Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Hilfe!!! Trojaner und Wurm an Bord (https://www.trojaner-board.de/32273-hilfe-trojaner-wurm-bord.html)

Mordorn 17.09.2006 16:09
Hilfe!!! Trojaner und Wurm an Bord
 
Hallo, ich hoffe Ihr könnt mir helfen.:headbang:
Ich habe leider eine Datei geöffnet die mit Trojaner verseucht war.:pfui:
Ich habe mit AntiVir, Kaspersky, AdAware und Spyboot versucht die Sache wieder in Griff zu bekommen.
Ich hatte im Systemordner z.B. eine Hook.dll Datei die ich aber löschen konnte.
In Spybot habe ich unter Systemstart einen AGOBOT-KU WORM zu stehen, das Häckchen habe ich rausgenommen.

Ich habe mit Hijack und Escan scon gescannt.
Ist es normal das Escan fast 2 Tage im abgesicherten Modus scannt?

Hier mal mein Logfils.

Logfile of HijackThis v1.99.1
Scan saved at 00:27:55, on 16.09.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\SyncroSoft\Pos\H2O\cledx.exe
C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = h**p://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h*p://www.roadhunter-berlin.de/
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [H2O] C:\Programme\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [kav] "C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [NBJ] "C:\Programme\Ahead\Nero BackItUp\NBJ.exe"
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Web-Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1126638309953
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9C024426-7859-4B2D-AB4C-B1E370AE7549} - http://us.mcafee.com/Apps/WSC/en-us/WscWlanScannerCtrl.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Programme\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Programme\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe


Ich hoffe Ihr könnt mir helfen.

Ganz lieben DANK!!!!:)

Mellosun 17.09.2006 16:19
Hallo Mordorn,

also in Deinem LOG ist, meiner einer, nichts auffälliges zu sehen!

Wenn es wirklich der Wurm ist, dann hast nen Problem aber mir fehlen die erstellten Schlüssel!
Was hat der Scann mit eScann ergeben? Gibts da ne LOG?

Gruß Mellosun

Mordorn 17.09.2006 16:22
Danke für die schnelle Antwort.
Ja aber, die LogDatei ist so lang, die kann ich hier irgendwie nicht posten.

Der Escan hat aber auch fast 2 Tage gedauert, ist das normal?

Mellosun 17.09.2006 16:33
Hast du den LOG mit Hilfe der find.zip erstellt? Nochmal Anleitung dazu lesen!

2 Tage? Hab ich noch nie gehört aber wenn du Millionen GB an Daten hast....nee, Spaß. Ist eigentlich nicht normal!


Gruß Mellosun

Mordorn 17.09.2006 16:44
na ich habe einen EScan gemacht und ganz normal die mwav.log abgespeichert.

Die Datei ist aber auch 329kb groß.

Hier ein kleiner Auszug:

Sun Sep 17 16:24:23 2006 => **********************************************************
Sun Sep 17 16:24:23 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Sun Sep 17 16:24:23 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc.
Sun Sep 17 16:24:23 2006 => **********************************************************
Sun Sep 17 16:24:23 2006 => Version 8.5.1 (C:\PROGRA~1\eScan\mwavscan.com)
Sun Sep 17 16:24:23 2006 => Log File: C:\PROGRA~1\eScan\LOG\MWAV.LOG
Sun Sep 17 16:24:23 2006 => Last Scan Date and Time: 16.09.2006 02:07:38
Sun Sep 17 16:24:23 2006 => MWAV Registered: TRUE.
Sun Sep 17 16:24:23 2006 => User Account: Go***n
Sun Sep 17 16:24:23 2006 => OS Type: Windows Workstation
Sun Sep 17 16:24:23 2006 => OS: Windows XP
Sun Sep 17 16:24:23 2006 => Ver: Service Pack 2 (Build 2600)
Sun Sep 17 16:24:23 2006 => Windows Root Folder: C:\WINDOWS
Sun Sep 17 16:24:23 2006 => Windows Sys32 Folder: C:\WINDOWS\system32
Sun Sep 17 16:24:23 2006 => Local Fixed Drives: c:\,d:\,e:\,i:\
Sun Sep 17 16:24:23 2006 => MWAV Mode: Scan and Clean files (for viruses, adware and spyware).
Sun Sep 17 16:24:23 2006 => Command Line Options Given: /s
Sun Sep 17 16:24:23 2006 => Database Path in KL Key: C:\PROGRA~1\eScan.
Sun Sep 17 16:24:36 2006 => Latest Date of files in KL key: 31 Jul 2006 10:50:38.
Sun Sep 17 16:24:36 2006 => Latest Date of files inside MWAV: 31 Jul 2006 10:50:38.
Sun Sep 17 16:24:36 2006 => eScan Install Directory: C:\PROGRA~1\eScan\
Sun Sep 17 16:24:36 2006 => MailScan Install Directory: C:\PROGRA~1\eScan\
Sun Sep 17 16:24:41 2006 => Setting Database Path to C:\DOKUME~1\Gordon\LOKALE~1\Temp\MWBASES
Sun Sep 17 16:24:46 2006 => AV Library Loaded...

