Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: kacke trojaner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 09.09.2004, 21:24   #1
bensen
 
kacke trojaner - Ausrufezeichen

kacke trojaner



Logfile of HijackThis v1.98.2
Scan saved at 23:09:46, on 09.09.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Dit.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\CNYHKey.exe
C:\WINDOWS\DitExp.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Dokumente und Einstellungen\ben\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für hijackthis_198.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.medion.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Medion Home Cinema XL II\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - Global Startup: Kontrollfeld für die kabellose Tastatur.lnk = C:\WINDOWS\CNYHKey.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: MedionShop - {36669D80-D50C-45FA-9675-2A46C5698A6E} - http://www.medionshop.de/ (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1094674518984

also ich hatte/habe sygate persoanl firewall pro oben, netgear rooter, trojancheck, antivir, spybot, adaware (wobei ich die letzen 2 atm nicht drauf hab wegen format c) etc.

ich hab halt den pc angelassen aber war nicht im inet. ich komm heim, zig progs am laufen und die maus fährt übern bildschirm. ok erschtmal schock. hab telekom angerufen aber kein traffic über die leitung gegangen. ich hab so nen medion aldi pc. der hat wlan integriert. das hab ich aber auf RADIO OFF gemacht und im netzwerk auch deaktiviert. naja der scheiss trojaner (der dumme kerl hinter dem trojaner) is immernoch da. auch nachdem format c. sygate zeigt 0 in und 0 out aber die maus bewegt sich trotzdem durch die gegend. ich weiss echt nimmer was ich tun soll. das einzige was eben sein kann is das der über wlan rein geht. nun gut ich wohn in nem kl. dorf. btw fällt mir grad auf das der cursor so komisch blinkt. der hat wahrscheinlich nen keylogger laufen. naja zurück zum thema. also soviele die sich auskennen mit wlan dürfte es in meiner umgebung nicht geben. bitte helft mir ich bin echt verzweifelt.


//edit spybot hat auch DSO EXPLOIT gefunden aber ich hab eigentlich nur mit opera gesurft nur ab und zu mit IE und dann nur auf "VERTRAUENWÜRDIGEN SITES"

Geändert von bensen (09.09.2004 um 21:34 Uhr)

Alt 09.09.2004, 22:45   #2
bensen
 
kacke trojaner - Standard

kacke trojaner



*push* bitte um hilfe!!! ich weiss nimmer weiter! soviel wie ich an hab und trotzdem nen trojaner der net runter will!!!

nochmal ne neue jh log:

Logfile of HijackThis v1.98.2
Scan saved at 00:44:59, on 10.09.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Dit.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\DitExp.exe
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Programme\AVPersonal\AVGUARD.EXE
D:\Benni\mIRC\mirc.exe
C:\WINDOWS\System32\wisptis.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\ben\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.medion.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [PCMService] "C:\Programme\Medion Home Cinema XL II\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - Global Startup: Kontrollfeld für die kabellose Tastatur.lnk = C:\WINDOWS\CNYHKey.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1094674518984
__________________


Alt 09.09.2004, 22:50   #3
Shadowdance
 
kacke trojaner - Standard

kacke trojaner



Hallo Bensen,

wie kommst Du auf die Idee, dass Du einen Trojaner auf dem System hast?

Lade Dir bitte den eScan - entsprechend der Anleitung in diesem Thread runter, erstelle einen Ordner (=Verzeichnis) c:\bases, update den eScan online und führe ihn offline im abgesicherten Modus aus. Du findest eine genaue, bebilderte Anleitung im Thread: Thread-6083

Teile uns dann bitte das Ergebnis des eScan mit: wieviel Viren wurden auf Deinem Rechner gefunden, wie heißen die Viren, wieviele Viren wurden gelöscht, wieviele Dateien wurden umbenannt - es sieht so aus:

=>Total Number of Files Scanned:
=>Total Number of Virus(es) Found:
=>Total Number of Disinfected Files:
=>Total Number of Files Renamed:
=>Total Number of Deleted Files:
=>Total Number of Errors:

Ich schau mir derweil Dein Logfile an.

[edit] Poste nach dem eScan bitte ein neues Hijack This-Logfile.

SD
__________________

Geändert von Shadowdance (09.09.2004 um 22:56 Uhr)

Alt 09.09.2004, 23:01   #4
bensen
 
kacke trojaner - Standard

kacke trojaner



weil zig programme gestartet wurden als ich net da war und die maus sich ziemlich extrem bewegt hat. also net nurn bisschen sondern richtige kreise etc etc.


