hy, habe leider nicht viel ahnung von pc, irgendwie glaube ich habe ich mir leider durch die grosse hilfe meines bruders, der auch nur software gedownloadet hat um den pc zu tunen(er hatte allerdings keine ahnung was er machte). jetzt glaube ich dass ich mir ein wenig zuviel software eingefangen habe und auch den einen oder anderen trojaner ? habe hier mal einen hijack gemacht... vielen dank wenn sich einer der mehr davon versteht es ansieht
Logfile of HijackThis v1.99.1
Scan saved at 20:34:19, on 20.07.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ishost.exe
C:\WINDOWS\system32\issearch.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\ATI Technologies\ATI HydraVision\HydraDM.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\lxcecoms.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\isnotify.exe
C:\WINDOWS\system32\ismon.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Dokumente und Einstellungen\Gibbes\Desktop\HijackThis.exe
C:\PROGRA~1\HERMAL~1\unwise.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
F2 - REG:system.ini: Shell=explorer.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\System32\Userinit.exe
O2 - BHO: PimpFish Toolbar Opcode Handler - {29C88E20-4234-41B9-A9DB-982958C95FB1} - (no file)
O2 - BHO: (no name) - {75B1A646-CDCE-4C06-B52F-84F4463B4FC8} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: (no name) - {873eb32d-ae1a-4183-89bd-45a77f761be4} - C:\WINDOWS\system32\ixt3.dll
O3 - Toolbar: (no name) - {D593DE91-7B41-45C2-830E-E9A99AB142AA} - (no file)
O3 - Toolbar: (no name) - {15ADF205-4C54-4cfe-AC88-1EA0BA6D06A0} - (no file)
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Programme\ATI Technologies\ATI HydraVision\HydraDM.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [win32hp] C:\WINDOWS\system32\win32hlp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Select for PasteCards - C:\Programme\PimpFish\PASTECARDS.HTM
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: PimpFish Grab movies on this page - C:\Programme\PimpFish\GRABPAGEMOVIES.HTM
O8 - Extra context menu item: PimpFish Grab pictures on this page - C:\Programme\PimpFish\GRABPAGEPICS.HTM
O8 - Extra context menu item: PimpFish Grab pictures this page links to - C:\Programme\PimpFish\GRABPAGELINKS.HTM
O8 - Extra context menu item: PimpFish Grab Target File - C:\Programme\PimpFish\GRABLINK.HTM
O8 - Extra context menu item: PimpFish Grab This Picture - C:\Programme\PimpFish\GRABPIC.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: PD - {08DC6E34-9675-4C56-AE99-8049A6565926} - C:\Programme\Pop up Blocker\pd.exe (file missing)
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {18114357-E4BC-4030-8043-67F719178BF2} - C:\Programme\PicGrab\iestarter.exe (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: &PicGrab starten - {18114357-E4BC-4030-8043-67F719178BF2} - C:\Programme\PicGrab\iestarter.exe (file missing) (HKCU)
O9 - Extra button: PicGrab - {48A1A20C-6B40-48E3-9E26-1D902C2CA676} - C:\Programme\PicGrab\iestarter.exe (file missing) (HKCU)
O15 - Trusted Zone: http://*.billingnow.com
O15 - Trusted Zone: http://*.reliablestats.com
O15 - Trusted Zone: http://*.winnanny.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7596676322
O16 - DPF: {AF2368DC-6932-43BA-9FB9-E254863ABF30} (VacPro.lussemburgo_ver10) - http://advnt01.com/dialer/lussemburgo_ver10.CAB
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://de.errorsafe.com/pages/scanner_d ... tallDE.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZI ... b32846.cab
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.com/install/azesearch.cab
O16 - DPF: {FFFF0001-0001-101A-A3C9-08002B2F49FB} - http://download.energy-factor.com/plug/dscert_652.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{09C448BA-E573-4A51-8AC0-BCF17A7B42A4}: NameServer = 85.255.115.118,85.255.112.199
O17 - HKLM\System\CCS\Services\Tcpip\..\{3623567C-58D3-49BC-B1B6-398E9B39781A}: NameServer = 85.255.115.118,85.255.112.199
O17 - HKLM\System\CCS\Services\Tcpip\..\{3FC3548A-3B42-4839-B313-A2CDD9D02772}: NameServer = 85.255.115.118,85.255.112.199
O17 - HKLM\System\CCS\Services\Tcpip\..\{444523A7-E9A5-4E27-9D11-3F95D79670BB}: NameServer = 85.255.115.118 85.255.112.199
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC715BB7-CC0F-4E47-85E3-FFA9631B1471}: NameServer = 85.255.115.118,85.255.112.199
O17 - HKLM\System\CS2\Services\Tcpip\..\{09C448BA-E573-4A51-8AC0-BCF17A7B42A4}: NameServer = 85.255.115.118,85.255.112.199
O17 - HKLM\System\CS3\Services\Tcpip\..\{09C448BA-E573-4A51-8AC0-BCF17A7B42A4}: NameServer = 85.255.115.118,85.255.112.199
O17 - HKLM\System\CS4\Services\Tcpip\..\{09C448BA-E573-4A51-8AC0-BCF17A7B42A4}: NameServer = 85.255.115.118,85.255.112.199
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - AppInit_DLLs: C:\WINDOWS\system32\spoolsv.dll
O20 - Winlogon Notify: Group Policy - C:\WINDOWS\system32\irrsl5971.dll (file missing)
O20 - Winlogon Notify: winzdn32 - C:\WINDOWS\SYSTEM32\winzdn32.dll
O20 - Winlogon Notify: xptptt - xptptt.dll (file missing)
O21 - SSODL: cinnamomum - {93ac7c30-3878-4eaa-9420-7977285df5b1} - C:\WINDOWS\system32\pmnqguh.dll
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Unknown owner - C:\Programme\AntiVir PersonalEdition Classic\sched.exe (file missing)
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\System32\lxcecoms.exe
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (file missing)
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
Warum kostenlos registrieren?
Nur als registriertes Mitglied hast Du vollen Zugriff auf alle Funktionen unserer Website. So kannst Du eigene Fragen stellen und hast die volle Übersicht über neue interessante Themen im Forum.
Jetzt kostenlos registrieren.
Login
pc im ar***
31 Beiträge • Seite 1 von 3 • 1, 2, 3
von Nikita am 21.07.2006, 10:48
1.
Look2Me-Destroyer V1.0.5 anwenden (poste den report)
http://virus-protect.org/l2mfix.html
2.
stelle den CleanUp genauso ein, wie hier angegeben:
http://virus-protect.org/cleanup.html
3.
smitfraud.fix anwenden (Option 1 und 2 - lasse auch die registry mitreinigen) - poste die reporte
http://virus-protect.org/artikel/tools/ ... utfix.html
4.
Kopiere diese 4 Textdateien ab . (rechtsklick mit der Maus -> den Text markieren -> kopieren -> einfügen) Sie sind nach Datum geordnet. (kopiere nur die letzten 3 Monate ab)
http://virus-protect.org/datfindbat.html
5.
http://www.f-secure.com/blacklight/
starte die Datei, nimm die Lizenzbestimmung an und waehle scan, wenn es mit dem Scan fertig ist, druecke next und danach close. Nun befindet sich im selben Ordner von Blacklight eine FSB*.TXT Datei - poste den text
---------------------------------------------------------------------------------
öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten
Look2Me-Destroyer V1.0.5 anwenden (poste den report)
http://virus-protect.org/l2mfix.html
2.
stelle den CleanUp genauso ein, wie hier angegeben:
http://virus-protect.org/cleanup.html
3.
smitfraud.fix anwenden (Option 1 und 2 - lasse auch die registry mitreinigen) - poste die reporte
http://virus-protect.org/artikel/tools/ ... utfix.html
4.