Sun Sep 17 16:24:46 2006 => **********************************************************
Sun Sep 17 16:24:46 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility.
Sun Sep 17 16:24:46 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc.
Sun Sep 17 16:24:46 2006 =>
Sun Sep 17 16:24:46 2006 => Support: support@mwti.net
Sun Sep 17 16:24:46 2006 => Web: http://www.mwti.net
Sun Sep 17 16:24:46 2006 => **********************************************************
Sun Sep 17 16:24:46 2006 => Version 8.5.1 (C:\PROGRA~1\eScan\mwavscan.com)
Sun Sep 17 16:24:46 2006 => Log File: C:\PROGRA~1\eScan\LOG\MWAV.LOG
Sun Sep 17 16:24:46 2006 => User Account: Gordon
Sun Sep 17 16:24:46 2006 => Windows Root Folder: C:\WINDOWS
Sun Sep 17 16:24:46 2006 => Windows Sys32 Folder: C:\WINDOWS\system32
Sun Sep 17 16:24:46 2006 => OS: Windows XP
Sun Sep 17 16:24:46 2006 => Ver: Service Pack 2 (Build 2600)
Sun Sep 17 16:24:46 2006 => Database Path in KL Key: C:\PROGRA~1\eScan.
Sun Sep 17 16:24:46 2006 => Latest Date of files in KL key: 31 Jul 2006 10:50:38.
Sun Sep 17 16:24:47 2006 => Latest Date of files inside MWAV: 31 Jul 2006 10:50:38.

Sun Sep 17 16:24:47 2006 => Options Selected by User:
Sun Sep 17 16:24:47 2006 => Memory Check: Enabled
Sun Sep 17 16:24:47 2006 => Registry Check: Enabled
Sun Sep 17 16:24:47 2006 => StartUp Folder Check: Enabled
Sun Sep 17 16:24:47 2006 => System Folder Check: Enabled
Sun Sep 17 16:24:47 2006 => System Area Check: Disabled
Sun Sep 17 16:24:47 2006 => Services Check: Enabled
Sun Sep 17 16:24:47 2006 => Drive Check Option Disabled
Sun Sep 17 16:24:47 2006 => Folder Check: Disabled