//edit ok werd das mal mit escan machen

Alt 09.09.2004, 23:05   #5
Shadowdance
 
kacke trojaner - Standard

kacke trojaner



@ bensen

also, ich sehe nichts Auffälliges in Deinem Logfile.

Aber Dein System ist nicht auf dem aktuellen Stand. Lade Dir bitte das aktuelle Service Pack runter: www.windowsupdate.com

und teile uns dann bitte das Ergebnis des eScan mit.

SD


Alt 10.09.2004, 02:40   #6
FancyAndy
 
kacke trojaner - Standard

kacke trojaner



@bensen :

Auch ich sehe mit meinen Augen nix verdächtiges oder schlimmes. Dem Zufolge, kann das als folgen mehreres haben :

  • Deine Festplatte ist nich defragmentiert
  • Du hast zu viele Programme im Auto-Start
  • Du hast zu viele Prozesse am laufen (und zu wenig RAM)
  • Du hat einen Prozess am laufen der sehr viel Ram benötigt
Im großen und ganzen kann es auch sein dass Dein System schlecht eingestellt ist, aber um SD zu zitieren, bitte gib uns dein eScan log, dann sehen wir weiter, achja, bitte Scanne im ABGESICHERTEN Modus - Danke Dir .

Gruß
Andy
__________________
--> kacke trojaner

Alt 10.09.2004, 17:03   #7
bensen
 
kacke trojaner - Standard

kacke trojaner



also eScan hat nix gefunden! ich kann die log hier net posten irgend nen mysql fehler

//edit log

Fri Sep 10 17:01:35 2004 => **********************************************************
Fri Sep 10 17:01:35 2004 => eScan AntiVirus Toolkit Utility.
Fri Sep 10 17:01:35 2004 => Copyright © 2003-2004, MicroWorld Technologies Inc.
Fri Sep 10 17:01:35 2004 => **********************************************************
Fri Sep 10 17:01:35 2004 => Version 4.4.7
Fri Sep 10 17:01:35 2004 => Log File: C:\DOKUME~1\ben\LOKALE~1\Temp\mwav.log
Fri Sep 10 17:01:35 2004 => Latest Date of files inside MWAV: 08 Sep 2004 12:01:44.
Fri Sep 10 17:01:36 2004 => AV Library Loaded...
Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavss.exe
Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\Getvlist.exe
Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavss.dll
Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavssdi.dll
Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavssi.dll
Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavvlg.dll
Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\msvlclnt.dll
Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\ipc.dll
Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\main.avi
Fri Sep 10 17:01:36 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\virus.avi
Fri Sep 10 17:01:36 2004 => Virus Database Date: 2004/09/08
Fri Sep 10 17:01:36 2004 => Virus Database Count: 103467
Fri Sep 10 17:01:43 2004 => AV Library Unloaded (3)...
Fri Sep 10 17:04:18 2004 => **********************************************************
Fri Sep 10 17:04:18 2004 => eScan AntiVirus Toolkit Utility.
Fri Sep 10 17:04:18 2004 => Copyright © 2003-2004, MicroWorld Technologies Inc.
Fri Sep 10 17:04:18 2004 => **********************************************************
Fri Sep 10 17:04:18 2004 => Version 4.4.7
Fri Sep 10 17:04:18 2004 => Log File: C:\DOKUME~1\ben\LOKALE~1\Temp\mwav.log
Fri Sep 10 17:04:18 2004 => Latest Date of files inside MWAV: 08 Sep 2004 12:01:44.
Fri Sep 10 17:04:19 2004 => AV Library Loaded...
Fri Sep 10 17:04:19 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavss.exe
Fri Sep 10 17:04:19 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\Getvlist.exe
Fri Sep 10 17:04:19 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavss.dll
Fri Sep 10 17:04:19 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavssdi.dll
Fri Sep 10 17:04:20 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavssi.dll
Fri Sep 10 17:04:20 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavvlg.dll
Fri Sep 10 17:04:20 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\msvlclnt.dll
Fri Sep 10 17:04:20 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\ipc.dll
Fri Sep 10 17:04:20 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\main.avi
Fri Sep 10 17:04:20 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\virus.avi
Fri Sep 10 17:04:20 2004 => Virus Database Date: 2004/09/08
Fri Sep 10 17:04:20 2004 => Virus Database Count: 103467