Kopiere diese 4 Textdateien ab . (rechtsklick mit der Maus -> den Text markieren -> kopieren -> einfügen) Sie sind nach Datum geordnet. (kopiere nur die letzten 3 Monate ab)
http://virus-protect.org/datfindbat.html
5.
http://www.f-secure.com/blacklight/
starte die Datei, nimm die Lizenzbestimmung an und waehle scan, wenn es mit dem Scan fertig ist, druecke next und danach close. Nun befindet sich im selben Ordner von Blacklight eine FSB*.TXT Datei - poste den text
---------------------------------------------------------------------------------
öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
O2 - BHO: PimpFish Toolbar Opcode Handler - {29C88E20-4234-41B9-A9DB-982958C95FB1} - (no file)
O2 - BHO: (no name) - {75B1A646-CDCE-4C06-B52F-84F4463B4FC8} - (no file)
O2 - BHO: (no name) - {873eb32d-ae1a-4183-89bd-45a77f761be4} - C:\WINDOWS\system32\ixt3.dll
O3 - Toolbar: (no name) - {D593DE91-7B41-45C2-830E-E9A99AB142AA} - (no file)
O3 - Toolbar: (no name) - {15ADF205-4C54-4cfe-AC88-1EA0BA6D06A0} - (no file)
O4 - HKLM\..\Run: [win32hp] C:\WINDOWS\system32\win32hlp.exe
O15 - Trusted Zone: http://*.billingnow.com
O15 - Trusted Zone: http://*.reliablestats.com
O15 - Trusted Zone: http://*.winnanny.com
O16 - DPF: {AF2368DC-6932-43BA-9FB9-E254863ABF30} (VacPro.lussemburgo_ver10) - http://advnt01.com/dialer/lussemburgo_ver10.CAB
O16 - DPF: {B64F4A7C-97C9-11DA-8BDE-F66BAD1E3F3A} - http://de.errorsafe.com/pages/scanner_d ... tallDE.cab
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - http://www.azebar.com/install/azesearch.cab
O16 - DPF: {FFFF0001-0001-101A-A3C9-08002B2F49FB} - http://download.energy-factor.com/plug/dscert_652.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{09C448BA-E573-4A51-8AC0-BCF17A7B42A4}: NameServer = 85.255.115.118,85.255.112.199
O17 - HKLM\System\CCS\Services\Tcpip\..\{3623567C-58D3-49BC-B1B6-398E9B39781A}: NameServer = 85.255.115.118,85.255.112.199
O17 - HKLM\System\CCS\Services\Tcpip\..\{3FC3548A-3B42-4839-B313-A2CDD9D02772}: NameServer = 85.255.115.118,85.255.112.199
O17 - HKLM\System\CCS\Services\Tcpip\..\{444523A7-E9A5-4E27-9D11-3F95D79670BB}: NameServer = 85.255.115.118 85.255.112.199
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC715BB7-CC0F-4E47-85E3-FFA9631B1471}: NameServer = 85.255.115.118,85.255.112.199
O17 - HKLM\System\CS2\Services\Tcpip\..\{09C448BA-E573-4A51-8AC0-BCF17A7B42A4}: NameServer = 85.255.115.118,85.255.112.199
O17 - HKLM\System\CS3\Services\Tcpip\..\{09C448BA-E573-4A51-8AC0-BCF17A7B42A4}: NameServer = 85.255.115.118,85.255.112.199
O17 - HKLM\System\CS4\Services\Tcpip\..\{09C448BA-E573-4A51-8AC0-BCF17A7B42A4}: NameServer = 85.255.115.118,85.255.112.199
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - AppInit_DLLs: C:\WINDOWS\system32\spoolsv.dll
O20 - Winlogon Notify: Group Policy - C:\WINDOWS\system32\irrsl5971.dll (file missing)
O20 - Winlogon Notify: winzdn32 - C:\WINDOWS\SYSTEM32\winzdn32.dll
O20 - Winlogon Notify: xptptt - xptptt.dll (file missing)
O21 - SSODL: cinnamomum - {93ac7c30-3878-4eaa-9420-7977285df5b1} - C:\WINDOWS\system32\pmnqguh.dll
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
reports
von Trone am 21.07.2006, 13:35
vielen dank, hier dann also wenn ich alles richtig gemacht habe die reports ;
Look2Me-Destroyer V1.0.12
Scanning for infected files.....
Scan started at 21.07.2006 13:00:04
Infected! C:\WINDOWS\system32\irrsl5971.dll
Attempting to delete infected files...
Making registry repairs.
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Group Policy
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{E0363D84-A94C-48E7-9829-E17CC20A9648}"
HKCR\Clsid\{E0363D84-A94C-48E7-9829-E17CC20A9648}
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
Restoring SeDebugPrivilege for Administratoren - Succeeded
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: BC8E-3E90
Verzeichnis von C:\WINDOWS\system32
21.07.2006 13:05 14.045.301 kspydoc.log
21.07.2006 13:05 0 Sweeper.cfg
20.07.2006 22:33 34.308 BASSMOD.dll
20.07.2006 19:53 22 ati64hlp.stb
20.07.2006 19:46 2.262 wpa.dbl
20.07.2006 19:43 2.953 CONFIG.NT
20.07.2006 19:26 2 wnscpsv.exe
20.07.2006 19:24 18.944 winzdn32.dll
20.07.2006 13:42 10.240 win32hlp.exe
20.07.2006 13:42 284 ps.a3d
19.07.2006 12:41 395.336 perfh009.dat
19.07.2006 12:41 59.576 perfc009.dat
19.07.2006 12:41 408.948 perfh007.dat
19.07.2006 12:41 71.796 perfc007.dat
19.07.2006 12:41 908.362 PerfStringBackup.INI
