Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
backdoor agent

backdoor agent


Log-Analyse und Auswertung: backdoor agent

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 2 von 4 1 2 34
Alt 28.09.2005, 15:26   #16
DJ Ötzi
 
backdoor agent - Standard

backdoor agent


kannst du mir weiterhelfen?

Alt 28.09.2005, 15:28   #17
DJ Ötzi
 
backdoor agent - Standard

backdoor agent


kann mir jemand weiter helfen?
was muss ich jetzt machen?
__________________
Alt 28.09.2005, 15:38   #18
DJ Ötzi
 
backdoor agent - Standard

backdoor agent


kann mir Jemand weiterhelfen?
Was muss ich jetzt tun?
habe mit hijacjthis gescannt, was jetzt?
__________________
Alt 28.09.2005, 16:36   #19
DJ Ötzi
 
backdoor agent - Standard

backdoor agent


Brauche Hilfe,
Kann mir jemand weiterhelfen,
habe mit hijack gescannt.
bei welchen kästchen muss ich ein häckchen setzten.

Bitte um hilfe

Alt 28.09.2005, 20:46   #20
DJ Ötzi
 
backdoor agent - Standard

backdoor agent


hallo,brauche dringend hilfe !!!
kann mir jemand helfen?


Alt 28.09.2005, 21:04   #21
DJ Ötzi
 
backdoor agent - Standard

backdoor agent


HILFE!

habe mit Hijack gescannt,dass kamm draus,
hilft mir bitte damit ich die sch... entfernen kann!!!

Logfile of HijackThis v1.99.1
Scan saved at 21:55:15, on 28.09.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Programme\AVPersonal\AVSched32.EXE
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\Messenger\msmsgs.exe
C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\devldr32.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Dokumente und Einstellungen\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.accoona.com/search_assist...mpaign=wdz0805
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.accoona.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.internetcologne.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.internetcologne.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.internetcologne.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.accoona.com/search_assist...mpaign=wdz0805
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) ://www.accoona.com/search?q=%s
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Accoona Search Assistant - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Programme\Accoona\ASearchAssist.dll
O4 - HKLM\..\Run: [WinDSL MTU-Adjust] WinDSL_MTU.exe
O4 - HKLM\..\Run: [WinUpdate] C:\muhtesem.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [SearchUpgrader] C:\Programme\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Programme\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [AVSCHED32] C:\Programme\AVPersonal\AVSched32.EXE /min
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {40BF816B-D862-41B9-9445-ECA36D5F67F9} (Flatcast Viewer 4.12) - //www.1mal1.com/flatcast/NpFv412.dll
O16 - DPF: {51EA44E6-C8C3-4E30-8F3D-D8EE71A44DCB} (Upload Control) - ://img.web.de/v/fotoalbum/activex/upload_1115.cab
O16 - DPF: {990D211C-FBA4-47FB-A764-A2D7A78A79E4} (SecureLogin) - ://www.gamegarden.net/game/ggsecure.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - ://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - ://www2.incredimail.com/contents/setup/downloader/imloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{52035291-D663-44C5-82AE-1845E5B8FBCB}: NameServer = 194.8.194.60 213.168.112.60
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

Alt 29.09.2005, 06:05   #22
stupormundi
 
backdoor agent - Standard

backdoor agent


Zitat:
Logfile of HijackThis v1.99.1
Scan saved at 21:55:15, on 28.09.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Dein System ist nicht aktuell (es fehlt SP2+Sicherheitsupdates), was der Hauptgrund für Deine Probleme sein dürfte.
Außerdem hast Du einige Malware an board!
Diese Datei ist mir unbekannt:
Zitat:
O4 - HKLM\..\Run: [WinUpdate] C:\muhtesem.exe
Lass´ Sie bei virusscan.jotti.org/de einmal prüfen und poste das Ergebnis! Dann sehen wir weiter!
Was ist nun überhaupt mit dem escan logfile?
stupormundi

Alt 29.09.2005, 10:23   #23
DJ Ötzi
 
backdoor agent - Standard

backdoor agent


Hi!!!