Alt 10.09.2004, 17:05   #8
bensen
 
kacke trojaner - Standard

kacke trojaner



Fri Sep 10 17:04:29 2004 => **********************************************************
Fri Sep 10 17:04:29 2004 => eScan AntiVirus Toolkit Utility.
Fri Sep 10 17:04:29 2004 => Copyright © 2003-2004, MicroWorld Technologies Inc.
Fri Sep 10 17:04:29 2004 =>
Fri Sep 10 17:04:29 2004 => Support: support@mwti.net
Fri Sep 10 17:04:29 2004 => Web: http://www.mwti.net
Fri Sep 10 17:04:29 2004 => **********************************************************
Fri Sep 10 17:04:29 2004 => Version 4.4.7
Fri Sep 10 17:04:29 2004 => Log File: C:\DOKUME~1\ben\LOKALE~1\Temp\mwav.log
Fri Sep 10 17:04:29 2004 => Latest Date of files inside MWAV: 08 Sep 2004 12:01:44.

Fri Sep 10 17:04:30 2004 => Options Selected by User:
Fri Sep 10 17:04:30 2004 => Memory Check: Enabled
Fri Sep 10 17:04:30 2004 => Registry Check: Enabled
Fri Sep 10 17:04:30 2004 => StartUp Folder Check: Enabled
Fri Sep 10 17:04:30 2004 => System Folder Check: Enabled
Fri Sep 10 17:04:30 2004 => System Area Check: Disabled
Fri Sep 10 17:04:30 2004 => Services Check: Enabled
Fri Sep 10 17:04:30 2004 => Drive Check Option Disabled
Fri Sep 10 17:04:30 2004 => Scanning Type: Scan And Clean
Fri Sep 10 17:04:30 2004 => Folder Check: Disabled

Fri Sep 10 17:04:30 2004 => ***** Scanning Memory Files *****
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\services.exe
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\lsass.exe
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\userinit.exe
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\Explorer.EXE
Fri Sep 10 17:04:30 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\mwavscan.com
Fri Sep 10 17:04:30 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavss.exe

Fri Sep 10 17:04:30 2004 => ***** Scanning Registry Files *****

Fri Sep 10 17:04:30 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Fri Sep 10 17:04:30 2004 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Fri Sep 10 17:04:30 2004 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\System32\webcheck.dll
Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\System32\stobject.dll

Fri Sep 10 17:04:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
Fri Sep 10 17:04:31 2004 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
Fri Sep 10 17:04:31 2004 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\ACROIE~1.DLL
Fri Sep 10 17:04:31 2004 => {53707962-6F74-2D53-2644-206D7942484F} = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Fri Sep 10 17:04:31 2004 => Scanning File C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Fri Sep 10 17:04:31 2004 => {C333CF63-767F-4831-94AC-E683D962C63C} = C:\Programme\TGTSoft\StyleXP\TGT_BHO.dll
Fri Sep 10 17:04:31 2004 => Scanning File C:\Programme\TGTSoft\StyleXP\TGT_BHO.dll

Fri Sep 10 17:04:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\Explorer.exe
Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\system32\userinit.exe

Fri Sep 10 17:04:31 2004 => Scanning HKCU\Control Panel\Desktop
Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\System32\logon.scr

Fri Sep 10 17:04:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\Dit.exe
Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\System32\PSDrvCheck.exe
Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\mHotkey.exe
Fri Sep 10 17:04:32 2004 => Scanning File C:\PROGRA~1\MEDION~1\POWERC~1\PCMSER~1.EXE
Fri Sep 10 17:04:32 2004 => Scanning File C:\PROGRA~1\ATITEC~1\ATICON~1\atiptaxx.exe
Fri Sep 10 17:04:32 2004 => Scanning File C:\WINDOWS\system32\RunDll32.exe
Fri Sep 10 17:04:32 2004 => Scanning File C:\WINDOWS\system32\NeroCheck.exe
Fri Sep 10 17:04:32 2004 => Scanning File C:\WINDOWS\system32\PRISMSTA.EXE
Fri Sep 10 17:04:32 2004 => Scanning File C:\Programme\AVPersonal\AVGNT.EXE
Fri Sep 10 17:04:32 2004 => *** File C:\PROGRA~1\Sygate\SPF\smc.exe having Size Restriction ***
Fri Sep 10 17:04:32 2004 => Scanning File C:\PROGRA~1\Sygate\SPF\smc.exe [**]

Fri Sep 10 17:04:32 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Fri Sep 10 17:04:32 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Fri Sep 10 17:04:32 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Fri Sep 10 17:04:32 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Fri Sep 10 17:04:32 2004 => *** File C:\Programme\TGTSoft\StyleXP\StyleXP.exe having Size Restriction ***
Fri Sep 10 17:04:32 2004 => Scanning File C:\Programme\TGTSoft\StyleXP\StyleXP.exe [**]