Sun Sep 17 16:24:47 2006 => ***** Scanning Memory Files *****
Sun Sep 17 16:24:47 2006 => Scanning File C:\WINDOWS\System32\smss.exe
Sun Sep 17 16:24:47 2006 => Scanning File C:\WINDOWS\system32\ntdll.dll
Sun Sep 17 16:24:47 2006 => Scanning File C:\WINDOWS\SYSTEM32\CSRSS.EXE
Sun Sep 17 16:24:48 2006 => Scanning File C:\WINDOWS\system32\CSRSRV.dll
Sun Sep 17 16:24:48 2006 => Scanning File C:\WINDOWS\system32\basesrv.dll
Sun Sep 17 16:24:48 2006 => Scanning File C:\WINDOWS\system32\winsrv.dll
Sun Sep 17 16:24:48 2006 => Scanning File C:\WINDOWS\system32\GDI32.dll
Sun Sep 17 16:24:48 2006 => Scanning File C:\WINDOWS\system32\KERNEL32.dll
Sun Sep 17 16:24:48 2006 => Scanning File C:\WINDOWS\system32\USER32.dll
Sun Sep 17 16:24:49 2006 => Scanning File C:\WINDOWS\system32\sxs.dll
Sun Sep 17 16:24:49 2006 => Scanning File C:\WINDOWS\system32\ADVAPI32.dll
Sun Sep 17 16:24:49 2006 => Scanning File C:\WINDOWS\system32\RPCRT4.dll
Sun Sep 17 16:24:49 2006 => Scanning File C:\WINDOWS\SYSTEM32\WINLOGON.EXE
Sun Sep 17 16:24:50 2006 => Scanning File C:\WINDOWS\system32\AUTHZ.dll
Sun Sep 17 16:24:50 2006 => Scanning File C:\WINDOWS\system32\msvcrt.dll
Sun Sep 17 16:24:50 2006 => Scanning File C:\WINDOWS\system32\CRYPT32.dll
Sun Sep 17 16:24:50 2006 => Scanning File C:\WINDOWS\system32\MSASN1.dll
Sun Sep 17 16:24:50 2006 => Scanning File C:\WINDOWS\system32\NDdeApi.dll
Sun Sep 17 16:24:50 2006 => Scanning File C:\WINDOWS\system32\PROFMAP.dll
Sun Sep 17 16:24:50 2006 => Scanning File C:\WINDOWS\system32\NETAPI32.dll
Sun Sep 17 16:24:50 2006 => Scanning File C:\WINDOWS\system32\USERENV.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\PSAPI.DLL
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\REGAPI.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\Secur32.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\SETUPAPI.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\VERSION.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\WINSTA.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\WINTRUST.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\IMAGEHLP.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\WS2_32.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\WS2HELP.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\MSGINA.dll
Sun Sep 17 16:24:51 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll
Sun Sep 17 16:24:52 2006 => Scanning File C:\WINDOWS\system32\SHLWAPI.dll
Sun Sep 17 16:24:52 2006 => Scanning File C:\WINDOWS\system32\COMCTL32.dll
Sun Sep 17 16:24:52 2006 => Scanning File C:\WINDOWS\system32\ODBC32.dll
Sun Sep 17 16:24:52 2006 => Scanning File C:\WINDOWS\system32\comdlg32.dll
Sun Sep 17 16:24:53 2006 => Scanning File C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
Sun Sep 17 16:24:53 2006 => Scanning File C:\WINDOWS\system32\odbcint.dll
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\SHSVCS.dll
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\sfc.dll
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\sfc_os.dll
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\ole32.dll
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\Apphelp.dll
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\WINSCARD.DLL
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\WTSAPI32.dll
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\WINMM.dll
Sun Sep 17 16:24:54 2006 => Scanning File C:\WINDOWS\system32\uxtheme.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\cscdll.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\rsaenh.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\WINSPOOL.DRV
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\MPR.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\WgaLogon.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\OLEAUT32.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\NTMARTA.DLL
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\WLDAP32.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\SAMLIB.dll
Sun Sep 17 16:24:55 2006 => Scanning File C:\WINDOWS\system32\CLBCATQ.DLL
Sun Sep 17 16:24:56 2006 => Scanning File C:\WINDOWS\system32\COMRes.dll
Sun Sep 17 16:24:56 2006 => Scanning File C:\WINDOWS\system32\WINHTTP.dll
Sun Sep 17 16:24:56 2006 => Scanning File C:\WINDOWS\system32\msv1_0.dll
Sun Sep 17 16:24:56 2006 => Scanning File C:\WINDOWS\system32\iphlpapi.dll
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\cscui.dll
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\wdmaud.drv
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\msacm32.drv
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\MSACM32.dll
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\midimap.dll
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\MPRAPI.dll
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\ACTIVEDS.dll
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\adsldpc.dll
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\ATL.DLL
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\rtutils.dll
Sun Sep 17 16:24:57 2006 => Scanning File C:\WINDOWS\system32\xpsp2res.dll
Sun Sep 17 16:24:59 2006 => Scanning File C:\WINDOWS\system32\services.exe
Sun Sep 17 16:24:59 2006 => Scanning File C:\WINDOWS\system32\SCESRV.dll
Sun Sep 17 16:24:59 2006 => Scanning File C:\WINDOWS\system32\umpnpmgr.dll
Sun Sep 17 16:24:59 2006 => Scanning File C:\WINDOWS\system32\NCObjAPI.DLL
Sun Sep 17 16:24:59 2006 => Scanning File C:\WINDOWS\system32\MSVCP60.dll
Sun Sep 17 16:24:59 2006 => Scanning File C:\WINDOWS\system32\ShimEng.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\AppPatch\AcGenral.DLL
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\eventlog.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\LSASRV.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\NTDSAPI.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\DNSAPI.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\SAMSRV.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\cryptdll.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\msprivs.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\kerberos.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\netlogon.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\w32time.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\schannel.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\wdigest.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\scecli.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\ipsecsvc.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\oakley.DLL
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\WINIPSEC.DLL
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\pstorsvc.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\mwtsp.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\SPORDER.dll
Sun Sep 17 16:25:00 2006 => Scanning File C:\WINDOWS\system32\psbase.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\mswsock.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\hnetcfg.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\System32\wshtcpip.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\dssenh.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.exe
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\Ati2edxx.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:01 2006 => Scanning File c:\windows\system32\rpcss.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\logonui.exe
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\DUSER.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\MSIMG32.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\OLEACC.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\shgina.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\System32\wshisn.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\WSOCK32.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\System32\winrnr.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\wshbth.dll
Sun Sep 17 16:25:01 2006 => Scanning File C:\WINDOWS\system32\rasadhlp.dll
Sun Sep 17 16:25:01 2006 => Scanning File c:\windows\system32\dhcpcsvc.dll
Sun Sep 17 16:25:01 2006 => Scanning File c:\windows\system32\wzcsvc.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\WMI.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\ESENT.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\System32\rastls.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\system32\CRYPTUI.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\system32\WININET.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\System32\RASAPI32.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\System32\rasman.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\System32\TAPI32.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\System32\raschap.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\schedsvc.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\System32\MSIDLE.DLL
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\audiosrv.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\wkssvc.dll
Sun Sep 17 16:25:02 2006 => Scanning File C:\WINDOWS\system32\actxprxy.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\cryptsvc.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\certcli.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\es.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\srvsvc.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\netman.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\netshell.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\credui.dll