13.07.2006 23:56 94 tbd_G1ssg.ini
13.07.2006 20:17 278.528 pncrt.dll
09.07.2006 22:04 6.961 jupdate-1.5.0_07-b03.log
09.07.2006 21:56 1.406 OceanPoker.ico
07.07.2006 03:21 6.757.792 MRT.exe
29.06.2006 16:14 2.957 jupdate-1.5.0_01-b08.log
22.06.2006 17:52 81.920 cmd.dll
13.06.2006 20:24 43.520 CmdLineExt03.dll
01.06.2006 20:47 163.840 jgdw400.dll
01.06.2006 20:47 27.648 jgpl400.dll
29.05.2006 17:30 1.494.016 shdocvw.dll
19.05.2006 17:09 3.073.536 mshtml.dll
19.05.2006 15:09 95.744 iphlpapi.dll
19.05.2006 15:09 112.128 dhcpcsvc.dll
19.05.2006 15:09 148.480 dnsapi.dll
18.05.2006 07:36 450.560 jscript.dll
17.05.2006 11:23 579.888 LegitCheckControl.dll
16.05.2006 22:23 339.968 pxwave.dll
16.05.2006 22:23 28.672 vxblock.dll
16.05.2006 22:23 450.560 pxdrv.dll
16.05.2006 22:23 430.080 px.dll
16.05.2006 22:23 61.440 pxhpinst.exe
16.05.2006 22:23 56.832 pxinsa64.exe
16.05.2006 22:23 176.128 pxmas.dll
16.05.2006 22:23 1.257.472 pxsfs.dll
16.05.2006 22:23 57.344 pxcpya64.exe
15.05.2006 21:14 93.480 FNTCACHE.DAT
14.05.2006 15:49 269 spupdwxp.log
14.05.2006 10:48 181.248 rasmans.dll
11.05.2006 10:57 27.136 xpsp3res.dll
10.05.2006 07:23 664.064 wininet.dll
10.05.2006 07:22 615.936 urlmon.dll
10.05.2006 07:22 474.624 shlwapi.dll
10.05.2006 07:22 532.480 mstime.dll
10.05.2006 07:22 39.424 pngfilt.dll
10.05.2006 07:22 448.512 mshtmled.dll
10.05.2006 07:22 146.432 msrating.dll
10.05.2006 07:22 96.768 inseng.dll
10.05.2006 07:22 16.384 jsproxy.dll
10.05.2006 07:22 251.392 iepeers.dll
10.05.2006 07:22 205.312 dxtrans.dll
10.05.2006 07:22 1.056.256 danim.dll
10.05.2006 07:22 55.808 extmgr.dll
10.05.2006 07:22 357.888 dxtmsft.dll
10.05.2006 07:22 1.022.976 browseui.dll
10.05.2006 07:22 152.064 cdfview.dll
03.05.2006 02:56 127.078 javaws.exe
03.05.2006 02:56 49.265 jpicpl32.cpl
03.05.2006 01:19 53.346 javaw.exe
03.05.2006 01:19 49.248 java.exe
29.04.2006 14:20 15.355 winbrume.dat
29.04.2006 14:20 0 ImaS3r
29.04.2006 06:07 5.533.696 wmp.dll
03.04.2006 19:34 1.298 lvcoinst.log
22.03.2006 05:56 257.536 ati2dvag.dll
22.03.2006 05:50 114.688 atipdlxx.dll
22.03.2006 05:50 77.824 Oemdspif.dll
22.03.2006 05:50 26.112 Ati2mdxx.exe
22.03.2006 05:50 41.984 ati2edxx.dll
22.03.2006 05:50 61.440 ati2evxx.dll
22.03.2006 05:48 405.504 ati2evxx.exe
22.03.2006 05:48 53.248 ATIDDC.DLL
22.03.2006 05:42 307.200 atiiiexx.dll
22.03.2006 05:40 2.662.688 ati3duag.dll
22.03.2006 05:33 1.130.752 ativvaxx.dll
22.03.2006 05:33 6.684.672 atioglx1.dll
22.03.2006 05:24 5.025.792 atioglxx.dll
22.03.2006 05:18 151.552 atikvmag.dll
22.03.2006 05:17 17.408 atitvo32.dll
22.03.2006 05:12 258.048 ati2cqag.dll
22.03.2006 04:38 286.720 ATIDEMGR.dll
17.03.2006 15:37 520.192 ati2sgag.exe
17.03.2006 11:11 679.424 inetcomm.dll
17.03.2006 06:03 8.493.056 shell32.dll
17.03.2006 02:38 28.672 verclsid.exe
16.03.2006 19:06 38.673 tempt3.exe
16.03.2006 03:24 58.952 MsgPlusLoader.dll
09.03.2006 23:00 112 ahdp.dat
09.03.2006 22:51 11.043 azebar.xml
01.03.2006 21:43 91.136 mtxoci.dll
01.03.2006 21:43 11.776 xolehlp.dll
01.03.2006 21:43 426.496 msdtcprx.dll
01.03.2006 21:43 161.280 msdtcuiu.dll
01.03.2006 21:43 956.416 msdtctm.dll
01.03.2006 21:43 66.560 mtxclu.dll
26.02.2006 18:37 262 $winnt$.inf
26.02.2006 18:31 25.065 wmpscheme.xml
26.02.2006 18:31 23.392 nscompat.tlb
26.02.2006 18:31 16.832 amcompat.tlb
26.02.2006 18:29 488 WindowsLogon.manifest
26.02.2006 18:29 488 logonui.exe.manifest
26.02.2006 18:29 749 cdplayer.exe.manifest
26.02.2006 18:29 749 sapi.cpl.manifest
26.02.2006 18:29 749 wuaucpl.cpl.manifest
26.02.2006 18:29 749 ncpa.cpl.manifest
26.02.2006 18:29 749 nwc.cpl.manifest
26.02.2006 18:28 22.880 emptyregdb.dat
22.02.2006 22:28 6.919 jupdate-1.5.0_06-b05.log
17.02.2006 01:31 2 stera.job
13.02.2006 22:29 121.995 atiicdxx.dat
13.02.2006 11:24 394 Score.txt
10.02.2006 15:56 3.120 wdh7231.ocx
10.02.2006 14:48 3.534 jupdate-1.5.0_03-b07.log
08.02.2006 19:05 117.749 sfg.lib
08.02.2006 19:05 233.472 sfg_54e4.dll
05.02.2006 14:09 222 OAMLogFile.txt
03.02.2006 16:46 32.768 chipxum.dll
31.01.2006 15:35 91.904 S32EVNT1.DLL
26.01.2006 03:48 6.005 atifglpf.xml
24.01.2006 19:34 118.784 sirenacm.dll
24.01.2006 15:13 34.064 lhacm.acm
23.01.2006 10:13 217.088 SPTED.dll
18.01.2006 14:05 57.344 avsda.dll
Look2Me-Destroyer V1.0.12
Scanning for infected files.....
Scan started at 21.07.2006 13:00:04
Infected! C:\WINDOWS\system32\irrsl5971.dll
Attempting to delete infected files...
Making registry repairs.
