Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Hilfe!!! Trojaner und Wurm an Bord

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 17.09.2006, 16:09   #1
Mordorn
 
Hilfe!!! Trojaner und Wurm an Bord - Standard

Hilfe!!! Trojaner und Wurm an Bord



Hallo, ich hoffe Ihr könnt mir helfen.
Ich habe leider eine Datei geöffnet die mit Trojaner verseucht war.
Ich habe mit AntiVir, Kaspersky, AdAware und Spyboot versucht die Sache wieder in Griff zu bekommen.
Ich hatte im Systemordner z.B. eine Hook.dll Datei die ich aber löschen konnte.
In Spybot habe ich unter Systemstart einen AGOBOT-KU WORM zu stehen, das Häckchen habe ich rausgenommen.

Ich habe mit Hijack und Escan scon gescannt.
Ist es normal das Escan fast 2 Tage im abgesicherten Modus scannt?

Hier mal mein Logfils.

Logfile of HijackThis v1.99.1
Scan saved at 00:27:55, on 16.09.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\SyncroSoft\Pos\H2O\cledx.exe
C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h*p://www.roadhunter-berlin.de/
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [H2O] C:\Programme\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [kav] "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [NBJ] "C:\Programme\Ahead\Nero BackItUp\NBJ.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126638309953
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://us.mcafee.com/Apps/WSC/en-us/WscWlanScannerCtrl.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


Ich hoffe Ihr könnt mir helfen.

Ganz lieben DANK!!!!

Alt 17.09.2006, 16:19   #2
Mellosun
 
Hilfe!!! Trojaner und Wurm an Bord - Standard

Hilfe!!! Trojaner und Wurm an Bord



Hallo Mordorn,

also in Deinem LOG ist, meiner einer, nichts auffälliges zu sehen!

Wenn es wirklich der Wurm ist, dann hast nen Problem aber mir fehlen die erstellten Schlüssel!
Was hat der Scann mit eScann ergeben? Gibts da ne LOG?

Gruß Mellosun
__________________

__________________

Alt 17.09.2006, 16:22   #3
Mordorn
 
Hilfe!!! Trojaner und Wurm an Bord - Standard

Hilfe!!! Trojaner und Wurm an Bord



Danke für die schnelle Antwort.
Ja aber, die LogDatei ist so lang, die kann ich hier irgendwie nicht posten.

Der Escan hat aber auch fast 2 Tage gedauert, ist das normal?
__________________

Alt 17.09.2006, 16:33   #4
Mellosun
 
Hilfe!!! Trojaner und Wurm an Bord - Standard

Hilfe!!! Trojaner und Wurm an Bord



Hast du den LOG mit Hilfe der find.zip erstellt? Nochmal Anleitung dazu lesen!

2 Tage? Hab ich noch nie gehört aber wenn du Millionen GB an Daten hast....nee, Spaß. Ist eigentlich nicht normal!


Gruß Mellosun

Alt 17.09.2006, 16:44   #5
Mordorn
 
Hilfe!!! Trojaner und Wurm an Bord - Standard

Hilfe!!! Trojaner und Wurm an Bord



na ich habe einen EScan gemacht und ganz normal die mwav.log abgespeichert.

Die Datei ist aber auch 329kb groß.

Hier ein kleiner Auszug:

Sun Sep 17 16:24:23 2006 => **********************************************************
Sun Sep 17 16:24:23 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Sun Sep 17 16:24:23 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc.
Sun Sep 17 16:24:23 2006 => **********************************************************
Sun Sep 17 16:24:23 2006 => Version 8.5.1 (C:\PROGRA~1\eScan\mwavscan.com)
Sun Sep 17 16:24:23 2006 => Log File: C:\PROGRA~1\eScan\LOG\MWAV.LOG
Sun Sep 17 16:24:23 2006 => Last Scan Date and Time: 16.09.2006 02:07:38
Sun Sep 17 16:24:23 2006 => MWAV Registered: TRUE.
Sun Sep 17 16:24:23 2006 => User Account: Go***n
Sun Sep 17 16:24:23 2006 => OS Type: Windows Workstation
Sun Sep 17 16:24:23 2006 => OS: Windows XP
Sun Sep 17 16:24:23 2006 => Ver: Service Pack 2 (Build 2600)
Sun Sep 17 16:24:23 2006 => Windows Root Folder: C:\WINDOWS
Sun Sep 17 16:24:23 2006 => Windows Sys32 Folder: C:\WINDOWS\system32
Sun Sep 17 16:24:23 2006 => Local Fixed Drives: c:\,d:\,e:\,i:\
Sun Sep 17 16:24:23 2006 => MWAV Mode: Scan and Clean files (for viruses, adware and spyware).
Sun Sep 17 16:24:23 2006 => Command Line Options Given: /s
Sun Sep 17 16:24:23 2006 => Database Path in KL Key: C:\PROGRA~1\eScan.
Sun Sep 17 16:24:36 2006 => Latest Date of files in KL key: 31 Jul 2006 10:50:38.
Sun Sep 17 16:24:36 2006 => Latest Date of files inside MWAV: 31 Jul 2006 10:50:38.
Sun Sep 17 16:24:36 2006 => eScan Install Directory: C:\PROGRA~1\eScan\
Sun Sep 17 16:24:36 2006 => MailScan Install Directory: C:\PROGRA~1\eScan\
Sun Sep 17 16:24:41 2006 => Setting Database Path to C:\DOKUME~1\Gordon\LOKALE~1\Temp\MWBASES
Sun Sep 17 16:24:46 2006 => AV Library Loaded...