Ich habe doch Anti virus Programm auf meinen Rechener,Updaten tue ich auch täglich!! Wo ran kann es legen,dass bei mir die Sicherheitsupdate fehlt?
Was meinst du mit Sp2?
Ich weis garnicht was das ist !!!
Habe gerade versucht die Malware hochzuladen,geht aber nicht!!!
Dummerweise habe ich gestern das Escanfenster geschlossen .danach habe ich es mit Hijack gescannt.

Alt 29.09.2005, 10:33   #24
stupormundi
 
backdoor agent - Standard

backdoor agent


Servus wieder, DJ Ötzi!
Zitat:
Ich habe doch Anti virus Programm auf meinen Rechener,Updaten tue ich auch täglich!! Wo ran kann es legen,dass bei mir die Sicherheitsupdate fehlt?
Was meinst du mit Sp2?
Das meine ich damit
Zitat:
Logfile of HijackThis v1.99.1
Scan saved at 21:55:15, on 28.09.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Wie ich Dir schon geschrieben habe
Zitat:
Dein System ist nicht aktuell (es fehlt SP2+Sicherheitsupdates)
Das bedeutet, dass Dein Windows XP nicht mit dem Servicepack2 aktualisiert ist und die seit der Veröffentlichung dieses Servicepack2 ebenfalls von Microsoft (=das ist der Hersteller von Windows XP) zur Verfügung gestellten Sicherheitsupdates für Windows und dem InternetExplorer ebenfalls nicht installiert sind.
Das hat nix mit irgendwelchen Antivirusprogrammen zu tun!
Zitat:
Habe gerade versucht die Malware hochzuladen,geht aber nicht!!!
Was funktioniert daran nicht?
stupormundi

Alt 29.09.2005, 10:38   #25
DJ Ötzi
 
backdoor agent - Standard

backdoor agent


ach so!!Jetzt weis ich was du meist !!!!!!
wenn mein Computer immer hochladet öffnet sich ein Fenster,dadrin steht dann,dass die Xp CD verlagt wird!!

Habe ich das richtig verstanden??

Alt 29.09.2005, 11:11   #26
DJ Ötzi
 
backdoor agent - Standard

backdoor agent


Kann ich das Sp2 im Internet aktualisieren?
Wenn nicht was soll ich tun???

Alt 29.09.2005, 14:04   #27
DJ Ötzi
 
backdoor agent - Standard

backdoor agent


KLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll

Wed Sep 28 15:12:06 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\mmsys.cpl
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\rshx32.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\docprop.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\themeui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\deskadp.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\deskmon.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\dssec.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\SlayerXP.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\shscrap.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\diskcopy.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\ntlanui2.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\icmui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\printui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\dskquoui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\syncui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\hticons.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\fontext.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\icmui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\rshx32.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\deskperf.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\cryptext.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\wiashext.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\remotepg.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\wshext.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\oledb32.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\mstask.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shmedia.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll

Alt 29.09.2005, 14:05   #28
DJ Ötzi
 
backdoor agent - Standard

backdoor agent


Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\browseui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shdocvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\sendmail.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\sendmail.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\occache.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\webcheck.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\appwiz.cpl
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\shimgvw.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\netplwiz.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\zipfldr.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\cdfview.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\msieftp.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\docprop2.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\dsquery.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\dsuiext.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\dsuiext.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\mydocs.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\cscui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\cscui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\cscui.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\msagent\agentpsh.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\dfsshlex.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\photowiz.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\mmcshext.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\cabview.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\PROGRA~1\OUTLOO~1\wabfind.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\wmpshell.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\wmpshell.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\wmpshell.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\wuaucpl.cpl

Alt 29.09.2005, 14:06   #29
DJ Ötzi
 
backdoor agent - Standard

backdoor agent


exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\gptext.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\fdeploy.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\dskquota.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\gptext.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\gptext.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\scecli.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\iedkcs32.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\scecli.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\appmgmts.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\gptext.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\crypt32.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\cryptnet.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\cscdll.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\sclgntfy.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\wlnotify.dll

Wed Sep 28 15:12:06 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Wed Sep 28 15:12:06 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

Wed Sep 28 15:12:06 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Wed Sep 28 15:12:06 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AEDEBUG
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\drwtsn32.exe

Wed Sep 28 15:12:06 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\ntsd.exe