Fri Sep 10 17:04:32 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Fri Sep 10 17:04:32 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Fri Sep 10 17:04:32 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Fri Sep 10 17:04:33 2004 => Scanning HKCR\txtfile\shell\open\command

Fri Sep 10 17:04:33 2004 => Scanning HKCR\comfile\shell\open\command

Fri Sep 10 17:04:33 2004 => Scanning HKCR\exefile\shell\open\command

Fri Sep 10 17:04:33 2004 => Scanning HKCR\dllfile\shell\open\command

Fri Sep 10 17:04:33 2004 => Scanning HKCR\batfile\shell\open\command

Fri Sep 10 17:04:33 2004 => Scanning HKCR\piffile\shell\open\command

Fri Sep 10 17:04:33 2004 => Scanning HKCR\scrfile\shell\open\command

Fri Sep 10 17:04:33 2004 => Scanning HKCR\scrfile\shell\config\command

Fri Sep 10 17:04:33 2004 => Scanning HKCR\regfile\shell\open\command

Fri Sep 10 17:04:33 2004 => ***** Scanning StartUp Folders *****

Fri Sep 10 17:04:33 2004 => ***** Scanning C:\Dokumente und Einstellungen\ben\Startmenü\Programme\Autostart Folder *****
Fri Sep 10 17:04:33 2004 => Scanning Folder: C:\Dokumente und Einstellungen\ben\Startmenü\Programme\Autostart\*.*
Fri Sep 10 17:04:33 2004 => Scanning File C:\Dokumente und Einstellungen\ben\Startmenü\Programme\Autostart\desktop.ini [**]

Fri Sep 10 17:04:33 2004 => ***** Scanning C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Folder *****
Fri Sep 10 17:04:33 2004 => Scanning Folder: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\*.*
Fri Sep 10 17:04:33 2004 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini [**]
Fri Sep 10 17:04:33 2004 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Kontrollfeld für die kabellose Tastatur.lnk

Alt 10.09.2004, 17:10   #9
bensen
 
kacke trojaner - Standard

kacke trojaner



Fri Sep 10 17:04:29 2004 => **********************************************************
Fri Sep 10 17:04:29 2004 => eScan AntiVirus Toolkit Utility.
Fri Sep 10 17:04:29 2004 => Copyright © 2003-2004, MicroWorld Technologies Inc.
Fri Sep 10 17:04:29 2004 =>
Fri Sep 10 17:04:29 2004 => Support: support@mwti.net
Fri Sep 10 17:04:29 2004 => Web: http://www.mwti.net
Fri Sep 10 17:04:29 2004 => **********************************************************
Fri Sep 10 17:04:29 2004 => Version 4.4.7
Fri Sep 10 17:04:29 2004 => Log File: C:\DOKUME~1\ben\LOKALE~1\Temp\mwav.log
Fri Sep 10 17:04:29 2004 => Latest Date of files inside MWAV: 08 Sep 2004 12:01:44.

Fri Sep 10 17:04:30 2004 => Options Selected by User:
Fri Sep 10 17:04:30 2004 => Memory Check: Enabled
Fri Sep 10 17:04:30 2004 => Registry Check: Enabled
Fri Sep 10 17:04:30 2004 => StartUp Folder Check: Enabled
Fri Sep 10 17:04:30 2004 => System Folder Check: Enabled
Fri Sep 10 17:04:30 2004 => System Area Check: Disabled
Fri Sep 10 17:04:30 2004 => Services Check: Enabled
Fri Sep 10 17:04:30 2004 => Drive Check Option Disabled
Fri Sep 10 17:04:30 2004 => Scanning Type: Scan And Clean
Fri Sep 10 17:04:30 2004 => Folder Check: Disabled

Fri Sep 10 17:04:30 2004 => ***** Scanning Memory Files *****
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\services.exe
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\lsass.exe
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\userinit.exe
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\Explorer.EXE
Fri Sep 10 17:04:30 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\mwavscan.com
Fri Sep 10 17:04:30 2004 => Scanning File C:\DOKUME~1\ben\LOKALE~1\Temp\kavss.exe

Fri Sep 10 17:04:30 2004 => ***** Scanning Registry Files *****

Fri Sep 10 17:04:30 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Fri Sep 10 17:04:30 2004 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Fri Sep 10 17:04:30 2004 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Fri Sep 10 17:04:30 2004 => Scanning File C:\WINDOWS\System32\webcheck.dll
Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\System32\stobject.dll