Sun Sep 17 16:24:46 2006 => **********************************************************
Sun Sep 17 16:24:46 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Sun Sep 17 16:24:46 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc.
Sun Sep 17 16:24:46 2006 =>
Sun Sep 17 16:24:46 2006 => Support: support@mwti.net
Sun Sep 17 16:24:46 2006 => Web: http://www.mwti.net
Sun Sep 17 16:24:46 2006 => **********************************************************
Sun Sep 17 16:24:46 2006 => Version 8.5.1 (C:\PROGRA~1\eScan\mwavscan.com)
Sun Sep 17 16:24:46 2006 => Log File: C:\PROGRA~1\eScan\LOG\MWAV.LOG
Sun Sep 17 16:24:46 2006 => User Account: Gordon
Sun Sep 17 16:24:46 2006 => Windows Root Folder: C:\WINDOWS
Sun Sep 17 16:24:46 2006 => Windows Sys32 Folder: C:\WINDOWS\system32
Sun Sep 17 16:24:46 2006 => OS: Windows XP
Sun Sep 17 16:24:46 2006 => Ver: Service Pack 2 (Build 2600)
Sun Sep 17 16:24:46 2006 => Database Path in KL Key: C:\PROGRA~1\eScan.
Sun Sep 17 16:24:46 2006 => Latest Date of files in KL key: 31 Jul 2006 10:50:38.
Sun Sep 17 16:24:47 2006 => Latest Date of files inside MWAV: 31 Jul 2006 10:50:38.

Sun Sep 17 16:24:47 2006 => Options Selected by User:
Sun Sep 17 16:24:47 2006 => Memory Check: Enabled
Sun Sep 17 16:24:47 2006 => Registry Check: Enabled
Sun Sep 17 16:24:47 2006 => StartUp Folder Check: Enabled
Sun Sep 17 16:24:47 2006 => System Folder Check: Enabled
Sun Sep 17 16:24:47 2006 => System Area Check: Disabled
Sun Sep 17 16:24:47 2006 => Services Check: Enabled
Sun Sep 17 16:24:47 2006 => Drive Check Option Disabled
Sun Sep 17 16:24:47 2006 => Folder Check: Disabled