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Group Policy
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{E0363D84-A94C-48E7-9829-E17CC20A9648}"
HKCR\Clsid\{E0363D84-A94C-48E7-9829-E17CC20A9648}
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
Restoring SeDebugPrivilege for Administratoren - Succeeded
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: BC8E-3E90
Verzeichnis von C:\WINDOWS\system32
21.07.2006 13:05 14.045.301 kspydoc.log
21.07.2006 13:05 0 Sweeper.cfg
20.07.2006 22:33 34.308 BASSMOD.dll
20.07.2006 19:53 22 ati64hlp.stb
20.07.2006 19:46 2.262 wpa.dbl
20.07.2006 19:43 2.953 CONFIG.NT
20.07.2006 19:26 2 wnscpsv.exe
20.07.2006 19:24 18.944 winzdn32.dll
20.07.2006 13:42 10.240 win32hlp.exe
20.07.2006 13:42 284 ps.a3d
19.07.2006 12:41 395.336 perfh009.dat
19.07.2006 12:41 59.576 perfc009.dat
19.07.2006 12:41 408.948 perfh007.dat
19.07.2006 12:41 71.796 perfc007.dat
19.07.2006 12:41 908.362 PerfStringBackup.INI
13.07.2006 23:56 94 tbd_G1ssg.ini
13.07.2006 20:17 278.528 pncrt.dll
09.07.2006 22:04 6.961 jupdate-1.5.0_07-b03.log
09.07.2006 21:56 1.406 OceanPoker.ico
07.07.2006 03:21 6.757.792 MRT.exe
29.06.2006 16:14 2.957 jupdate-1.5.0_01-b08.log
22.06.2006 17:52 81.920 cmd.dll
13.06.2006 20:24 43.520 CmdLineExt03.dll
01.06.2006 20:47 163.840 jgdw400.dll
01.06.2006 20:47 27.648 jgpl400.dll
29.05.2006 17:30 1.494.016 shdocvw.dll
19.05.2006 17:09 3.073.536 mshtml.dll
19.05.2006 15:09 95.744 iphlpapi.dll
19.05.2006 15:09 112.128 dhcpcsvc.dll
19.05.2006 15:09 148.480 dnsapi.dll
18.05.2006 07:36 450.560 jscript.dll
17.05.2006 11:23 579.888 LegitCheckControl.dll
16.05.2006 22:23 339.968 pxwave.dll
16.05.2006 22:23 28.672 vxblock.dll
16.05.2006 22:23 450.560 pxdrv.dll
16.05.2006 22:23 430.080 px.dll
16.05.2006 22:23 61.440 pxhpinst.exe
16.05.2006 22:23 56.832 pxinsa64.exe
16.05.2006 22:23 176.128 pxmas.dll
16.05.2006 22:23 1.257.472 pxsfs.dll
16.05.2006 22:23 57.344 pxcpya64.exe
15.05.2006 21:14 93.480 FNTCACHE.DAT
14.05.2006 15:49 269 spupdwxp.log
14.05.2006 10:48 181.248 rasmans.dll
11.05.2006 10:57 27.136 xpsp3res.dll
10.05.2006 07:23 664.064 wininet.dll
10.05.2006 07:22 615.936 urlmon.dll
10.05.2006 07:22 474.624 shlwapi.dll
10.05.2006 07:22 532.480 mstime.dll
10.05.2006 07:22 39.424 pngfilt.dll
10.05.2006 07:22 448.512 mshtmled.dll
10.05.2006 07:22 146.432 msrating.dll
10.05.2006 07:22 96.768 inseng.dll
10.05.2006 07:22 16.384 jsproxy.dll
10.05.2006 07:22 251.392 iepeers.dll
10.05.2006 07:22 205.312 dxtrans.dll
10.05.2006 07:22 1.056.256 danim.dll
10.05.2006 07:22 55.808 extmgr.dll
10.05.2006 07:22 357.888 dxtmsft.dll
10.05.2006 07:22 1.022.976 browseui.dll
10.05.2006 07:22 152.064 cdfview.dll
03.05.2006 02:56 127.078 javaws.exe
03.05.2006 02:56 49.265 jpicpl32.cpl
03.05.2006 01:19 53.346 javaw.exe
03.05.2006 01:19 49.248 java.exe
29.04.2006 14:20 15.355 winbrume.dat
29.04.2006 14:20 0 ImaS3r
29.04.2006 06:07 5.533.696 wmp.dll
03.04.2006 19:34 1.298 lvcoinst.log
22.03.2006 05:56 257.536 ati2dvag.dll
22.03.2006 05:50 114.688 atipdlxx.dll
22.03.2006 05:50 77.824 Oemdspif.dll
22.03.2006 05:50 26.112 Ati2mdxx.exe
22.03.2006 05:50 41.984 ati2edxx.dll
22.03.2006 05:50 61.440 ati2evxx.dll
22.03.2006 05:48 405.504 ati2evxx.exe
22.03.2006 05:48 53.248 ATIDDC.DLL
22.03.2006 05:42 307.200 atiiiexx.dll
22.03.2006 05:40 2.662.688 ati3duag.dll
22.03.2006 05:33 1.130.752 ativvaxx.dll
22.03.2006 05:33 6.684.672 atioglx1.dll
22.03.2006 05:24 5.025.792 atioglxx.dll
22.03.2006 05:18 151.552 atikvmag.dll
22.03.2006 05:17 17.408 atitvo32.dll
22.03.2006 05:12 258.048 ati2cqag.dll
22.03.2006 04:38 286.720 ATIDEMGR.dll
17.03.2006 15:37 520.192 ati2sgag.exe
17.03.2006 11:11 679.424 inetcomm.dll
17.03.2006 06:03 8.493.056 shell32.dll
17.03.2006 02:38 28.672 verclsid.exe
16.03.2006 19:06 38.673 tempt3.exe
16.03.2006 03:24 58.952 MsgPlusLoader.dll
09.03.2006 23:00 112 ahdp.dat
09.03.2006 22:51 11.043 azebar.xml
01.03.2006 21:43 91.136 mtxoci.dll
01.03.2006 21:43 11.776 xolehlp.dll
01.03.2006 21:43 426.496 msdtcprx.dll
01.03.2006 21:43 161.280 msdtcuiu.dll
01.03.2006 21:43 956.416 msdtctm.dll
01.03.2006 21:43 66.560 mtxclu.dll
26.02.2006 18:37 262 $winnt$.inf
26.02.2006 18:31 25.065 wmpscheme.xml
26.02.2006 18:31 23.392 nscompat.tlb
26.02.2006 18:31 16.832 amcompat.tlb
26.02.2006 18:29 488 WindowsLogon.manifest
26.02.2006 18:29 488 logonui.exe.manifest
26.02.2006 18:29 749 cdplayer.exe.manifest
26.02.2006 18:29 749 sapi.cpl.manifest
26.02.2006 18:29 749 wuaucpl.cpl.manifest
26.02.2006 18:29 749 ncpa.cpl.manifest
26.02.2006 18:29 749 nwc.cpl.manifest
26.02.2006 18:28 22.880 emptyregdb.dat
22.02.2006 22:28 6.919 jupdate-1.5.0_06-b05.log
17.02.2006 01:31 2 stera.job
13.02.2006 22:29 121.995 atiicdxx.dat
13.02.2006 11:24 394 Score.txt
10.02.2006 15:56 3.120 wdh7231.ocx
10.02.2006 14:48 3.534 jupdate-1.5.0_03-b07.log
08.02.2006 19:05 117.749 sfg.lib
08.02.2006 19:05 233.472 sfg_54e4.dll
05.02.2006 14:09 222 OAMLogFile.txt
03.02.2006 16:46 32.768 chipxum.dll
31.01.2006 15:35 91.904 S32EVNT1.DLL
26.01.2006 03:48 6.005 atifglpf.xml
24.01.2006 19:34 118.784 sirenacm.dll
24.01.2006 15:13 34.064 lhacm.acm
23.01.2006 10:13 217.088 SPTED.dll
18.01.2006 14:05 57.344 avsda.dll
- Trone
- Beiträge: 175
- Registriert: 03.02.2006, 17:10
- Wohnort: grevenmacher
von Nikita am 21.07.2006, 13:37
man kann es auch uebertreiben...ich sprach nicht von 5 Jahren !!!!!!!!!!
poste die anderen drei Logs bis maerz 2006.
poste die anderen drei Logs bis maerz 2006.
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
sorry
von Trone am 21.07.2006, 14:47
sorry, hier dann ab 1. maerz 2006...