Wed Sep 28 15:12:06 2005 => Scanning HKCU\Control Panel\Desktop
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\logon.scr

Wed Sep 28 15:12:06 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Control\WOW
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\ntvdm.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\ntvdm.exe

Wed Sep 28 15:12:06 2005 => Scanning HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\inf\unregmp2.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\shmgrate.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\RunDLL32.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\shmgrate.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\rundll32.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\ie4uinit.exe

Wed Sep 28 15:12:06 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Wed Sep 28 15:12:06 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Wed Sep 28 15:12:06 2005 => Scanning HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Run

Wed Sep 28 15:12:06 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Run

Wed Sep 28 15:12:06 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\WinDSL_MTU.exe
Wed Sep 28 15:12:06 2005 => ERROR!!! Invalid Entry WinUpdate = C:\muhtesem.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\\NeroCheck.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
Wed Sep 28 15:12:06 2005 => ERROR!!! Invalid Entry SearchUpgrader = C:\Programme\Common files\SearchUpgrader\SearchUpgrader.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
Wed Sep 28 15:12:06 2005 => Scanning File C:\PROGRA~1\LEXMAR~2\fm3032.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\Programme\AVPersonal\AVSched32.EXE
Wed Sep 28 15:12:06 2005 => Scanning File C:\Programme\AVPersonal\AVGNT.EXE
Wed Sep 28 15:12:06 2005 => ERROR!!! Invalid Entry P2P Networking = C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.

Wed Sep 28 15:12:06 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Wed Sep 28 15:12:06 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Wed Sep 28 15:12:06 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Wed Sep 28 15:12:06 2005 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce

Wed Sep 28 15:12:06 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Wed Sep 28 15:12:06 2005 => Scanning File C:\Programme\Messenger\msmsgs.exe

Wed Sep 28 15:12:06 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersio

Alt 29.09.2005, 14:07   #30
DJ Ötzi
 
backdoor agent - Standard

backdoor agent


ed Sep 28 15:12:06 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Wed Sep 28 15:12:06 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Wed Sep 28 15:12:06 2005 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Setup

Wed Sep 28 15:12:06 2005 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\CTFMON.EXE

Wed Sep 28 15:12:06 2005 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Wed Sep 28 15:12:06 2005 => Scanning HKCR\txtfile\shell\open\command

Wed Sep 28 15:12:06 2005 => Scanning HKCR\comfile\shell\open\command

Wed Sep 28 15:12:06 2005 => Scanning HKCR\exefile\shell\open\command

Wed Sep 28 15:12:06 2005 => Scanning HKCR\dllfile\shell\open\command

Wed Sep 28 15:12:06 2005 => Scanning HKCR\batfile\shell\open\command

Wed Sep 28 15:12:06 2005 => Scanning HKCR\piffile\shell\open\command

Wed Sep 28 15:12:06 2005 => Scanning HKCR\scrfile\shell\open\command

Wed Sep 28 15:12:06 2005 => Scanning HKCR\scrfile\shell\config\command

Wed Sep 28 15:12:06 2005 => Scanning HKCR\regfile\shell\open\command

Wed Sep 28 15:12:06 2005 => Scanning HKCR\htmlfile\shell\open\command
Wed Sep 28 15:12:06 2005 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe

Wed Sep 28 15:12:06 2005 => Scanning HKCR\htafile\shell\open\command
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\mshta.exe

Wed Sep 28 15:12:06 2005 => Scanning HKCR\jsfile\shell\open\command
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Wed Sep 28 15:12:06 2005 => Scanning HKCR\jsefile\shell\open\command
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Wed Sep 28 15:12:06 2005 => Scanning HKCR\vbsfile\shell\open\command
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Wed Sep 28 15:12:06 2005 => Scanning HKCR\vbefile\shell\open\command
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Wed Sep 28 15:12:06 2005 => Scanning HKCR\wshfile\shell\open\command
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Wed Sep 28 15:12:06 2005 => Scanning HKCR\wsffile\shell\open\command
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\WScript.exe