Sun Sep 17 16:24:47 2006 => ***** Scanning Memory Files *****
Sun Sep 17 16:24:47 2006 => Scanning File C:\WINDOWS\System32\smss.exe
Sun Sep 17 16:24:47 2006 => Scanning File C:\WINDOWS\system32\ntdll.dll
Sun Sep 17 16:24:47 2006 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
Sun Sep 17 16:24:48 2006 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
Sun Sep 17 16:24:48 2006 => Scanning File C:\WINDOWS\system32\basesrv.dll
Sun Sep 17 16:24:48 2006 => Scanning File C:\WINDOWS\system32\winsrv.dll
Sun Sep 17 16:24:48 2006 => Scanning File C:\WINDOWS\system32\GDI32.dll
Sun Sep 17 16:24:48 2006 => Scanning File C:\WINDOWS\system32\KERNEL32.dll
Sun Sep 17 16:24:48 2006 => Scanning File C:\WINDOWS\system32\USER32.dll
Sun Sep 17 16:24:49 2006 => Scanning File C:\WINDOWS\system32\sxs.dll
Sun Sep 17 16:24:49 2006 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll
Sun Sep 17 16:24:49 2006 => Scanning File C:\WINDOWS\system32\RPCRT4.dll
Sun Sep 17 16:24:49 2006 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE
Sun Sep 17 16:24:50 2006 => Scanning File C:\WINDOWS\system32\AUTHZ.dll
Sun Sep 17 16:24:50 2006 => Scanning File C:\WINDOWS\system32\msvcrt.dll
Sun Sep 17 16:24:50 2006 => Scanning File C:\WINDOWS\system32\CRYPT32.dll
Sun Sep 17 16:24:50 2006 => Scanning File C:\WINDOWS\system32\MSASN1.dll
Sun Sep 17 16:24:50 2006 => Scanning File C:\WINDOWS\system32\NDdeApi.dll
Sun Sep 17 16:24:50 2006 => Scanning File C:\WINDOWS\system32\PROFMAP.dll
Sun Sep 17 16:24:50 2006 => Scanning File C:\WINDOWS\system32\NETAPI32.dll
Sun Sep 17 16:24:50 2006 => Scanning File C:\WINDOWS\system32\USERENV.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\PSAPI.DLL
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\REGAPI.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\Secur32.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\VERSION.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\WINSTA.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\WINTRUST.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\WS2_32.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\WS2HELP.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\MSGINA.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Sun Sep 17 16:24:52 2006 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll
Sun Sep 17 16:24:52 2006 => Scanning File C:\WINDOWS\system32\COMCTL32.dll
Sun Sep 17 16:24:52 2006 => Scanning File C:\WINDOWS\system32\ODBC32.dll
Sun Sep 17 16:24:52 2006 => Scanning File C:\WINDOWS\system32\comdlg32.dll
Sun Sep 17 16:24:53 2006 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
Sun Sep 17 16:24:53 2006 => Scanning File C:\WINDOWS\system32\odbcint.dll
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\SHSVCS.dll
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\sfc.dll
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\sfc_os.dll
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\ole32.dll
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\Apphelp.dll
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\WINSCARD.DLL
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\WINMM.dll
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\uxtheme.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\cscdll.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\rsaenh.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\MPR.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\WgaLogon.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\WLDAP32.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\SAMLIB.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL
Sun Sep 17 16:24:56 2006 => Scanning File C:\WINDOWS\system32\COMRes.dll
Sun Sep 17 16:24:56 2006 => Scanning File C:\WINDOWS\system32\WINHTTP.dll
Sun Sep 17 16:24:56 2006 => Scanning File C:\WINDOWS\system32\msv1_0.dll
Sun Sep 17 16:24:56 2006 => Scanning File C:\WINDOWS\system32\iphlpapi.dll
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\cscui.dll
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\wdmaud.drv
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\msacm32.drv
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\MSACM32.dll
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\midimap.dll
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\MPRAPI.dll
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\ACTIVEDS.dll
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\adsldpc.dll
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\ATL.DLL
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\rtutils.dll
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\xpsp2res.dll
Sun Sep 17 16:24:59 2006 => Scanning File C:\WINDOWS\system32\services.exe
Sun Sep 17 16:24:59 2006 => Scanning File C:\WINDOWS\system32\SCESRV.dll
Sun Sep 17 16:24:59 2006 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll
Sun Sep 17 16:24:59 2006 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL
Sun Sep 17 16:24:59 2006 => Scanning File C:\WINDOWS\system32\MSVCP60.dll
Sun Sep 17 16:24:59 2006 => Scanning File C:\WINDOWS\system32\ShimEng.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\AppPatch\AcGenral.DLL
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\eventlog.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\LSASRV.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\DNSAPI.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\SAMSRV.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\cryptdll.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\msprivs.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\kerberos.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\netlogon.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\w32time.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\schannel.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\wdigest.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\scecli.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\ipsecsvc.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\oakley.DLL
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\WINIPSEC.DLL
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\pstorsvc.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\mwtsp.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\SPORDER.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\psbase.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\mswsock.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\hnetcfg.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\System32\wshtcpip.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\dssenh.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.exe
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\Ati2edxx.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:01 2006 => Scanning File c:\windows\system32\rpcss.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\logonui.exe
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\DUSER.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\MSIMG32.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\OLEACC.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\shgina.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\System32\wshisn.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\WSOCK32.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\System32\winrnr.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\wshbth.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\rasadhlp.dll
Sun Sep 17 16:25:01 2006 => Scanning File c:\windows\system32\dhcpcsvc.dll
Sun Sep 17 16:25:01 2006 => Scanning File c:\windows\system32\wzcsvc.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\WMI.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\ESENT.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\System32\rastls.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\system32\CRYPTUI.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\system32\WININET.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\System32\RASAPI32.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\System32\rasman.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\System32\TAPI32.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\System32\raschap.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\schedsvc.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\System32\MSIDLE.DLL
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\audiosrv.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\wkssvc.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\system32\actxprxy.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\cryptsvc.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\certcli.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\es.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\srvsvc.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\netman.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\netshell.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\credui.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\WZCSAPI.DLL