Fri Sep 10 17:04:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
Fri Sep 10 17:04:31 2004 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
Fri Sep 10 17:04:31 2004 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\ActiveX\ACROIE~1.DLL
Fri Sep 10 17:04:31 2004 => {53707962-6F74-2D53-2644-206D7942484F} = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Fri Sep 10 17:04:31 2004 => Scanning File C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Fri Sep 10 17:04:31 2004 => {C333CF63-767F-4831-94AC-E683D962C63C} = C:\Programme\TGTSoft\StyleXP\TGT_BHO.dll
Fri Sep 10 17:04:31 2004 => Scanning File C:\Programme\TGTSoft\StyleXP\TGT_BHO.dll

Fri Sep 10 17:04:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\Explorer.exe
Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\system32\userinit.exe

Fri Sep 10 17:04:31 2004 => Scanning HKCU\Control Panel\Desktop
Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\System32\logon.scr

Fri Sep 10 17:04:31 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\Dit.exe
Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\System32\PSDrvCheck.exe
Fri Sep 10 17:04:31 2004 => Scanning File C:\WINDOWS\mHotkey.exe
Fri Sep 10 17:04:32 2004 => Scanning File C:\PROGRA~1\MEDION~1\POWERC~1\PCMSER~1.EXE
Fri Sep 10 17:04:32 2004 => Scanning File C:\PROGRA~1\ATITEC~1\ATICON~1\atiptaxx.exe
Fri Sep 10 17:04:32 2004 => Scanning File C:\WINDOWS\system32\RunDll32.exe
Fri Sep 10 17:04:32 2004 => Scanning File C:\WINDOWS\system32\NeroCheck.exe
Fri Sep 10 17:04:32 2004 => Scanning File C:\WINDOWS\system32\PRISMSTA.EXE
Fri Sep 10 17:04:32 2004 => Scanning File C:\Programme\AVPersonal\AVGNT.EXE
Fri Sep 10 17:04:32 2004 => *** File C:\PROGRA~1\Sygate\SPF\smc.exe having Size Restriction ***
Fri Sep 10 17:04:32 2004 => Scanning File C:\PROGRA~1\Sygate\SPF\smc.exe [**]

Alt 10.09.2004, 17:13   #10
bensen
 
kacke trojaner - Standard

kacke trojaner



Fri Sep 10 17:04:32 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Fri Sep 10 17:04:32 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Fri Sep 10 17:04:32 2004 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Fri Sep 10 17:04:32 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Fri Sep 10 17:04:32 2004 => *** File C:\Programme\TGTSoft\StyleXP\StyleXP.exe having Size Restriction ***
Fri Sep 10 17:04:32 2004 => Scanning File C:\Programme\TGTSoft\StyleXP\StyleXP.exe [**]

Fri Sep 10 17:04:32 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Fri Sep 10 17:04:32 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Fri Sep 10 17:04:32 2004 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Fri Sep 10 17:04:33 2004 => Scanning HKCR\txtfile\shell\open\command

Fri Sep 10 17:04:33 2004 => Scanning HKCR\comfile\shell\open\command

Fri Sep 10 17:04:33 2004 => Scanning HKCR\exefile\shell\open\command

Fri Sep 10 17:04:33 2004 => Scanning HKCR\dllfile\shell\open\command

Fri Sep 10 17:04:33 2004 => Scanning HKCR\batfile\shell\open\command

Fri Sep 10 17:04:33 2004 => Scanning HKCR\piffile\shell\open\command

Fri Sep 10 17:04:33 2004 => Scanning HKCR\scrfile\shell\open\command

Fri Sep 10 17:04:33 2004 => Scanning HKCR\scrfile\shell\config\command

Fri Sep 10 17:04:33 2004 => Scanning HKCR\regfile\shell\open\command

Fri Sep 10 17:04:33 2004 => ***** Scanning StartUp Folders *****

Fri Sep 10 17:04:33 2004 => ***** Scanning C:\Dokumente und Einstellungen\ben\Startmenü\Programme\Autostart Folder *****
Fri Sep 10 17:04:33 2004 => Scanning Folder: C:\Dokumente und Einstellungen\ben\Startmenü\Programme\Autostart\*.*
Fri Sep 10 17:04:33 2004 => Scanning File C:\Dokumente und Einstellungen\ben\Startmenü\Programme\Autostart\desktop.ini [**]

Fri Sep 10 17:04:33 2004 => ***** Scanning C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart Folder *****
Fri Sep 10 17:04:33 2004 => Scanning Folder: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\*.*
Fri Sep 10 17:04:33 2004 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini [**]
Fri Sep 10 17:04:33 2004 => Scanning File C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Kontrollfeld für die kabellose Tastatur.lnk