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: BC8E-3E90
Verzeichnis von C:\WINDOWS\system32
21.07.2006 13:05 14.045.301 kspydoc.log
21.07.2006 13:05 0 Sweeper.cfg
20.07.2006 22:33 34.308 BASSMOD.dll
20.07.2006 19:53 22 ati64hlp.stb
20.07.2006 19:46 2.262 wpa.dbl
20.07.2006 19:43 2.953 CONFIG.NT
20.07.2006 19:26 2 wnscpsv.exe
20.07.2006 19:24 18.944 winzdn32.dll
20.07.2006 13:42 10.240 win32hlp.exe
20.07.2006 13:42 284 ps.a3d
19.07.2006 12:41 395.336 perfh009.dat
19.07.2006 12:41 59.576 perfc009.dat
19.07.2006 12:41 408.948 perfh007.dat
19.07.2006 12:41 71.796 perfc007.dat
19.07.2006 12:41 908.362 PerfStringBackup.INI
13.07.2006 23:56 94 tbd_G1ssg.ini
13.07.2006 20:17 278.528 pncrt.dll
09.07.2006 22:04 6.961 jupdate-1.5.0_07-b03.log
09.07.2006 21:56 1.406 OceanPoker.ico
07.07.2006 03:21 6.757.792 MRT.exe
29.06.2006 16:14 2.957 jupdate-1.5.0_01-b08.log
22.06.2006 17:52 81.920 cmd.dll
13.06.2006 20:24 43.520 CmdLineExt03.dll
01.06.2006 20:47 163.840 jgdw400.dll
01.06.2006 20:47 27.648 jgpl400.dll
29.05.2006 17:30 1.494.016 shdocvw.dll
19.05.2006 17:09 3.073.536 mshtml.dll
19.05.2006 15:09 95.744 iphlpapi.dll
19.05.2006 15:09 112.128 dhcpcsvc.dll
19.05.2006 15:09 148.480 dnsapi.dll
18.05.2006 07:36 450.560 jscript.dll
17.05.2006 11:23 579.888 LegitCheckControl.dll
16.05.2006 22:23 339.968 pxwave.dll
16.05.2006 22:23 28.672 vxblock.dll
16.05.2006 22:23 450.560 pxdrv.dll
16.05.2006 22:23 430.080 px.dll
16.05.2006 22:23 61.440 pxhpinst.exe
16.05.2006 22:23 56.832 pxinsa64.exe
16.05.2006 22:23 176.128 pxmas.dll
16.05.2006 22:23 1.257.472 pxsfs.dll
16.05.2006 22:23 57.344 pxcpya64.exe
15.05.2006 21:14 93.480 FNTCACHE.DAT
14.05.2006 15:49 269 spupdwxp.log
14.05.2006 10:48 181.248 rasmans.dll
11.05.2006 10:57 27.136 xpsp3res.dll
10.05.2006 07:23 664.064 wininet.dll
10.05.2006 07:22 615.936 urlmon.dll
10.05.2006 07:22 474.624 shlwapi.dll
10.05.2006 07:22 532.480 mstime.dll
10.05.2006 07:22 39.424 pngfilt.dll
10.05.2006 07:22 448.512 mshtmled.dll
10.05.2006 07:22 146.432 msrating.dll
10.05.2006 07:22 96.768 inseng.dll
10.05.2006 07:22 16.384 jsproxy.dll
10.05.2006 07:22 251.392 iepeers.dll
10.05.2006 07:22 205.312 dxtrans.dll
10.05.2006 07:22 1.056.256 danim.dll
10.05.2006 07:22 55.808 extmgr.dll
10.05.2006 07:22 357.888 dxtmsft.dll
10.05.2006 07:22 1.022.976 browseui.dll
10.05.2006 07:22 152.064 cdfview.dll
03.05.2006 02:56 127.078 javaws.exe
03.05.2006 02:56 49.265 jpicpl32.cpl
03.05.2006 01:19 53.346 javaw.exe
03.05.2006 01:19 49.248 java.exe
29.04.2006 14:20 15.355 winbrume.dat
29.04.2006 14:20 0 ImaS3r
29.04.2006 06:07 5.533.696 wmp.dll
03.04.2006 19:34 1.298 lvcoinst.log
22.03.2006 05:56 257.536 ati2dvag.dll
22.03.2006 05:50 114.688 atipdlxx.dll
22.03.2006 05:50 77.824 Oemdspif.dll
22.03.2006 05:50 26.112 Ati2mdxx.exe
22.03.2006 05:50 41.984 ati2edxx.dll
22.03.2006 05:50 61.440 ati2evxx.dll
22.03.2006 05:48 405.504 ati2evxx.exe
22.03.2006 05:48 53.248 ATIDDC.DLL
22.03.2006 05:42 307.200 atiiiexx.dll
22.03.2006 05:40 2.662.688 ati3duag.dll
22.03.2006 05:33 1.130.752 ativvaxx.dll
22.03.2006 05:33 6.684.672 atioglx1.dll
22.03.2006 05:24 5.025.792 atioglxx.dll
22.03.2006 05:18 151.552 atikvmag.dll
22.03.2006 05:17 17.408 atitvo32.dll
22.03.2006 05:12 258.048 ati2cqag.dll
22.03.2006 04:38 286.720 ATIDEMGR.dll
17.03.2006 15:37 520.192 ati2sgag.exe
17.03.2006 11:11 679.424 inetcomm.dll
17.03.2006 06:03 8.493.056 shell32.dll
17.03.2006 02:38 28.672 verclsid.exe
16.03.2006 19:06 38.673 tempt3.exe
16.03.2006 03:24 58.952 MsgPlusLoader.dll
09.03.2006 23:00 112 ahdp.dat
09.03.2006 22:51 11.043 azebar.xml
01.03.2006 21:43 91.136 mtxoci.dll
01.03.2006 21:43 11.776 xolehlp.dll
01.03.2006 21:43 426.496 msdtcprx.dll
01.03.2006 21:43 161.280 msdtcuiu.dll
01.03.2006 21:43 956.416 msdtctm.dll
01.03.2006 21:43 66.560 mtxclu.dll
2210 Datei(en) 432.503.115 Bytes
0 Verzeichnis(se), 43.735.711.744 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: BC8E-3E90
Verzeichnis von C:\WINDOWS\system32
21.07.2006 13:05 14.045.301 kspydoc.log
21.07.2006 13:05 0 Sweeper.cfg
20.07.2006 22:33 34.308 BASSMOD.dll
20.07.2006 19:53 22 ati64hlp.stb
20.07.2006 19:46 2.262 wpa.dbl
20.07.2006 19:43 2.953 CONFIG.NT
20.07.2006 19:26 2 wnscpsv.exe
20.07.2006 19:24 18.944 winzdn32.dll
20.07.2006 13:42 10.240 win32hlp.exe
20.07.2006 13:42 284 ps.a3d
19.07.2006 12:41 395.336 perfh009.dat
19.07.2006 12:41 59.576 perfc009.dat
19.07.2006 12:41 408.948 perfh007.dat
19.07.2006 12:41 71.796 perfc007.dat
19.07.2006 12:41 908.362 PerfStringBackup.INI
13.07.2006 23:56 94 tbd_G1ssg.ini
13.07.2006 20:17 278.528 pncrt.dll
09.07.2006 22:04 6.961 jupdate-1.5.0_07-b03.log
09.07.2006 21:56 1.406 OceanPoker.ico
07.07.2006 03:21 6.757.792 MRT.exe
29.06.2006 16:14 2.957 jupdate-1.5.0_01-b08.log
22.06.2006 17:52 81.920 cmd.dll
13.06.2006 20:24 43.520 CmdLineExt03.dll
01.06.2006 20:47 163.840 jgdw400.dll