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\trkwks.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\srsvc.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\POWRPROF.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\sens.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\seclogon.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\ipxsap.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\rtm.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\adptif.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\wuauserv.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\wbem\wmisvc.dll
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\system32\wuaueng.dll
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\System32\ADVPACK.dll
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\System32\SHFOLDER.dll
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\System32\Cabinet.dll
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\System32\mspatcha.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\browser.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\ipnathlp.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\wscsvc.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\msi.dll
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\system32\comsvcs.dll
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\system32\colbact.DLL
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\system32\MTXCLU.DLL
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\System32\CLUSAPI.DLL
Sun Sep 17 16:25:04 2006 => Scanning File c:\windows\system32\dnsrslvr.dll
Sun Sep 17 16:25:04 2006 => Scanning File c:\windows\system32\lmhsvc.dll
Sun Sep 17 16:25:04 2006 => Scanning File c:\windows\system32\webclnt.dll
Sun Sep 17 16:25:04 2006 => Scanning File c:\windows\system32\alrsvc.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\SPOOLSS.DLL
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\localspl.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\AdobePDF.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\MSVCR71.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Distillr\AdistRes.DEU
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\cnbjmon.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\mdimon.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\pjlmon.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\tcpmon.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\usbmon.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\win32spl.dll
Sun Sep 17 16:25:05 2006 => Scanning File C:\WINDOWS\system32\NETRAP.dll
Sun Sep 17 16:25:05 2006 => Scanning File C:\WINDOWS\system32\inetpp.dll
Sun Sep 17 16:25:05 2006 => Scanning File C:\WINDOWS\system32\wbem\wbemprox.dll
Sun Sep 17 16:25:05 2006 => Scanning File C:\WINDOWS\system32\wbem\wbemcomn.dll
Sun Sep 17 16:25:05 2006 => Scanning File C:\WINDOWS\Explorer.EXE
Sun Sep 17 16:25:06 2006 => Scanning File C:\WINDOWS\system32\BROWSEUI.dll
Sun Sep 17 16:25:06 2006 => Scanning File C:\WINDOWS\system32\SHDOCVW.dll
Sun Sep 17 16:25:06 2006 => Scanning File C:\WINDOWS\system32\themeui.dll
Sun Sep 17 16:25:06 2006 => Scanning File C:\WINDOWS\system32\urlmon.dll
Sun Sep 17 16:25:06 2006 => Scanning File C:\PROGRA~1\eScan\mwavscan.com
Sun Sep 17 16:25:07 2006 => Scanning File C:\PROGRA~1\eScan\msvlclnt.dll
Sun Sep 17 16:25:07 2006 => Scanning File C:\PROGRA~1\eScan\kavssdi.dll
Sun Sep 17 16:25:07 2006 => Scanning File C:\PROGRA~1\eScan\kavssd.dll
Sun Sep 17 16:25:07 2006 => Scanning File C:\PROGRA~1\eScan\kavssi.dll
Sun Sep 17 16:25:07 2006 => Scanning File C:\PROGRA~1\eScan\ipc.dll
Sun Sep 17 16:25:07 2006 => Scanning File C:\WINDOWS\system32\RICHED32.DLL
Sun Sep 17 16:25:07 2006 => Scanning File C:\WINDOWS\system32\RICHED20.dll
Sun Sep 17 16:25:08 2006 => Scanning File C:\WINDOWS\system32\VDMDBG.DLL
Sun Sep 17 16:25:08 2006 => Scanning File C:\WINDOWS\system32\ati2sgag.exe
Sun Sep 17 16:25:08 2006 => Scanning File C:\PROGRA~1\eScan\TRAYSSER.EXE
Sun Sep 17 16:25:08 2006 => Scanning File C:\PROGRA~1\eScan\avpm.exe
Sun Sep 17 16:25:08 2006 => Scanning File C:\PROGRA~1\eScan\avpMLoc.dll
Sun Sep 17 16:25:08 2006 => Scanning File C:\PROGRA~1\eScan\CCClient.dll
Sun Sep 17 16:25:08 2006 => Scanning File C:\PROGRA~1\eScan\AvpMSrv.dll
Sun Sep 17 16:25:08 2006 => Scanning File C:\PROGRA~1\eScan\prloader.dll
Sun Sep 17 16:25:08 2006 => Scanning File C:\PROGRA~1\eScan\prkernel.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\PrString.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\L_llio.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\avp_iont.dll
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\avlib.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\avp1.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\avpgs.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\avpMgr.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\buffer.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\deflate.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\DMAP.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\Explode.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\HashContainer.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\HCCOMPARE.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\ichecker.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\Inflate.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\MemModSc.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\MemScan.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\nfio.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\NTFSstream.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\passdmap.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\prseqio.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\PrUtil.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\SFDB.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\stored.ppl
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\TempFile.ppl
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\Unreduce.ppl
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\UNSHRINK.ppl
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\UnStored.ppl
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\WinDiskIO.ppl
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\zcompare.ppl
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\zip.ppl
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\LIGHTS~1\LSSrvc.exe
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\LIGHTS~1\MSVCR71.dll
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\LIGHTS~1\MSVCP71.dll
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\TRAYICOS.EXE
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\SPORDER.dll
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\VS7DEBUG\MDM.EXE
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\VS7DEBUG\1031\mdmui.dll
Sun Sep 17 16:25:11 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWASER.EXE
Sun Sep 17 16:25:11 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWAgent.exe
Sun Sep 17 16:25:11 2006 => Scanning File C:\PROGRA~1\ALCOHO~1\ALCOHO~1\StarWind\STARWI~1.EXE
Sun Sep 17 16:25:11 2006 => Scanning File c:\windows\system32\wiaservc.dll
Sun Sep 17 16:25:11 2006 => Scanning File c:\windows\system32\CFGMGR32.dll
Sun Sep 17 16:25:11 2006 => Scanning File c:\windows\system32\mscms.dll
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\wdfmgr.exe
Sun Sep 17 16:25:11 2006 => Scanning File C:\PROGRA~1\eScan\Download.exe
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\VSUTIL.dll
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\VSINIT.dll
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\zpy.dll
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\dbghelp.dll
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\VSUTIL_Loc0407.dll
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\lib\pyd\signedDll.pyd
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\lib\pyd\pyvsinit.pyd
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\lib\pyd\pyexpat.pyd
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\lib\pyd\_socket.pyd
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsmondll.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\VSDATA.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\ssleay32.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\vsxml.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\fbl.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\zlcomm.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\ZLCommDB.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsdb.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\PROGRA~1\eScan\kavss.exe
Sun Sep 17 16:25:12 2006 => Scanning File C:\PROGRA~1\eScan\kavss.dll