Wed Sep 28 15:12:06 2005 => ***** Scanning Service Files *****
Wed Sep 28 15:12:06 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Services
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ACPI.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\drivers\aec.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\drivers\afd.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\alg.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\amdk7.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\PROGRAMME\AVPERSONAL\AVGUARD.EXE
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\asyncmac.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\atapi.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\atmarpc.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\audstub.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\PROGRAMME\AVPERSONAL\AVGNTDW.SYS
Wed Sep 28 15:12:06 2005 => Scanning File C:\Programme\AVPersonal\AVWUPSRV.EXE
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\CCDECODE.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\cdrom.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\cisvc.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\clipsrv.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\dllhost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ctljystk.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\Drivers\SQcaptur.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\disk.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\dmadmin.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\drivers\dmboot.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\drivers\dmio.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\drivers\dmload.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\drivers\DMusic.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\drivers\drmkaud.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\drivers\emu10k1m.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\drivers\ctlfacem.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\services.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\fdc.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\flpydisk.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ftdisk.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\gameenum.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\msgpc.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\hidusb.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\i8042prt.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\imapi.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\imapi.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ipinip.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ipnat.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ipsec.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\irenum.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\isapnp.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\kbdclass.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\drivers\kmixer.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\LEXBCES.EXE
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\VS7Debug\mdm.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\mnmsrvc.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\mouclass.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\mouhid.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\mrxdav.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\mrxsmb.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\msdtc.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\msiexec.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\drivers\MSKSSRV.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\drivers\MSPCLOCK.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\drivers\MSPQM.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\drivers\MSTEE.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\NdisIP.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ndistapi.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ndisuio.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ndiswan.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\netbios.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\netbt.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\netdde.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\netdde.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\lsass.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\lsass.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys
Wed Sep 28 15:12:06 2005 => ERROR!!! Invalid Entry system32\drivers\ctoss2k.sys in SYSTEM\CurrentControlSet\Services\ossrv...
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\parport.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\pci.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\services.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\lsass.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\raspptp.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\psched.sys
Wed Sep 28 15:12:06 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\ptilink.sys
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\PxHelp20.sys
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\rasacd.sys
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\rasl2tp.sys
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\raspppoe.sys
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\raspti.sys
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\rdbss.sys
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\rdpdr.sys
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\system32\sessmgr.exe
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\redbook.sys
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\System32\locator.exe
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\System32\rsvp.exe
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\RTL8139.SYS
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\system32\lsass.exe
Wed Sep 28 15:12:07 2005 => Scanning File C:\WINDOWS\System32\SCardSvr.exe
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\SCardSvr.exe
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\secdrv.sys
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\serenum.sys
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\serial.sys
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\drivers\sfmanm.sys
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\SLIP.sys
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\drivers\splitter.sys
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\sr.sys
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\srv.sys
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\StreamIP.sys
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\SYSTEM32\SVKP.SYS
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\swenum.sys
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\drivers\swmidi.sys
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\dllhost.exe
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\drivers\sysaudio.sys
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\system32\smlogsvc.exe
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:08 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\tcpip.sys
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\termdd.sys
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\tlntsvr.exe
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\update.sys
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\ups.exe
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\usbccgp.sys
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\usbhub.sys
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\usbprint.sys
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\usbuhci.sys
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\drivers\vga.sys
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\viaagp.sys
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\viaide.sys
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\vssvc.exe
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:09 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\wanarp.sys
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\drivers\wdmaud.sys
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\WinDSL.sys
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\WinDSL.sys
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\svchost.exe
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\wbem\wmiapsrv.exe
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\drivers\ws2ifsl.sys
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\system32\svchost.exe
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\svchost.exe

Wed Sep 28 15:12:10 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Services\VxD