01.06.2006 20:47 27.648 jgpl400.dll
29.05.2006 17:30 1.494.016 shdocvw.dll
19.05.2006 17:09 3.073.536 mshtml.dll
19.05.2006 15:09 95.744 iphlpapi.dll
19.05.2006 15:09 112.128 dhcpcsvc.dll
19.05.2006 15:09 148.480 dnsapi.dll
18.05.2006 07:36 450.560 jscript.dll
17.05.2006 11:23 579.888 LegitCheckControl.dll
16.05.2006 22:23 339.968 pxwave.dll
16.05.2006 22:23 28.672 vxblock.dll
16.05.2006 22:23 450.560 pxdrv.dll
16.05.2006 22:23 430.080 px.dll
16.05.2006 22:23 61.440 pxhpinst.exe
16.05.2006 22:23 56.832 pxinsa64.exe
16.05.2006 22:23 176.128 pxmas.dll
16.05.2006 22:23 1.257.472 pxsfs.dll
16.05.2006 22:23 57.344 pxcpya64.exe
15.05.2006 21:14 93.480 FNTCACHE.DAT
14.05.2006 15:49 269 spupdwxp.log
14.05.2006 10:48 181.248 rasmans.dll
11.05.2006 10:57 27.136 xpsp3res.dll
10.05.2006 07:23 664.064 wininet.dll
10.05.2006 07:22 615.936 urlmon.dll
10.05.2006 07:22 474.624 shlwapi.dll
10.05.2006 07:22 532.480 mstime.dll
10.05.2006 07:22 39.424 pngfilt.dll
10.05.2006 07:22 448.512 mshtmled.dll
10.05.2006 07:22 146.432 msrating.dll
10.05.2006 07:22 96.768 inseng.dll
10.05.2006 07:22 16.384 jsproxy.dll
10.05.2006 07:22 251.392 iepeers.dll
10.05.2006 07:22 205.312 dxtrans.dll
10.05.2006 07:22 1.056.256 danim.dll
10.05.2006 07:22 55.808 extmgr.dll
10.05.2006 07:22 357.888 dxtmsft.dll
10.05.2006 07:22 1.022.976 browseui.dll
10.05.2006 07:22 152.064 cdfview.dll
03.05.2006 02:56 127.078 javaws.exe
03.05.2006 02:56 49.265 jpicpl32.cpl
03.05.2006 01:19 53.346 javaw.exe
03.05.2006 01:19 49.248 java.exe
29.04.2006 14:20 15.355 winbrume.dat
29.04.2006 14:20 0 ImaS3r
29.04.2006 06:07 5.533.696 wmp.dll
03.04.2006 19:34 1.298 lvcoinst.log
22.03.2006 05:56 257.536 ati2dvag.dll
22.03.2006 05:50 114.688 atipdlxx.dll
22.03.2006 05:50 77.824 Oemdspif.dll
22.03.2006 05:50 26.112 Ati2mdxx.exe
22.03.2006 05:50 41.984 ati2edxx.dll
22.03.2006 05:50 61.440 ati2evxx.dll
22.03.2006 05:48 405.504 ati2evxx.exe
22.03.2006 05:48 53.248 ATIDDC.DLL
22.03.2006 05:42 307.200 atiiiexx.dll
22.03.2006 05:40 2.662.688 ati3duag.dll
22.03.2006 05:33 1.130.752 ativvaxx.dll
22.03.2006 05:33 6.684.672 atioglx1.dll
22.03.2006 05:24 5.025.792 atioglxx.dll
22.03.2006 05:18 151.552 atikvmag.dll
22.03.2006 05:17 17.408 atitvo32.dll
22.03.2006 05:12 258.048 ati2cqag.dll
22.03.2006 04:38 286.720 ATIDEMGR.dll
17.03.2006 15:37 520.192 ati2sgag.exe
17.03.2006 11:11 679.424 inetcomm.dll
17.03.2006 06:03 8.493.056 shell32.dll
17.03.2006 02:38 28.672 verclsid.exe
16.03.2006 19:06 38.673 tempt3.exe
16.03.2006 03:24 58.952 MsgPlusLoader.dll
09.03.2006 23:00 112 ahdp.dat
09.03.2006 22:51 11.043 azebar.xml
01.03.2006 21:43 91.136 mtxoci.dll
01.03.2006 21:43 11.776 xolehlp.dll
01.03.2006 21:43 426.496 msdtcprx.dll
01.03.2006 21:43 161.280 msdtcuiu.dll
01.03.2006 21:43 956.416 msdtctm.dll
01.03.2006 21:43 66.560 mtxclu.dll
2210 Datei(en) 432.503.115 Bytes
0 Verzeichnis(se), 43.735.711.744 Bytes frei
- Trone
- Beiträge: 175
- Registriert: 03.02.2006, 17:10
- Wohnort: grevenmacher
look2me
von Trone am 21.07.2006, 15:24
und hier dann der look 2 me report
Look2Me-Destroyer V1.0.12
Scanning for infected files.....
Scan started at 21.07.2006 14:49:03
Attempting to delete infected files...
Making registry repairs.
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
Restoring SeDebugPrivilege for Administratoren - Succeeded
-
Look2Me-Destroyer V1.0.12
Scanning for infected files.....
Scan started at 21.07.2006 14:49:03
Attempting to delete infected files...
Making registry repairs.
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
Restoring SeDebugPrivilege for Administratoren - Succeeded
-
- Trone
- Beiträge: 175
- Registriert: 03.02.2006, 17:10
- Wohnort: grevenmacher
SmitfraudFix
von Trone am 21.07.2006, 15:47
und hier der SmitfraudFix report
SmitFraudFix v2.74
Scan done at 15:36:29,92, 21.07.2006
Run from C:\Dokumente und Einstellungen\Gibbes\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
SmitFraudFix v2.74
Scan done at 15:36:29,92, 21.07.2006
Run from C:\Dokumente und Einstellungen\Gibbes\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
Fix ran in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
- Trone
- Beiträge: 175
- Registriert: 03.02.2006, 17:10
- Wohnort: grevenmacher
von Nikita am 21.07.2006, 15:54
dein rechner ist schwer verseucht, u. a mit einem Haxdoor, wenn du nicht alles korrekt abarbeitest, kann ich nicht helfen.
1. die datfindbat hat 4 logs, nicht nur eins.
1.Log Verzeichnis von C:\WINDOWS\system32
2.Log Verzeichnis von C:\DOKUME~1\Username\LOKALE~1\Temp
3.Log Verzeichnis von C:\WINDOWS
4.Log Verzeichnis von C:\
2.
http://www.f-secure.com/blacklight/
starte die Datei, nimm die Lizenzbestimmung an und waehle scan, wenn es mit dem Scan fertig ist, druecke next und danach close. Nun befindet sich im selben Ordner von Blacklight eine FSB*.TXT Datei - poste den text
1. die datfindbat hat 4 logs, nicht nur eins.