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\WZCSAPI.DLL
Sun Sep 17 16:25:02 2006 => Scanning File c:\windows\system32\trkwks.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\srsvc.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\POWRPROF.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\sens.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\seclogon.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\ipxsap.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\rtm.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\adptif.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\wuauserv.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\wbem\wmisvc.dll
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\system32\VSSAPI.DLL
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\system32\wuaueng.dll
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\System32\ADVPACK.dll
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\System32\SHFOLDER.dll
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\System32\Cabinet.dll
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\System32\mspatcha.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\browser.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\ipnathlp.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\wscsvc.dll
Sun Sep 17 16:25:03 2006 => Scanning File c:\windows\system32\msi.dll
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\system32\comsvcs.dll
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\system32\colbact.DLL
Sun Sep 17 16:25:03 2006 => Scanning File C:\WINDOWS\system32\MTXCLU.DLL
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\System32\CLUSAPI.DLL
Sun Sep 17 16:25:04 2006 => Scanning File c:\windows\system32\dnsrslvr.dll
Sun Sep 17 16:25:04 2006 => Scanning File c:\windows\system32\lmhsvc.dll
Sun Sep 17 16:25:04 2006 => Scanning File c:\windows\system32\webclnt.dll
Sun Sep 17 16:25:04 2006 => Scanning File c:\windows\system32\alrsvc.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\SPOOLSS.DLL
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\localspl.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\AdobePDF.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\MSVCR71.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Distillr\AdistRes.DEU
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\cnbjmon.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\mdimon.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\pjlmon.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\tcpmon.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\usbmon.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll
Sun Sep 17 16:25:04 2006 => Scanning File C:\WINDOWS\system32\win32spl.dll
Sun Sep 17 16:25:05 2006 => Scanning File C:\WINDOWS\system32\NETRAP.dll
Sun Sep 17 16:25:05 2006 => Scanning File C:\WINDOWS\system32\inetpp.dll
Sun Sep 17 16:25:05 2006 => Scanning File C:\WINDOWS\system32\wbem\wbemprox.dll
Sun Sep 17 16:25:05 2006 => Scanning File C:\WINDOWS\system32\wbem\wbemcomn.dll
Sun Sep 17 16:25:05 2006 => Scanning File C:\WINDOWS\Explorer.EXE
Sun Sep 17 16:25:06 2006 => Scanning File C:\WINDOWS\system32\BROWSEUI.dll
Sun Sep 17 16:25:06 2006 => Scanning File C:\WINDOWS\system32\SHDOCVW.dll
Sun Sep 17 16:25:06 2006 => Scanning File C:\WINDOWS\system32\themeui.dll
Sun Sep 17 16:25:06 2006 => Scanning File C:\WINDOWS\system32\urlmon.dll
Sun Sep 17 16:25:06 2006 => Scanning File C:\PROGRA~1\eScan\mwavscan.com
Sun Sep 17 16:25:07 2006 => Scanning File C:\PROGRA~1\eScan\msvlclnt.dll
Sun Sep 17 16:25:07 2006 => Scanning File C:\PROGRA~1\eScan\kavssdi.dll
Sun Sep 17 16:25:07 2006 => Scanning File C:\PROGRA~1\eScan\kavssd.dll
Sun Sep 17 16:25:07 2006 => Scanning File C:\PROGRA~1\eScan\kavssi.dll
Sun Sep 17 16:25:07 2006 => Scanning File C:\PROGRA~1\eScan\ipc.dll
Sun Sep 17 16:25:07 2006 => Scanning File C:\WINDOWS\system32\RICHED32.DLL
Sun Sep 17 16:25:07 2006 => Scanning File C:\WINDOWS\system32\RICHED20.dll
Sun Sep 17 16:25:08 2006 => Scanning File C:\WINDOWS\system32\VDMDBG.DLL
Sun Sep 17 16:25:08 2006 => Scanning File C:\WINDOWS\system32\ati2sgag.exe
Sun Sep 17 16:25:08 2006 => Scanning File C:\PROGRA~1\eScan\TRAYSSER.EXE
Sun Sep 17 16:25:08 2006 => Scanning File C:\PROGRA~1\eScan\avpm.exe
Sun Sep 17 16:25:08 2006 => Scanning File C:\PROGRA~1\eScan\avpMLoc.dll
Sun Sep 17 16:25:08 2006 => Scanning File C:\PROGRA~1\eScan\CCClient.dll
Sun Sep 17 16:25:08 2006 => Scanning File C:\PROGRA~1\eScan\AvpMSrv.dll
Sun Sep 17 16:25:08 2006 => Scanning File C:\PROGRA~1\eScan\prloader.dll
Sun Sep 17 16:25:08 2006 => Scanning File C:\PROGRA~1\eScan\prkernel.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\PrString.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\L_llio.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\avp_iont.dll
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\avlib.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\avp1.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\avpgs.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\avpMgr.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\buffer.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\deflate.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\DMAP.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\Explode.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\HashContainer.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\HCCOMPARE.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\ichecker.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\Inflate.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\MemModSc.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\MemScan.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\nfio.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\NTFSstream.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\passdmap.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\prseqio.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\PrUtil.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\SFDB.ppl
Sun Sep 17 16:25:09 2006 => Scanning File C:\PROGRA~1\eScan\stored.ppl
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\TempFile.ppl
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\Unreduce.ppl
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\UNSHRINK.ppl
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\UnStored.ppl
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\WinDiskIO.ppl
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\zcompare.ppl
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\zip.ppl
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\LIGHTS~1\LSSrvc.exe
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\LIGHTS~1\MSVCR71.dll
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\LIGHTS~1\MSVCP71.dll
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\TRAYICOS.EXE
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\eScan\SPORDER.dll
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\VS7DEBUG\MDM.EXE
Sun Sep 17 16:25:10 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\VS7DEBUG\1031\mdmui.dll
Sun Sep 17 16:25:11 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWASER.EXE
Sun Sep 17 16:25:11 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWAgent.exe
Sun Sep 17 16:25:11 2006 => Scanning File C:\PROGRA~1\ALCOHO~1\ALCOHO~1\StarWind\STARWI~1.EXE
Sun Sep 17 16:25:11 2006 => Scanning File c:\windows\system32\wiaservc.dll
Sun Sep 17 16:25:11 2006 => Scanning File c:\windows\system32\CFGMGR32.dll
Sun Sep 17 16:25:11 2006 => Scanning File c:\windows\system32\mscms.dll
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\wdfmgr.exe
Sun Sep 17 16:25:11 2006 => Scanning File C:\PROGRA~1\eScan\Download.exe
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\VSUTIL.dll
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\VSINIT.dll
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\zpy.dll
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\dbghelp.dll
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\VSUTIL_Loc0407.dll
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\lib\pyd\signedDll.pyd
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\lib\pyd\pyvsinit.pyd
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\lib\pyd\pyexpat.pyd
Sun Sep 17 16:25:11 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\lib\pyd\_socket.pyd
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsmondll.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\VSDATA.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\ssleay32.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\vsxml.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\fbl.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\zlcomm.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\ZLCommDB.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsdb.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\PROGRA~1\eScan\kavss.exe
Sun Sep 17 16:25:12 2006 => Scanning File C:\PROGRA~1\eScan\kavss.dll