Vielleicht reicht das ja schon?


Alt 17.09.2006, 16:44   #6
Mordorn
 
Hilfe!!! Trojaner und Wurm an Bord - Standard

Hilfe!!! Trojaner und Wurm an Bord



hier wäre Teil 2

Sun Sep 17 16:25:12 2006 => ***** Scanning Registry Files *****

Sun Sep 17 16:25:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Sun Sep 17 16:25:12 2006 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***. Filesize 8295 kb > 2560 kb...
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Sun Sep 17 16:25:12 2006 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***. Filesize 8295 kb > 2560 kb...
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\stobject.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\upnpui.dll

Sun Sep 17 16:25:12 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

Sun Sep 17 16:25:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension

Sun Sep 17 16:25:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
Sun Sep 17 16:25:12 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Acrobat\ACROIE~1.DLL

Sun Sep 17 16:25:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
Sun Sep 17 16:25:12 2006 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\ActiveX\ACROIE~1.DLL
Sun Sep 17 16:25:12 2006 => {53707962-6F74-2D53-2644-206D7942484F} = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Sun Sep 17 16:25:12 2006 => {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} = C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
Sun Sep 17 16:25:13 2006 => {AE7CD045-E861-484f-8273-0445EE161910} = C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Acrobat\ACROIE~1.DLL

Sun Sep 17 16:25:13 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\browseui.dll

Sun Sep 17 16:25:13 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\mmsys.cpl
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\icmui.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\rshx32.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\docprop.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\themeui.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\deskadp.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\deskmon.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\dssec.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\SlayerXP.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\shscrap.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\diskcopy.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\ntlanui2.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\System32\icmui.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\icmui.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\printui.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\dskquoui.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\syncui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\hticons.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\fontext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\icmui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\rshx32.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\deskperf.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\cryptext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\cryptext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\remotepg.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\wshext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\oledb32.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\mstask.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\mstask.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\mstask.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\twext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\twext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\sendmail.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\sendmail.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\occache.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\netplwiz.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\netplwiz.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\netplwiz.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\netplwiz.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\cdfview.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\cdfview.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\cdfview.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\cdfview.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\cdfview.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\extmgr.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\msieftp.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\dsquery.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\dsquery.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\dsquery.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\dsquery.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\dsuiext.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\dsuiext.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\mydocs.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\mydocs.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\mydocs.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\msagent\agentpsh.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\dfsshlex.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\WINDOWS\system32\photowiz.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\WINDOWS\System32\mmcshext.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\WINDOWS\system32\cabview.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\wabfind.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\Programme\WinRAR\rarext.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
Sun Sep 17 16:25:16 2006 => Scanning File C:\PROGRA~1\MICROS~2\OFFICE11\msohev.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\ACROBA~1\CONTEX~1.DLL
Sun Sep 17 16:25:17 2006 => Scanning File C:\PROGRA~1\Corel\CORELG~1\DRAW\CDRVIE~1\CRLSHE~1.DLL
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\Audiodev.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\Audiodev.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\Programme\Real\RealPlayer\rpshell.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\mscoree.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\BpShellEx.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\upnpui.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\Programme\ICQLite\ICQLiteShell.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\dfshim.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\dfshim.dll

Sun Sep 17 16:25:17 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Sun Sep 17 16:25:17 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\Explorer.exe
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\userinit.exe
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\dskquota.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\iedkcs32.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\scecli.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\iedkcs32.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\scecli.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\crypt32.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\cryptnet.dll
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\cscdll.dll
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\sclgntfy.dll
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\WgaLogon.dll
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll

Alt 17.09.2006, 16:46   #7
Mordorn
 
Hilfe!!! Trojaner und Wurm an Bord - Standard

Hilfe!!! Trojaner und Wurm an Bord



Teil 3

Sun Sep 17 16:25:18 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Sun Sep 17 16:25:18 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

Sun Sep 17 16:25:18 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Sun Sep 17 16:25:18 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AEDEBUG
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\drwtsn32.exe