Fri Sep 10 17:04:33 2004 => ***** Scanning Service Files *****
Fri Sep 10 17:04:33 2004 => Scanning HKLM\SYSTEM\CurrentControlSet\Services
Fri Sep 10 17:04:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ACPI.sys
Fri Sep 10 17:04:33 2004 => Scanning File C:\WINDOWS\System32\drivers\aec.sys
Fri Sep 10 17:04:33 2004 => Scanning File C:\WINDOWS\System32\drivers\afd.sys
Fri Sep 10 17:04:33 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\agp440.sys
Fri Sep 10 17:04:33 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\alg.exe
Fri Sep 10 17:04:34 2004 => Scanning File C:\Programme\AVPersonal\AVGUARD.EXE
Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\arp1394.sys
Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\Drivers\ASAPIW2K.sys
Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\asyncmac.sys
Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\atapi.sys
Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ati2mtag.sys
Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\atmarpc.sys
Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\audstub.sys
Fri Sep 10 17:04:34 2004 => Scanning File C:\PROGRAMME\AVPERSONAL\AVGNTDD.SYS
Fri Sep 10 17:04:34 2004 => Scanning File C:\Programme\AVPersonal\AVWUPSRV.EXE
Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:34 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\Cap7134.sys
Fri Sep 10 17:04:35 2004 => Scanning File C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe
Fri Sep 10 17:04:35 2004 => Scanning File C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\CCDECODE.sys
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\cdrom.sys
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\system32\cisvc.exe
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\system32\clipsrv.exe
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\drivers\cmuda.sys
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\dllhost.exe
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\disk.sys
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\dmadmin.exe
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\drivers\dmboot.sys
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\drivers\dmio.sys
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\drivers\dmload.sys
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\drivers\DMusic.sys
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:35 2004 => Scanning File C:\WINDOWS\System32\drivers\drmkaud.sys
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\el90xbc5.sys
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\system32\services.exe
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\fdc.sys
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\fetnd5b.sys
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ftdisk.sys
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\msgpc.sys
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\hidusb.sys
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\i8042prt.sys
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\imapi.sys
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\imapi.exe
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ctxs51.sys
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\Ip6Fw.sys
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:36 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ipinip.sys
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ipnat.sys
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ipsec.sys
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\irenum.sys
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\isapnp.sys
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\kbdclass.sys
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\kbdhid.sys
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\drivers\kmixer.sys
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\svchost.exe

Alt 10.09.2004, 17:14   #11
bensen
 
kacke trojaner - Standard

kacke trojaner



Fri Sep 10 17:04:37 2004 => Scanning File C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
Fri Sep 10 17:04:37 2004 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\VS7Debug\mdm.exe
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\mnmsrvc.exe
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\mouclass.sys
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\mouhid.sys
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\mrxdav.sys
Fri Sep 10 17:04:37 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\msdtc.exe
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\msiexec.exe
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\drivers\MSKSSRV.sys
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\drivers\MSPCLOCK.sys
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\drivers\MSPQM.sys
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\drivers\MSTEE.sys
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\drivers\msmpu401.sys
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\NdisIP.sys
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ndistapi.sys
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ndisuio.sys
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ndiswan.sys
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\netbios.sys
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\netbt.sys
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\system32\netdde.exe
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\system32\netdde.exe
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\lsass.exe
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\nic1394.sys
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\System32\lsass.exe
Fri Sep 10 17:04:38 2004 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ohci1394.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\parport.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\pci.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\pciide.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\drivers\pfc.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\PhTVTune.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\system32\services.exe
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\lsass.exe
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\raspptp.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\PRISMA00.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\processr.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\system32\lsass.exe
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\ptilink.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\rasacd.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\rasl2tp.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\raspppoe.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\raspti.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\rdbss.sys
Fri Sep 10 17:04:39 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\system32\sessmgr.exe
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\redbook.sys
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\locator.exe
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\rsvp.exe
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\system32\lsass.exe
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\SCardSvr.exe
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\SCardSvr.exe
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\secdrv.sys
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\serenum.sys
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\serial.sys
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\sfloppy.sys
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\SLIP.sys
Fri Sep 10 17:04:40 2004 => *** File C:\Programme\Sygate\SPF\smc.exe having Size Restriction ***
Fri Sep 10 17:04:40 2004 => Scanning File C:\Programme\Sygate\SPF\smc.exe [**]
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\drivers\splitter.sys
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\sr.sys
Fri Sep 10 17:04:40 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\srv.sys
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\StreamIP.sys
Fri Sep 10 17:04:41 2004 => Scanning File C:\PROGRAMME\TGTSOFT\STYLEXP\STYLEXPHELPER.EXE
Fri Sep 10 17:04:41 2004 => Scanning File C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\swenum.sys
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\drivers\swmidi.sys
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\dllhost.exe
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\drivers\sysaudio.sys
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\system32\smlogsvc.exe
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\tcpip.sys
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\termdd.sys
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\update.sys
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:41 2004 => Scanning File C:\WINDOWS\System32\ups.exe
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\usbccgp.sys
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\usbehci.sys
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\usbhub.sys
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\usbuhci.sys
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\drivers\vga.sys
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\vssvc.exe
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\wanarp.sys
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\drivers\wdmaud.sys
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\SYSTEM32\Drivers\wg4n.sys
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\SYSTEM32\Drivers\wg5n.sys
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\SYSTEM32\Drivers\wg6n.sys
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\wbem\wmiapsrv.exe
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\WPSDRVNT.SYS
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\system32\svchost.exe
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\svchost.exe
Fri Sep 10 17:04:42 2004 => Scanning File C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Fri Sep 10 17:04:42 2004 => Scanning File C:\WINDOWS\System32\Drivers\x10uif.sys

