rejanote.dll C:\WINDOWS\system32\zayezeru.dll ,
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Programme\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programme\Canon\CAL\CALMAIN.exe
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - D:\Tools\i-pod\bin\iPodService.exe
O23 - Service: PTK License-FIGHTERS-18668899 - SPAMfighter - C:\Programme\Fighters\licenseservice.exe
O23 - Service: PTK Live Update-FIGHTERS-18668899 - SPAMfighter - C:\Programme\Fighters\updateservice.exe
O23 - Service: PTK Scanner-FIGHTERS-18668899 - SPAMfighter - C:\Programme\Fighters\ScannerService.exe
O23 - Service: PTK SharedAccess-FIGHTERS-18668899 - SPAMfighter - C:\Programme\Fighters\configservice.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment Task Scheduler - Sony Corporation - C:\Programme\sony\vaio entertainment\VzTaskScheduler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Programme\sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Programme\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Programme\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Programme\sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Programme\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Programme\Gemeinsame Dateien\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 9654 bytes


Liste von Punkt 6

Acrobat Elements 6.0 - Deutsch
Ad-Aware
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat and Reader 6.0.3 Update
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop Album 2.0 Starter Edition
Adobe Photoshop Elements 2.0
Adobe Premiere Standard
Adobe Reader 7.0 - Deutsch
Adobe Reader 7.0.9 - Deutsch
Apple Mobile Device Support
Apple Software Update
ATI - Dienstprogramm zur Deinstallation der Software
ATI Control Panel
ATI Display Driver
ATK0100 ACPI UTILITY
Avira AntiVir Personal - Free Antivirus
AVM FRITZ!Box Dokumentation
AVM FRITZ!DSL
Besieger
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities Digital Photo Professional 2.2
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Click to DVD 2.0.01 Menüdaten
Click to DVD 2.1.10
CorelDRAW Graphics Suite 11
DruckShop FotoKalender
DVgate Plus
Fahrenheit
HijackThis 2.0.2
HotKey Utility
IncrediMail Xe
Intel(R) PRO Network Adapters and Drivers
InterVideo WinDVD 5 for VAIO
InterVideo WinDVDX
iPod for Windows 2005-02-07
iTunes
Java 2 Runtime Environment, SE v1.4.1_01
Java 2 Runtime Environment, SE v1.4.2_05
Lexmark Supplies Monitor
Macromedia Flash Player
Malwarebytes' Anti-Malware
Memory Stick Formatter
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Mozilla Firefox (3.0.5)
Mozilla Thunderbird (2.0.0.19)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
My Info Centre
OpenMG Limited Patch 4.0-04-07-14-01
OpenMG Secure Module 4.0.00
PictureGear Studio 2.0
QuickTime
Realtek AC'97 Audio
Registry First Aid
RON Too1 Addestination
SafeGuard® PrivateDisk 1.00.6 - Try and Buy Version
Sicherheitsupdate für Windows Internet Explorer 7 (KB929969)
Sicherheitsupdate für Windows Internet Explorer 7 (KB933566)
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127)
SMPlayer 0.5.51
SoftV92 Data Fax Modem
SonicStage 2.1.00
SonicStage Mastering Studio 1.3
SonicStage Mastering Studio Audio Filter
SonicStage Mastering Studio Audio Filter Custom Preset
SonicStage Mastering Studio Plugins 1.3
Sony Notebook Setup
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library
SPYWAREfighter
SPYWAREfighter
Sweepi 5.4.00
VAIO Edit Components
VAIO Entertainment Platform
VAIO GrandBlue Wallpaper
VAIO Launcher
VAIO Media 3.1
VAIO Media Integrated Server 3.1
VAIO Media Redistribution 3.1
VAIO Online-Registration (Deutsch)
VAIO Power Management
VAIO Produktumfrage (Deutsch)
VAIO SLIT Pattern Wallpaper
VAIO SLIT Scene Wallpaper
VAIO SLIT-A Screen Saver
VAIO SLIT-B Screen Saver
VAIO SLIT-C Screen Saver
VAIO TV Tuner Library 1.3
VAIO Update 3
VAIO Zone
VAIO Zone Remote Commander
VOX 3D Planer 2.0
WIDCOMM Bluetooth Software
Winamp (remove only)
WinRAR Archivierer
Wireless Switch Setting Utility
x-black LCD
XviD MPEG-4 Video Codec
Dieser Beitrag wurde am 30.01.2009 um 21:59 Uhr von sir.steffus editiert.
Seitenanfang Seitenende
31.01.2009, 14:24
virenfinder
Member

Beiträge: 3716
#6 und was ist mit dem rest?
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1