Vielleicht reicht das ja schon?

Mordorn 17.09.2006 16:44
hier wäre Teil 2

Sun Sep 17 16:25:12 2006 => ***** Scanning Registry Files *****

Sun Sep 17 16:25:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
Sun Sep 17 16:25:12 2006 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***. Filesize 8295 kb > 2560 kb...
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Sun Sep 17 16:25:12 2006 => *** File C:\WINDOWS\system32\SHELL32.dll having Size Restriction ***. Filesize 8295 kb > 2560 kb...
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\SHELL32.dll [**]
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\stobject.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\WINDOWS\system32\upnpui.dll

Sun Sep 17 16:25:12 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad

Sun Sep 17 16:25:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Plugins\Extension

Sun Sep 17 16:25:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
Sun Sep 17 16:25:12 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Acrobat\ACROIE~1.DLL

Sun Sep 17 16:25:12 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects
Sun Sep 17 16:25:12 2006 => {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\ActiveX\ACROIE~1.DLL
Sun Sep 17 16:25:12 2006 => {53707962-6F74-2D53-2644-206D7942484F} = C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Sun Sep 17 16:25:12 2006 => Scanning File C:\PROGRA~1\SPYBOT~1\SDHelper.dll
Sun Sep 17 16:25:12 2006 => {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} = C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
Sun Sep 17 16:25:13 2006 => {AE7CD045-E861-484f-8273-0445EE161910} = C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\Acrobat\ACROIE~1.DLL

Sun Sep 17 16:25:13 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\browseui.dll