Sun Sep 17 16:25:18 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\ntsd.exe

Sun Sep 17 16:25:18 2006 => Scanning HKCU\Control Panel\Desktop
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\sstext3d.scr

Sun Sep 17 16:25:18 2006 => Scanning HKLM\SYSTEM\CurrentControlSet\Control\WOW
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\ntvdm.exe
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\ntvdm.exe

Sun Sep 17 16:25:18 2006 => Scanning HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\inf\unregmp2.exe
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\shmgrate.exe
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\RunDLL32.exe
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\shmgrate.exe
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Sun Sep 17 16:25:18 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\WINDOWS\system32\ie4uinit.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\WINDOWS\system32\Rundll32.exe

Sun Sep 17 16:25:19 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Sun Sep 17 16:25:19 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Sun Sep 17 16:25:19 2006 => Scanning HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Run

Sun Sep 17 16:25:19 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Run

Sun Sep 17 16:25:19 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sun Sep 17 16:25:19 2006 => Scanning File C:\WINDOWS\system32\dumprep.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\PROGRA~1\ATITEC~1\ATI.ACE\cli.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\Programme\SyncroSoft\Pos\H2O\cledx.exe
Sun Sep 17 16:25:20 2006 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
Sun Sep 17 16:25:20 2006 => Scanning File C:\Programme\SlySoft\CloneCD\CloneCDTray.exe
Sun Sep 17 16:25:20 2006 => Scanning File C:\Programme\eScan\LAUNCH.EXE
Sun Sep 17 16:25:21 2006 => Scanning File C:\PROGRA~1\eScan\TRAYICOS.EXE
Sun Sep 17 16:25:21 2006 => Scanning File C:\PROGRA~1\eScan\AVPMWrap.EXE

Sun Sep 17 16:25:21 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Sun Sep 17 16:25:21 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Sun Sep 17 16:25:21 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Sun Sep 17 16:25:21 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce

Sun Sep 17 16:25:21 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sun Sep 17 16:25:21 2006 => Scanning File C:\WINDOWS\system32\ctfmon.exe
Sun Sep 17 16:25:21 2006 => Scanning File C:\PROGRA~1\SPYBOT~1\TeaTimer.exe
Sun Sep 17 16:25:21 2006 => Scanning File C:\PROGRA~1\Ahead\NEROBA~1\NBJ.exe

Sun Sep 17 16:25:22 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Sun Sep 17 16:25:22 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Sun Sep 17 16:25:22 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Sun Sep 17 16:25:22 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Setup

Sun Sep 17 16:25:22 2006 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sun Sep 17 16:25:22 2006 => Scanning File C:\WINDOWS\system32\CTFMON.EXE

Sun Sep 17 16:25:22 2006 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Sun Sep 17 16:25:22 2006 => Scanning HKCR\txtfile\shell\open\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\comfile\shell\open\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\exefile\shell\open\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\dllfile\shell\open\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\batfile\shell\open\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\piffile\shell\open\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\scrfile\shell\open\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\scrfile\shell\config\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\regfile\shell\open\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\htmlfile\shell\open\command
Sun Sep 17 16:25:22 2006 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe

Sun Sep 17 16:25:22 2006 => Scanning HKCR\htafile\shell\open\command
Sun Sep 17 16:25:22 2006 => Scanning File C:\WINDOWS\system32\mshta.exe

Sun Sep 17 16:25:22 2006 => Scanning HKCR\jsfile\shell\open\command
Sun Sep 17 16:25:22 2006 => *** File C:\PROGRA~1\MACROM~1\DREAMW~2\DREAMW~1.EXE having Size Restriction ***. Filesize 9568 kb > 2560 kb...
Sun Sep 17 16:25:22 2006 => Scanning File C:\PROGRA~1\MACROM~1\DREAMW~2\DREAMW~1.EXE [**]

Sun Sep 17 16:25:22 2006 => Scanning HKCR\jsefile\shell\open\command
Sun Sep 17 16:25:22 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Sun Sep 17 16:25:22 2006 => Scanning HKCR\vbsfile\shell\open\command
Sun Sep 17 16:25:22 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Sun Sep 17 16:25:22 2006 => Scanning HKCR\vbefile\shell\open\command
Sun Sep 17 16:25:22 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Sun Sep 17 16:25:22 2006 => Scanning HKCR\wshfile\shell\open\command
Sun Sep 17 16:25:22 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Sun Sep 17 16:25:22 2006 => Scanning HKCR\wsffile\shell\open\command
Sun Sep 17 16:25:22 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Sun Sep 17 16:25:22 2006 => ***** Scanning StartUp Folders *****
ab hier hat er den Dokumente und Einstellungsordner gescannt.