Alt 10.09.2004, 17:15   #12
bensen
 
kacke trojaner - Standard

kacke trojaner



Fri Sep 10 17:04:43 2004 => ***** Scanning System32 Folders *****
Fri Sep 10 17:04:43 2004 => Scanning C:\WINDOWS Directory
Fri Sep 10 17:04:43 2004 => Scanning Folder: C:\WINDOWS\*.*
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\0.log [**]
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\Angler.bmp [**]
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\AUDIO3D.DLL
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\Blaue Spitzen 16.bmp [**]
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\bootstat.dat [**]
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\chanwarn.bmp [**]
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\chipset.log [**]
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\clock.avi [**]
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMCDPLAY.INI [**]
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMCOMM.INF
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\cmiainfo.sys
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMICHX.INF
Fri Sep 10 17:04:43 2004 => *** File C:\WINDOWS\CMICNFG.CPL having Size Restriction ***
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMICNFG.CPL [**]
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMIDS3D.DLL
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMIRmDriver.dll
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMIRMDRV.DLL
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMIRMDRV.EXE
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CmiRmRedundDir.exe
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMISETUP.INI [**]
Fri Sep 10 17:04:43 2004 => Scanning File C:\WINDOWS\CMIUninstall.exe
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\CMSIS.INF
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\CMUDA.CAT [**]
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\cmuda.dll
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\CMUDA.INF
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\Cmuda.ini [**]
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\CMUDA.SYS
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\CMVIA.INF
Fri Sep 10 17:04:44 2004 => *** File C:\WINDOWS\CNYHKey.exe having Size Restriction ***
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\CNYHKey.exe [**]
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\CNYHKey.ini [**]
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\CNYUSB.dll
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\COM+.log [**]
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\comsetup.log [**]
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\comwarn.bmp [**]
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\control.ini [**]
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\dahotfix.log [**]
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\desktop.ini [**]
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\DirectX.log [**]
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\Dit.DLL
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\Dit.exe
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\Dit.INI [**]
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\DitExp.exe
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\DtcInstall.log [**]
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\explorer.exe
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\explorer.scf [**]
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\FaxSetup.log [**]
Fri Sep 10 17:04:44 2004 => Scanning File C:\WINDOWS\Feder.bmp [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\Fächer.bmp [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\Granit.bmp [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\hh.exe
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\HIDMNT.dll
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\HKCYDLL.dll
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\ICCLR.INF
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\IEPatchUninstall.log [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\ieuninst.exe
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\iis6.log [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\imsins.BAK [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\imsins.log [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\InoSetup.ini [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\IsUn0407.exe
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\jautoexp.dat [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\Kaffeetasse.bmp [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\KB810243.log [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\KB817778.log [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\KB820291.log [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\KB821253.log [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\KB821557.log [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\KB822603.log [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\KB823182.log [**]
Fri Sep 10 17:04:45 2004 => Scanning File C:\WINDOWS\KB823559.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB823980.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB824105.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB824141.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB824146.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB825116.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB825119.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB828035.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB828741.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB835732.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB837001.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB839643-DirectX9.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB839645.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB840315.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB840374.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB841873.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\KB842773.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\LedHKey.reg
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\mHotkey.exe
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\mHotkey.reg
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\ModemLog_Creatix V.9X DSP Data Fax Modem.txt [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\mozver.dat [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\msdfmap.ini [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\msgsocm.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\muninst.exe
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\NOTEPAD.EXE
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\nsreg.dat [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\ntbtlog.txt [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\ntdtcsetup.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\ocgen.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\ocmsn.log [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\ODBC.INI [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\ODBCINST.INI [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\oeuninst.exe
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\OEWABLog.txt [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\orun32.ini [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\orun32.isu [**]
Fri Sep 10 17:04:46 2004 => Scanning File C:\WINDOWS\PIC.dll
Fri Sep 10 17:04:47 2004 => Scanning File C:\WINDOWS\PRISMDOM.ini [**]
Fri Sep 10 17:04:47 2004 => Scanning File C:\WINDOWS\Präriewind.bmp [**]
Fri Sep 10 17:04:47 2004 => Scanning File C:\WINDOWS\Q322011.log [**]
Fri Sep 10 17:04:47 2004 => Scanning File C:\WINDOWS\Q323255.log [**]
Fri Sep 10 17:04:47 2004 => Scanning File C:\WINDOWS\Q327979.log [**]
Fri Sep 10 17:04:47 2004 => Scanning File C:\WINDOWS\Q328310.log [**]