1.Log Verzeichnis von C:\WINDOWS\system32
2.Log Verzeichnis von C:\DOKUME~1\Username\LOKALE~1\Temp
3.Log Verzeichnis von C:\WINDOWS
4.Log Verzeichnis von C:\
2.
http://www.f-secure.com/blacklight/
starte die Datei, nimm die Lizenzbestimmung an und waehle scan, wenn es mit dem Scan fertig ist, druecke next und danach close. Nun befindet sich im selben Ordner von Blacklight eine FSB*.TXT Datei - poste den text
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
blacklight
von Trone am 21.07.2006, 16:30
ok, danke, was ist ein hax door bitte hier mal den blacklight report
07/21/06 16:25:56 [Info]: BlackLight Engine 1.0.42 initialized
07/21/06 16:25:56 [Info]: OS: 5.1 build 2600 (Service Pack 2)
07/21/06 16:25:56 [Note]: 7019 4
07/21/06 16:25:56 [Note]: 7005 0
07/21/06 16:25:58 [Note]: 7006 0
07/21/06 16:25:58 [Note]: 7011 1668
07/21/06 16:25:58 [Note]: 7026 0
07/21/06 16:25:58 [Note]: 7026 0
07/21/06 16:26:05 [Note]: FSRAW library version 1.7.1019
07/21/06 16:28:11 [Info]: Hidden file: c:\WINDOWS\system32\fux87.ini
07/21/06 16:28:11 [Note]: 10002 1
07/21/06 16:28:15 [Info]: Hidden file: c:\WINDOWS\system32\sd.dll
07/21/06 16:28:15 [Note]: 10002 1
07/21/06 16:28:16 [Info]: Hidden file: c:\WINDOWS\system32\sd.sys
07/21/06 16:28:16 [Note]: 10002 1
07/21/06 16:28:20 [Info]: Hidden file: c:\WINDOWS\system32\klgcptini.dat
07/21/06 16:28:20 [Note]: 10002 1
07/21/06 16:28:22 [Info]: Hidden file: c:\WINDOWS\system32\xptpmm.sys
07/21/06 16:28:22 [Note]: 10002 1
07/21/06 16:29:56 [Note]: 7007 0
07/21/06 16:25:56 [Info]: BlackLight Engine 1.0.42 initialized
07/21/06 16:25:56 [Info]: OS: 5.1 build 2600 (Service Pack 2)
07/21/06 16:25:56 [Note]: 7019 4
07/21/06 16:25:56 [Note]: 7005 0
07/21/06 16:25:58 [Note]: 7006 0
07/21/06 16:25:58 [Note]: 7011 1668
07/21/06 16:25:58 [Note]: 7026 0
07/21/06 16:25:58 [Note]: 7026 0
07/21/06 16:26:05 [Note]: FSRAW library version 1.7.1019
07/21/06 16:28:11 [Info]: Hidden file: c:\WINDOWS\system32\fux87.ini
07/21/06 16:28:11 [Note]: 10002 1
07/21/06 16:28:15 [Info]: Hidden file: c:\WINDOWS\system32\sd.dll
07/21/06 16:28:15 [Note]: 10002 1
07/21/06 16:28:16 [Info]: Hidden file: c:\WINDOWS\system32\sd.sys
07/21/06 16:28:16 [Note]: 10002 1
07/21/06 16:28:20 [Info]: Hidden file: c:\WINDOWS\system32\klgcptini.dat
07/21/06 16:28:20 [Note]: 10002 1
07/21/06 16:28:22 [Info]: Hidden file: c:\WINDOWS\system32\xptpmm.sys
07/21/06 16:28:22 [Note]: 10002 1
07/21/06 16:29:56 [Note]: 7007 0
- Trone
- Beiträge: 175
- Registriert: 03.02.2006, 17:10
- Wohnort: grevenmacher
datFind
von Trone am 21.07.2006, 16:39
hier dann die datFind reports
system 32 :
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: BC8E-3E90
Verzeichnis von C:\WINDOWS\system32
21.07.2006 15:44 14.133.468 kspydoc.log
21.07.2006 15:44 0 Sweeper.cfg
20.07.2006 22:33 34.308 BASSMOD.dll
20.07.2006 19:53 22 ati64hlp.stb
20.07.2006 19:46 2.262 wpa.dbl
20.07.2006 19:43 2.953 CONFIG.NT
20.07.2006 19:26 2 wnscpsv.exe
20.07.2006 19:24 18.944 winzdn32.dll
20.07.2006 13:42 10.240 win32hlp.exe
20.07.2006 13:42 284 ps.a3d
19.07.2006 12:41 395.336 perfh009.dat
19.07.2006 12:41 59.576 perfc009.dat
19.07.2006 12:41 408.948 perfh007.dat
19.07.2006 12:41 71.796 perfc007.dat
19.07.2006 12:41 908.362 PerfStringBackup.INI
13.07.2006 23:56 94 tbd_G1ssg.ini
13.07.2006 20:17 278.528 pncrt.dll
09.07.2006 22:04 6.961 jupdate-1.5.0_07-b03.log
09.07.2006 21:56 1.406 OceanPoker.ico
07.07.2006 03:21 6.757.792 MRT.exe
29.06.2006 16:14 2.957 jupdate-1.5.0_01-b08.log
22.06.2006 17:52 81.920 cmd.dll
13.06.2006 20:24 43.520 CmdLineExt03.dll
01.06.2006 20:47 163.840 jgdw400.dll
01.06.2006 20:47 27.648 jgpl400.dll
29.05.2006 17:30 1.494.016 shdocvw.dll
19.05.2006 17:09 3.073.536 mshtml.dll
19.05.2006 15:09 95.744 iphlpapi.dll
19.05.2006 15:09 112.128 dhcpcsvc.dll
19.05.2006 15:09 148.480 dnsapi.dll
18.05.2006 07:36 450.560 jscript.dll
17.05.2006 11:23 579.888 LegitCheckControl.dll
16.05.2006 22:23 339.968 pxwave.dll
16.05.2006 22:23 28.672 vxblock.dll
16.05.2006 22:23 450.560 pxdrv.dll
16.05.2006 22:23 430.080 px.dll
16.05.2006 22:23 61.440 pxhpinst.exe
16.05.2006 22:23 56.832 pxinsa64.exe
16.05.2006 22:23 176.128 pxmas.dll
16.05.2006 22:23 1.257.472 pxsfs.dll
16.05.2006 22:23 57.344 pxcpya64.exe
15.05.2006 21:14 93.480 FNTCACHE.DAT
14.05.2006 15:49 269 spupdwxp.log
14.05.2006 10:48 181.248 rasmans.dll
11.05.2006 10:57 27.136 xpsp3res.dll
10.05.2006 07:23 664.064 wininet.dll
10.05.2006 07:22 615.936 urlmon.dll
10.05.2006 07:22 474.624 shlwapi.dll
10.05.2006 07:22 532.480 mstime.dll
10.05.2006 07:22 39.424 pngfilt.dll
10.05.2006 07:22 448.512 mshtmled.dll
10.05.2006 07:22 146.432 msrating.dll
10.05.2006 07:22 96.768 inseng.dll
10.05.2006 07:22 16.384 jsproxy.dll
10.05.2006 07:22 251.392 iepeers.dll
10.05.2006 07:22 205.312 dxtrans.dll
10.05.2006 07:22 1.056.256 danim.dll
10.05.2006 07:22 55.808 extmgr.dll
10.05.2006 07:22 357.888 dxtmsft.dll
10.05.2006 07:22 1.022.976 browseui.dll
10.05.2006 07:22 152.064 cdfview.dll
03.05.2006 02:56 127.078 javaws.exe
03.05.2006 02:56 49.265 jpicpl32.cpl
03.05.2006 01:19 53.346 javaw.exe
03.05.2006 01:19 49.248 java.exe
29.04.2006 14:20 15.355 winbrume.dat