Alt 17.09.2006, 16:47   #8
Mordorn
 
Hilfe!!! Trojaner und Wurm an Bord - Standard

Hilfe!!! Trojaner und Wurm an Bord



Teil 4
Sun Sep 17 16:25:31 2006 => ***** Scanning Service Files *****
Sun Sep 17 16:25:31 2006 => Scanning HKLM\SYSTEM\CurrentControlSet\Services
Sun Sep 17 16:25:31 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ACPI.sys
Sun Sep 17 16:25:31 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\ADOBES~1\Service\ADOBEL~1.EXE
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\drivers\aec.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\System32\drivers\afd.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\System32\alg.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\amdk7.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\Drivers\AnyDVD.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\asyncmac.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\atapi.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\ati2sgag.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\atmarpc.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\audstub.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\BthEnum.sys
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\bthpan.sys
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\Drivers\BTHport.sys
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\Drivers\BTHUSB.sys
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\cdrom.sys
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\cisvc.exe
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\cledx.sys
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\clipsrv.exe
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\drivers\cmuda.sys
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\dllhost.exe
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\disk.sys
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\System32\dmadmin.exe
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\drivers\dmboot.sys
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\drivers\dmio.sys
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\drivers\dmload.sys
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\drivers\DMusic.sys
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\drivers\drmkaud.sys
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\Drivers\ElbyDelay.sys
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:34 2006 => Scanning File C:\PROGRA~1\eScan\TRAYSSER.EXE
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\services.exe
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\drivers\ews88wdm.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\fdc.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\flpydisk.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\fltMgr.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ftdisk.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\msgpc.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\Drivers\HTTP.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\imapi.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\imapi.exe
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ipinip.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ipnat.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ipsec.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\irenum.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\isapnp.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\PROGRA~1\eScan\avpm.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\KLIF.SYS
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\drivers\kmixer.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\LIGHTS~1\LSSrvc.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\VS7DEBUG\MDM.EXE
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\mnmsrvc.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\mouclass.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\msdtc.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\msiexec.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\drivers\MSKSSRV.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\drivers\MSPCLOCK.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\drivers\MSPQM.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWASER.EXE
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\netbios.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\netbt.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\netdde.exe
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\netdde.exe
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\NMnt.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\NVENET.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nv_agp.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:37 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\SOURCE~1\OSE.EXE
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\parport.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\pci.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\pciide.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\services.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\raspptp.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\psched.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ptilink.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\rasacd.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\raspti.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\rdbss.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\sessmgr.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\redbook.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\rfcomm.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\locator.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\rsvp.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\PROGRA~1\SISOFT~1\SISOFT~1.SR3\RPCDAT~1.EXE
Sun Sep 17 16:25:38 2006 => Scanning File C:\PROGRA~1\SISOFT~1\SISOFT~1.SR3\RPCSAN~1.EXE
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\System32\SCardSvr.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\secdrv.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\serenum.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\serial.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\drivers\splitter.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\sr.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\srescan.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\srv.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\PROGRA~1\ALCOHO~1\ALCOHO~1\StarWind\STARWI~1.EXE
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\swenum.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\drivers\swmidi.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\dllhost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\drivers\sysaudio.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\smlogsvc.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\tcpip.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\termdd.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\KLIF.SYS
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\wdfmgr.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\update.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\ups.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\usbehci.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\usbhub.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\usbohci.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\usbscan.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\Vax347b.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\Drivers\Vax347s.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\drivers\vga.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\vsdatant.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\vssvc.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\wanarp.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\drivers\wdmaud.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\wbem\wmiapsrv.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\drivers\ws2ifsl.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\svchost.exe

Sun Sep 17 16:25:40 2006 => Scanning HKLM\SYSTEM\CurrentControlSet\Services\VxD

Alt 17.09.2006, 16:50   #9
Mellosun
 
Hilfe!!! Trojaner und Wurm an Bord - Standard

Hilfe!!! Trojaner und Wurm an Bord



Wer bitte soll das durchsehen?

Gehe zu der Anleitung von eScan, lese Dir Punkt 5 genau durch...lade Dir die find.zip und poste dann das Ergebnis!

Alt 17.09.2006, 16:59   #10
Mordorn
 
Hilfe!!! Trojaner und Wurm an Bord - Standard

Hilfe!!! Trojaner und Wurm an Bord



Okay versuche ich dann mal

Alt 17.09.2006, 17:09   #11
Mordorn
 
Hilfe!!! Trojaner und Wurm an Bord - Standard

Hilfe!!! Trojaner und Wurm an Bord



So, bekomme nur diese TXT datei.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Infektionsmeldungen
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~
Dateien
~~~~~~~~~~~
~~~~ Infected files
~~~~~~~~~~~
~~~~~~~~~~~
~~~~ Offending files
~~~~~~~~~~~
~~~~~~~~~~~
~~~~ Tagged files
~~~~~~~~~~~
~~~~~~~~~~~
Ordner
~~~~~~~~~~~
~~~~~~~~~~~
Registry
~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sun Sep 17 16:28:13 2006 => Total Errors: 0
Sun Sep 17 16:28:13 2006 => Time Elapsed: 00:03:27
Sun Sep 17 16:28:13 2006 => Total Objects Scanned: 22241
Sun Sep 17 16:28:13 2006 => Virus Database Date: 7/31/2006
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Was mache ich falsch?