Sun Sep 17 16:25:13 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\mmsys.cpl
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\icmui.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\rshx32.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\docprop.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\themeui.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\deskadp.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\deskmon.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\dssec.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\SlayerXP.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\shscrap.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\diskcopy.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\ntlanui2.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\System32\icmui.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\icmui.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\printui.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\dskquoui.dll
Sun Sep 17 16:25:13 2006 => Scanning File C:\WINDOWS\system32\syncui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\hticons.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\fontext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\icmui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\rshx32.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\ntshrui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\deskperf.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\cryptext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\cryptext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\NETSHELL.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\wiashext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\remotepg.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\wshext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\System\OLEDB~1\oledb32.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\mstask.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\mstask.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\mstask.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\wuaucpl.cpl
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\twext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\twext.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shmedia.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:14 2006 => Scanning File C:\WINDOWS\system32\shdocvw.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\sendmail.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\sendmail.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\occache.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\webcheck.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\appwiz.cpl
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\shimgvw.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\netplwiz.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\netplwiz.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\netplwiz.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\netplwiz.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\zipfldr.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\cdfview.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\cdfview.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\cdfview.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\cdfview.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\cdfview.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\extmgr.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\msieftp.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\docprop2.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\dsquery.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\dsquery.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\dsquery.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\dsquery.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\dsuiext.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\dsuiext.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\mydocs.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\mydocs.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\mydocs.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\msagent\agentpsh.dll
Sun Sep 17 16:25:15 2006 => Scanning File C:\WINDOWS\system32\dfsshlex.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\WINDOWS\system32\photowiz.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\WINDOWS\System32\mmcshext.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\WINDOWS\system32\cabview.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\wabfind.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\WINDOWS\system32\wmpshell.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\Programme\WinRAR\rarext.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
Sun Sep 17 16:25:16 2006 => Scanning File C:\PROGRA~1\MICROS~2\OFFICE11\msohev.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll
Sun Sep 17 16:25:16 2006 => Scanning File C:\PROGRA~1\Adobe\ACROBA~1.0\ACROBA~1\CONTEX~1.DLL
Sun Sep 17 16:25:17 2006 => Scanning File C:\PROGRA~1\Corel\CORELG~1\DRAW\CDRVIE~1\CRLSHE~1.DLL
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\Audiodev.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\Audiodev.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\Programme\Real\RealPlayer\rpshell.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\mscoree.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\BpShellEx.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\browseui.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\upnpui.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\Programme\ICQLite\ICQLiteShell.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\dfshim.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\dfshim.dll

Sun Sep 17 16:25:17 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Sun Sep 17 16:25:17 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\Explorer.exe
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\userinit.exe
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\dskquota.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\iedkcs32.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\scecli.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\iedkcs32.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\scecli.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\System32\cscui.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\crypt32.dll
Sun Sep 17 16:25:17 2006 => Scanning File C:\WINDOWS\system32\cryptnet.dll
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\cscdll.dll
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\sclgntfy.dll
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\WlNotify.dll
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\WgaLogon.dll
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\wlnotify.dll

Mordorn 17.09.2006 16:46
Teil 3

Sun Sep 17 16:25:18 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Sun Sep 17 16:25:18 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

Sun Sep 17 16:25:18 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

Sun Sep 17 16:25:18 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AEDEBUG
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\drwtsn32.exe

Sun Sep 17 16:25:18 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\ntsd.exe

Sun Sep 17 16:25:18 2006 => Scanning HKCU\Control Panel\Desktop
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\sstext3d.scr

Sun Sep 17 16:25:18 2006 => Scanning HKLM\SYSTEM\CurrentControlSet\Control\WOW
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\ntvdm.exe
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\ntvdm.exe

Sun Sep 17 16:25:18 2006 => Scanning HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\inf\unregmp2.exe
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\shmgrate.exe
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\RunDLL32.exe
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\shmgrate.exe
Sun Sep 17 16:25:18 2006 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Sun Sep 17 16:25:18 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\WINDOWS\system32\rundll32.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\PROGRA~1\OUTLOO~1\setup50.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\WINDOWS\system32\regsvr32.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\WINDOWS\system32\ie4uinit.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\WINDOWS\system32\Rundll32.exe

Sun Sep 17 16:25:19 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Sun Sep 17 16:25:19 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run

Sun Sep 17 16:25:19 2006 => Scanning HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Run

Sun Sep 17 16:25:19 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Run

Sun Sep 17 16:25:19 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sun Sep 17 16:25:19 2006 => Scanning File C:\WINDOWS\system32\dumprep.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\Programme\Java\jre1.5.0_06\bin\jusched.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\PROGRA~1\ATITEC~1\ATI.ACE\cli.exe
Sun Sep 17 16:25:19 2006 => Scanning File C:\Programme\SyncroSoft\Pos\H2O\cledx.exe
Sun Sep 17 16:25:20 2006 => Scanning File C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
Sun Sep 17 16:25:20 2006 => Scanning File C:\Programme\SlySoft\CloneCD\CloneCDTray.exe
Sun Sep 17 16:25:20 2006 => Scanning File C:\Programme\eScan\LAUNCH.EXE
Sun Sep 17 16:25:21 2006 => Scanning File C:\PROGRA~1\eScan\TRAYICOS.EXE
Sun Sep 17 16:25:21 2006 => Scanning File C:\PROGRA~1\eScan\AVPMWrap.EXE