Alt 10.09.2004, 17:16   #13
bensen
 
kacke trojaner - Icon17

kacke trojaner



... das is aber nochnetmal die hälfte darum stop ich das mal hier *gg*

Fri Sep 10 17:06:27 2004 => ***** Checking for specific ITW Viruses *****
Fri Sep 10 17:06:27 2004 => Checking for Welchia Virus...
Fri Sep 10 17:06:27 2004 => Checking for LovGate Virus...
Fri Sep 10 17:06:27 2004 => Checking for CodeRed Virus...
Fri Sep 10 17:06:27 2004 => Checking for OpaServ Virus...
Fri Sep 10 17:06:27 2004 => Checking for Sobig.e Virus...
Fri Sep 10 17:06:27 2004 => Checking for Winupie Virus...
Fri Sep 10 17:06:27 2004 => Checking for Swen Virus...
Fri Sep 10 17:06:27 2004 => Checking for JS.Fortnight Virus...
Fri Sep 10 17:06:27 2004 => Checking for Novarg Virus...
Fri Sep 10 17:06:27 2004 => Checking for Pagabot Virus...
Fri Sep 10 17:06:27 2004 => Checking for Parite.b Virus...
Fri Sep 10 17:06:27 2004 => Checking for Parite.a Virus...

Fri Sep 10 17:06:27 2004 => ***** Scanning complete. *****

Fri Sep 10 17:06:27 2004 => Total Number of Files Scanned: 2259
Fri Sep 10 17:06:27 2004 => Total Number of Virus(es) Found: 0
Fri Sep 10 17:06:27 2004 => Total Number of Disinfected Files: 0
Fri Sep 10 17:06:27 2004 => Total Number of Files Renamed: 0
Fri Sep 10 17:06:27 2004 => Total Number of Deleted Files: 0
Fri Sep 10 17:06:27 2004 => Total Number of Errors: 0
Fri Sep 10 17:06:27 2004 => Time Elapsed: 00:01:57
Fri Sep 10 17:06:27 2004 => Virus Database Date: 2004/09/08
Fri Sep 10 17:06:27 2004 => Virus Database Count: 103467

Fri Sep 10 17:06:27 2004 => Scan Completed.

Alt 10.09.2004, 19:13   #14
Shadowdance
 
kacke trojaner - Standard

kacke trojaner



@ bensen ... welch erfreuliches Scan-Ergebnis !
Es war bestimmt viel Arbeit, das eScan-Logfile hier zu posten.

... bitte nicht damit weitermachen. Wir haben nun gesehen, was wir sehen wollten. Ist Dein System nun wieder in Ordnung?

SD

Alt 10.09.2004, 23:44   #15
bensen
 
kacke trojaner - Standard

kacke trojaner



ich hoffs =\ bis jez hab ich nix mehr bemerkt. danke für die hilfe

Antwort

Themen zu kacke trojaner
.com, .inf, adobe, antivir, avg, bho, cursor, einstellungen, file missing, format, hijack, hijackthis, home, internet, internet explorer, logfile, maus, netgear, netzwerk, rundll, software, system, temp, trojane, trojaner, windows, windows xp, wlan




Zum Thema kacke trojaner - Logfile of HijackThis v1.98.2 Scan saved at 23:09:46, on 09.09.2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe - kacke trojaner...
Archiv
Du betrachtest: kacke trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.