Alt 17.09.2006, 17:14   #12
Mellosun
 
Hilfe!!! Trojaner und Wurm an Bord - Standard

Hilfe!!! Trojaner und Wurm an Bord



Nochmal Scannen...vorallem die Virensignaturen Updaten...die sind ja älter als meine Oma!
Dann, nach dem Scan, die find.zip nochmals ausführen und das Ergebis Posten!

Alt 17.09.2006, 17:18   #13
Mordorn
 
Hilfe!!! Trojaner und Wurm an Bord - Standard

Hilfe!!! Trojaner und Wurm an Bord



wieder im abgesicherten Modus?

Alt 17.09.2006, 17:24   #14
Mellosun
 
Hilfe!!! Trojaner und Wurm an Bord - Standard

Hilfe!!! Trojaner und Wurm an Bord



Ja, so wie in der Beschreibung/Anleitung beschrieben!

Alt 17.09.2006, 17:26   #15
Mordorn
 
Hilfe!!! Trojaner und Wurm an Bord - Standard

Hilfe!!! Trojaner und Wurm an Bord



Das habe ich ja vorgestern gemacht.
Runtergeladen, update gemacht, im abgesicherten modus gescannt.
Gescannt hat er wie schon gesagt fast 2 Tage. Und die Log war dann riesig lang.

Antwort

Themen zu Hilfe!!! Trojaner und Wurm an Bord
abgesicherten modus, adobe, agobot-ku, antivir, bho, escan, excel, explorer, firefox, helper, hijack, hijackthis, hilfe!!, hilfe!!!, icqtoolbar, internet, internet explorer, kaspersky, konvertieren, löschen, microsoft, monitor, mozilla, mozilla firefox, pdf, pdf-datei, programme, software, trojaner, urlsearchhook, windows, windows xp, wurm



Ähnliche Themen: Hilfe!!! Trojaner und Wurm an Bord


  1. Bitte um Hilfe habe Trojaner an Bord
    Log-Analyse und Auswertung - 19.07.2009 (53)
  2. Hilfe: Trojaner an Bord!
    Mülltonne - 12.01.2009 (1)
  3. MSN Trojaner? Wurm? HILFE...
    Plagegeister aller Art und deren Bekämpfung - 20.12.2008 (10)
  4. Trojaner an Bord - Bekomme sie nicht weg - Bitte um Hilfe =D
    Mülltonne - 09.11.2008 (0)
  5. hilfe hab trojaner on bord
    Mülltonne - 16.10.2008 (0)
  6. trojaner und andere schädlinge an bord, bitte um hilfe
    Log-Analyse und Auswertung - 04.02.2008 (7)
  7. Generic9 Wurm,Trojaner etc. HILFE!
    Mülltonne - 18.01.2008 (0)
  8. Hilfe! Trojaner an Bord?
    Plagegeister aller Art und deren Bekämpfung - 01.10.2007 (0)
  9. Trojaner o.ä. an Bord - bitte um Hilfe
    Log-Analyse und Auswertung - 14.10.2006 (1)
  10. Hilfe,Trojaner an Bord
    Log-Analyse und Auswertung - 26.03.2006 (8)
  11. Hilfe Trojaner an Bord
    Plagegeister aller Art und deren Bekämpfung - 24.02.2006 (1)
  12. Hilfe, Trojaner an Bord! HiJackThis LogFile liegt an
    Log-Analyse und Auswertung - 06.01.2006 (3)
  13. Anfänger braucht Hilfe/Trojaner an Bord?
    Log-Analyse und Auswertung - 05.12.2005 (10)
  14. Spytrooper an Bord - Bitte um Hilfe!
    Log-Analyse und Auswertung - 21.11.2005 (4)
  15. Wurm, Trojaner - ich brauche Hilfe!
    Plagegeister aller Art und deren Bekämpfung - 08.05.2005 (1)
  16. Hallo, Trojaner on bord, bitte um Hilfe...danke
    Plagegeister aller Art und deren Bekämpfung - 09.02.2005 (11)
  17. Hilfe, Hilfe, Hilfe!!! Riesen Probleme mit Wurm & Trojaner
    Log-Analyse und Auswertung - 19.01.2005 (2)

Zum Thema Hilfe!!! Trojaner und Wurm an Bord - Hallo, ich hoffe Ihr könnt mir helfen. Ich habe leider eine Datei geöffnet die mit Trojaner verseucht war. Ich habe mit AntiVir, Kaspersky, AdAware und Spyboot versucht die Sache wieder - Hilfe!!! Trojaner und Wurm an Bord...
Archiv
Du betrachtest: Hilfe!!! Trojaner und Wurm an Bord auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.