Wed Sep 28 15:12:10 2005 => ***** Scanning Important System Files *****
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\winsock.dll
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\ws2help.dll
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\ws2_32.dll
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\wscript.exe
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\wsecedit.dll
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\wshatm.dll
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\wshcon.dll
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\wshde.dll
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\wshext.dll
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\wship6.dll
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\wshisn.dll
Wed Sep 28 15:12:10 2005 => Scanning File C:\WINDOWS\System32\wshnetbs.dll
Wed Sep 28 15:12:11 2005 => Scanning File C:\WINDOWS\System32\wshom.ocx
Wed Sep 28 15:12:11 2005 => Scanning File C:\WINDOWS\System32\WshRm.dll
Wed Sep 28 15:12:11 2005 => Scanning File C:\WINDOWS\System32\wshtcpip.dll
Wed Sep 28 15:12:11 2005 => Scanning File C:\WINDOWS\System32\wsnmp32.dll
Wed Sep 28 15:12:11 2005 => Scanning File C:\WINDOWS\System32\wsock32.dll
Wed Sep 28 15:12:11 2005 => Scanning File C:\WINDOWS\System32\wstdecod.dll
Wed Sep 28 15:12:11 2005 => Scanning File C:\WINDOWS\System32\LEXSUP.HTM
Wed Sep 28 15:12:11 2005 => Scanning File C:\WINDOWS\explorer.exe
Wed Sep 28 15:12:11 2005 => Scanning File C:\WINDOWS\explorer.scf
Wed Sep 28 15:12:11 2005 => Scanning File C:\WINDOWS\System32\rundll32.exe
Wed Sep 28 15:12:11 2005 => Scanning File C:\WINDOWS\System32\BROWSEUI.DLL
Wed Sep 28 15:12:11 2005 => Scanning File C:\WINDOWS\NOTEPAD.EXE
Wed Sep 28 15:12:11 2005 => Scanning File C:\WINDOWS\System32\notepad.exe
Wed Sep 28 15:12:11 2005 => Scanning File C:\WINDOWS\System32\ctfmon.exe
Wed Sep 28 15:12:11 2005 => Scanning File C:\WINDOWS\System32\cmd.exe

Antwort
Seite 2 von 4 1 2 34

Themen zu backdoor agent
agent, ahnung, backdoor, gelöscht, helfen, hilft, keine ahnung, wegbekomme


« Pc wird immer komischer | dialer und andere besucher »


Ähnliche Themen: backdoor agent


  1. Trojan.Agent und Backdoor.Agent eingefangen
    Plagegeister aller Art und deren Bekämpfung - 29.11.2013 (18)
  2. Trojanerproblem : Backdoor.Agent und Trojaner.Agent
    Log-Analyse und Auswertung - 06.06.2013 (8)
  3. Mit Malwarebytes Backdoor/Agent ; Trojaner/Agent gefunden. Was Tun?
    Log-Analyse und Auswertung - 05.03.2013 (18)
  4. Backdoor.Agent.TRJ
    Plagegeister aller Art und deren Bekämpfung - 23.10.2012 (19)
  5. Trojan.Agent, Backdoor.Agent, Trojan.Banker > 10 Trojaner auf einem PC
    Log-Analyse und Auswertung - 22.07.2012 (0)
  6. Backdoor. Agent appconf32.exe
    Plagegeister aller Art und deren Bekämpfung - 02.05.2012 (15)
  7. Backdoor.Agent
    Plagegeister aller Art und deren Bekämpfung - 06.03.2012 (16)
  8. 95.com und Backdoor.Agent
    Log-Analyse und Auswertung - 09.01.2012 (3)
  9. Backdoor.Win32.Agent.eop!A2
    Plagegeister aller Art und deren Bekämpfung - 10.12.2008 (0)
  10. Backdoor Agent b
    Log-Analyse und Auswertung - 17.01.2008 (5)
  11. Backdoor.Win32.Agent.iw
    Plagegeister aller Art und deren Bekämpfung - 09.11.2006 (3)
  12. Backdoor BDS/Agent.AY
    Plagegeister aller Art und deren Bekämpfung - 28.12.2005 (14)
  13. Backdoor.Agent.bg
    Log-Analyse und Auswertung - 13.07.2005 (2)
  14. Backdoor.Agent
    Plagegeister aller Art und deren Bekämpfung - 23.08.2004 (1)
  15. Backdoor.Agent.B
    Plagegeister aller Art und deren Bekämpfung - 21.08.2004 (1)
  16. backdoor.agent.b
    Plagegeister aller Art und deren Bekämpfung - 08.08.2004 (8)
  17. Backdoor.agent.b
    Plagegeister aller Art und deren Bekämpfung - 28.07.2004 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema backdoor agent - kannst du mir weiterhelfen? - backdoor agent...
Archiv
Du betrachtest: backdoor agent auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55