Sun Sep 17 16:25:21 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Sun Sep 17 16:25:21 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Sun Sep 17 16:25:21 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Sun Sep 17 16:25:21 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce

Sun Sep 17 16:25:21 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sun Sep 17 16:25:21 2006 => Scanning File C:\WINDOWS\system32\ctfmon.exe
Sun Sep 17 16:25:21 2006 => Scanning File C:\PROGRA~1\SPYBOT~1\TeaTimer.exe
Sun Sep 17 16:25:21 2006 => Scanning File C:\PROGRA~1\Ahead\NEROBA~1\NBJ.exe

Sun Sep 17 16:25:22 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Sun Sep 17 16:25:22 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx

Sun Sep 17 16:25:22 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

Sun Sep 17 16:25:22 2006 => Scanning HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Setup

Sun Sep 17 16:25:22 2006 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Sun Sep 17 16:25:22 2006 => Scanning File C:\WINDOWS\system32\CTFMON.EXE

Sun Sep 17 16:25:22 2006 => Scanning HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Sun Sep 17 16:25:22 2006 => Scanning HKCR\txtfile\shell\open\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\comfile\shell\open\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\exefile\shell\open\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\dllfile\shell\open\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\batfile\shell\open\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\piffile\shell\open\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\scrfile\shell\open\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\scrfile\shell\config\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\regfile\shell\open\command

Sun Sep 17 16:25:22 2006 => Scanning HKCR\htmlfile\shell\open\command
Sun Sep 17 16:25:22 2006 => Scanning File C:\PROGRA~1\INTERN~1\iexplore.exe

Sun Sep 17 16:25:22 2006 => Scanning HKCR\htafile\shell\open\command
Sun Sep 17 16:25:22 2006 => Scanning File C:\WINDOWS\system32\mshta.exe

Sun Sep 17 16:25:22 2006 => Scanning HKCR\jsfile\shell\open\command
Sun Sep 17 16:25:22 2006 => *** File C:\PROGRA~1\MACROM~1\DREAMW~2\DREAMW~1.EXE having Size Restriction ***. Filesize 9568 kb > 2560 kb...
Sun Sep 17 16:25:22 2006 => Scanning File C:\PROGRA~1\MACROM~1\DREAMW~2\DREAMW~1.EXE [**]

Sun Sep 17 16:25:22 2006 => Scanning HKCR\jsefile\shell\open\command
Sun Sep 17 16:25:22 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Sun Sep 17 16:25:22 2006 => Scanning HKCR\vbsfile\shell\open\command
Sun Sep 17 16:25:22 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Sun Sep 17 16:25:22 2006 => Scanning HKCR\vbefile\shell\open\command
Sun Sep 17 16:25:22 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Sun Sep 17 16:25:22 2006 => Scanning HKCR\wshfile\shell\open\command
Sun Sep 17 16:25:22 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Sun Sep 17 16:25:22 2006 => Scanning HKCR\wsffile\shell\open\command
Sun Sep 17 16:25:22 2006 => Scanning File C:\WINDOWS\System32\WScript.exe

Sun Sep 17 16:25:22 2006 => ***** Scanning StartUp Folders *****
ab hier hat er den Dokumente und Einstellungsordner gescannt.

Mordorn 17.09.2006 16:47
Teil 4
Sun Sep 17 16:25:31 2006 => ***** Scanning Service Files *****
Sun Sep 17 16:25:31 2006 => Scanning HKLM\SYSTEM\CurrentControlSet\Services
Sun Sep 17 16:25:31 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ACPI.sys
Sun Sep 17 16:25:31 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\ADOBES~1\Service\ADOBEL~1.EXE
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\drivers\aec.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\System32\drivers\afd.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\System32\alg.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\amdk7.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\Drivers\AnyDVD.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\asyncmac.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\atapi.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\Ati2evxx.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\ati2sgag.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\atmarpc.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\audstub.sys
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:32 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\BthEnum.sys
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\bthpan.sys
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\Drivers\BTHport.sys
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\Drivers\BTHUSB.sys
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\cdrom.sys
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\cisvc.exe
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\cledx.sys
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\clipsrv.exe
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\drivers\cmuda.sys
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\dllhost.exe
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\disk.sys
Sun Sep 17 16:25:33 2006 => Scanning File C:\WINDOWS\System32\dmadmin.exe
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\drivers\dmboot.sys
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\drivers\dmio.sys
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\drivers\dmload.sys
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\drivers\DMusic.sys
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\drivers\drmkaud.sys
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\Drivers\ElbyDelay.sys
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:34 2006 => Scanning File C:\PROGRA~1\eScan\TRAYSSER.EXE
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\services.exe
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:34 2006 => Scanning File C:\WINDOWS\system32\drivers\ews88wdm.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\fdc.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\flpydisk.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\fltMgr.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ftdisk.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\msgpc.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\Drivers\HTTP.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\imapi.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\imapi.exe
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ipinip.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ipnat.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ipsec.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\irenum.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\isapnp.sys
Sun Sep 17 16:25:35 2006 => Scanning File C:\PROGRA~1\eScan\avpm.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\KLIF.SYS
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\drivers\kmixer.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\LIGHTS~1\LSSrvc.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\VS7DEBUG\MDM.EXE
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\mnmsrvc.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\mouclass.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\msdtc.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\msiexec.exe
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\drivers\MSKSSRV.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\drivers\MSPCLOCK.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\drivers\MSPQM.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Sun Sep 17 16:25:36 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROW~1\Agent\MWASER.EXE
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\netbios.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\netbt.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\netdde.exe
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\netdde.exe
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\NMnt.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\NVENET.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nv_agp.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:37 2006 => Scanning File C:\PROGRA~1\GEMEIN~1\MICROS~1\SOURCE~1\OSE.EXE
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\parport.sys
Sun Sep 17 16:25:37 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\pci.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\pciide.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\services.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\raspptp.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\psched.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\ptilink.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\rasacd.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\raspti.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\rdbss.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\sessmgr.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\redbook.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\rfcomm.sys
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\locator.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\rsvp.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\WINDOWS\system32\lsass.exe
Sun Sep 17 16:25:38 2006 => Scanning File C:\PROGRA~1\SISOFT~1\SISOFT~1.SR3\RPCDAT~1.EXE
Sun Sep 17 16:25:38 2006 => Scanning File C:\PROGRA~1\SISOFT~1\SISOFT~1.SR3\RPCSAN~1.EXE
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\System32\SCardSvr.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\secdrv.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\serenum.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\serial.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\drivers\splitter.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\spoolsv.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\sr.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\srescan.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\srv.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\PROGRA~1\ALCOHO~1\ALCOHO~1\StarWind\STARWI~1.EXE
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\swenum.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\drivers\swmidi.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\dllhost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\drivers\sysaudio.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\smlogsvc.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\tcpip.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\termdd.sys
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\SYSTEM32\DRIVERS\KLIF.SYS
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\wdfmgr.exe
Sun Sep 17 16:25:39 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\update.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\ups.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\usbehci.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\usbhub.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\usbohci.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\usbscan.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\Vax347b.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\Drivers\Vax347s.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\drivers\vga.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\vsdatant.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\vssvc.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\DRIVERS\wanarp.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\drivers\wdmaud.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\wbem\wmiapsrv.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\drivers\ws2ifsl.sys
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\system32\svchost.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\svchost.exe
Sun Sep 17 16:25:40 2006 => Scanning File C:\WINDOWS\System32\svchost.exe

Sun Sep 17 16:25:40 2006 => Scanning HKLM\SYSTEM\CurrentControlSet\Services\VxD

Mellosun 17.09.2006 16:50
Wer bitte soll das durchsehen?

Gehe zu der Anleitung von eScan, lese Dir Punkt 5 genau durch...lade Dir die find.zip und poste dann das Ergebnis!

Mordorn 17.09.2006 16:59
Okay versuche ich dann mal

Mordorn 17.09.2006 17:09
So, bekomme nur diese TXT datei.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Infektionsmeldungen
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~
Dateien
~~~~~~~~~~~
~~~~ Infected files
~~~~~~~~~~~
~~~~~~~~~~~
~~~~ Offending files
~~~~~~~~~~~
~~~~~~~~~~~
~~~~ Tagged files
~~~~~~~~~~~
~~~~~~~~~~~
Ordner
~~~~~~~~~~~
~~~~~~~~~~~
Registry
~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sun Sep 17 16:28:13 2006 => Total Errors: 0
Sun Sep 17 16:28:13 2006 => Time Elapsed: 00:03:27
Sun Sep 17 16:28:13 2006 => Total Objects Scanned: 22241
Sun Sep 17 16:28:13 2006 => Virus Database Date: 7/31/2006
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Was mache ich falsch?

Mellosun 17.09.2006 17:14
Nochmal Scannen...vorallem die Virensignaturen Updaten...die sind ja älter als meine Oma!
Dann, nach dem Scan, die find.zip nochmals ausführen und das Ergebis Posten!

Mordorn 17.09.2006 17:18
wieder im abgesicherten Modus?

Mellosun 17.09.2006 17:24
Ja, so wie in der Beschreibung/Anleitung beschrieben!

Mordorn 17.09.2006 17:26
Das habe ich ja vorgestern gemacht.
Runtergeladen, update gemacht, im abgesicherten modus gescannt.
Gescannt hat er wie schon gesagt fast 2 Tage. Und die Log war dann riesig lang.


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:30 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131