29.04.2006 14:20 0 ImaS3r
29.04.2006 06:07 5.533.696 wmp.dll
03.04.2006 19:34 1.298 lvcoinst.log
temp :
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: BC8E-3E90
Verzeichnis von C:\DOKUME~1\Gibbes\LOKALE~1\Temp
windows :
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: BC8E-3E90
Verzeichnis von C:\WINDOWS
21.07.2006 15:44 159 wiadebug.log
21.07.2006 15:44 313 wiaservc.log
21.07.2006 15:44 1.068.803 WindowsUpdate.log
21.07.2006 15:44 0 0.log
21.07.2006 15:44 2.048 bootstat.dat
21.07.2006 15:36 120 setupact.log
21.07.2006 15:33 32.548 SchedLgU.Txt
21.07.2006 13:12 0 setuperr.log
20.07.2006 21:03 229 NeroDigital.ini
20.07.2006 14:26 32 HCWBTDLG.INI
20.07.2006 14:26 474 HCWPNP.INI
19.07.2006 12:34 227 system.ini
18.07.2006 14:54 121 Winamp.ini
15.07.2006 01:34 372 LuckyStreakPoker.ini
14.07.2006 12:15 40 RSoftInfo.dat
04.06.2006 19:05 8.192 Thumbs.db
30.05.2006 22:38 756 win.ini
28.05.2006 15:57 0 b.exe
28.05.2006 15:49 11.959 mozver.dat
25.05.2006 11:24 893 GTA-SA_Trn_Settings.ini
14.05.2006 15:52 316.640 WMSysPr9.prx
01.05.2006 13:44 92 CMISETUP.INI
01.05.2006 13:44 26 CMCDPLAY.INI
01.05.2006 13:44 0 Wininit.ini
01.05.2006 13:43 2.547 Ascd_tmp.ini
29.04.2006 19:27 365.978 IrfanView_Wallpaper.bmp
25.04.2006 18:52 0 ATICIM.MIF
11.04.2006 22:43 107.134 UninstallFirefox.exe
C:
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: BC8E-3E90
Verzeichnis von C:\
21.07.2006 16:36 0 sys.txt
21.07.2006 16:36 1.526 system.txt
21.07.2006 16:35 134 temp.txt
21.07.2006 16:35 3.522 system32.txt
21.07.2006 15:44 402.653.184 pagefile.sys
23.06.2006 12:29 419 lxce.log
30.05.2006 22:38 211 boot.ini
14.05.2006 13:43 47.564 NTDETECT.COM
14.05.2006 13:43 251.184 ntldr
14.05.2006 13:33 93 lxcescan.log
vielen dank
system 32 :
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: BC8E-3E90
Verzeichnis von C:\WINDOWS\system32
21.07.2006 15:44 14.133.468 kspydoc.log
21.07.2006 15:44 0 Sweeper.cfg
20.07.2006 22:33 34.308 BASSMOD.dll
20.07.2006 19:53 22 ati64hlp.stb
20.07.2006 19:46 2.262 wpa.dbl
20.07.2006 19:43 2.953 CONFIG.NT
20.07.2006 19:26 2 wnscpsv.exe
20.07.2006 19:24 18.944 winzdn32.dll
20.07.2006 13:42 10.240 win32hlp.exe
20.07.2006 13:42 284 ps.a3d
19.07.2006 12:41 395.336 perfh009.dat
19.07.2006 12:41 59.576 perfc009.dat
19.07.2006 12:41 408.948 perfh007.dat
19.07.2006 12:41 71.796 perfc007.dat
19.07.2006 12:41 908.362 PerfStringBackup.INI
13.07.2006 23:56 94 tbd_G1ssg.ini
13.07.2006 20:17 278.528 pncrt.dll
09.07.2006 22:04 6.961 jupdate-1.5.0_07-b03.log
09.07.2006 21:56 1.406 OceanPoker.ico
07.07.2006 03:21 6.757.792 MRT.exe
29.06.2006 16:14 2.957 jupdate-1.5.0_01-b08.log
22.06.2006 17:52 81.920 cmd.dll
13.06.2006 20:24 43.520 CmdLineExt03.dll
01.06.2006 20:47 163.840 jgdw400.dll
01.06.2006 20:47 27.648 jgpl400.dll
29.05.2006 17:30 1.494.016 shdocvw.dll
19.05.2006 17:09 3.073.536 mshtml.dll
19.05.2006 15:09 95.744 iphlpapi.dll
19.05.2006 15:09 112.128 dhcpcsvc.dll
19.05.2006 15:09 148.480 dnsapi.dll
18.05.2006 07:36 450.560 jscript.dll
17.05.2006 11:23 579.888 LegitCheckControl.dll
16.05.2006 22:23 339.968 pxwave.dll
16.05.2006 22:23 28.672 vxblock.dll
16.05.2006 22:23 450.560 pxdrv.dll
16.05.2006 22:23 430.080 px.dll
16.05.2006 22:23 61.440 pxhpinst.exe
16.05.2006 22:23 56.832 pxinsa64.exe
16.05.2006 22:23 176.128 pxmas.dll
16.05.2006 22:23 1.257.472 pxsfs.dll
16.05.2006 22:23 57.344 pxcpya64.exe
15.05.2006 21:14 93.480 FNTCACHE.DAT
14.05.2006 15:49 269 spupdwxp.log
14.05.2006 10:48 181.248 rasmans.dll
11.05.2006 10:57 27.136 xpsp3res.dll
10.05.2006 07:23 664.064 wininet.dll
10.05.2006 07:22 615.936 urlmon.dll
10.05.2006 07:22 474.624 shlwapi.dll
10.05.2006 07:22 532.480 mstime.dll
10.05.2006 07:22 39.424 pngfilt.dll
10.05.2006 07:22 448.512 mshtmled.dll
10.05.2006 07:22 146.432 msrating.dll
10.05.2006 07:22 96.768 inseng.dll
10.05.2006 07:22 16.384 jsproxy.dll
10.05.2006 07:22 251.392 iepeers.dll
10.05.2006 07:22 205.312 dxtrans.dll
10.05.2006 07:22 1.056.256 danim.dll
10.05.2006 07:22 55.808 extmgr.dll
10.05.2006 07:22 357.888 dxtmsft.dll
10.05.2006 07:22 1.022.976 browseui.dll
10.05.2006 07:22 152.064 cdfview.dll
03.05.2006 02:56 127.078 javaws.exe
03.05.2006 02:56 49.265 jpicpl32.cpl
03.05.2006 01:19 53.346 javaw.exe
03.05.2006 01:19 49.248 java.exe
29.04.2006 14:20 15.355 winbrume.dat
29.04.2006 14:20 0 ImaS3r
29.04.2006 06:07 5.533.696 wmp.dll
03.04.2006 19:34 1.298 lvcoinst.log
temp :
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: BC8E-3E90
Verzeichnis von C:\DOKUME~1\Gibbes\LOKALE~1\Temp
windows :
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: BC8E-3E90
Verzeichnis von C:\WINDOWS
21.07.2006 15:44 159 wiadebug.log
21.07.2006 15:44 313 wiaservc.log
21.07.2006 15:44 1.068.803 WindowsUpdate.log
21.07.2006 15:44 0 0.log
21.07.2006 15:44 2.048 bootstat.dat
21.07.2006 15:36 120 setupact.log
21.07.2006 15:33 32.548 SchedLgU.Txt
21.07.2006 13:12 0 setuperr.log
20.07.2006 21:03 229 NeroDigital.ini
20.07.2006 14:26 32 HCWBTDLG.INI
20.07.2006 14:26 474 HCWPNP.INI
19.07.2006 12:34 227 system.ini
18.07.2006 14:54 121 Winamp.ini
15.07.2006 01:34 372 LuckyStreakPoker.ini
14.07.2006 12:15 40 RSoftInfo.dat
04.06.2006 19:05 8.192 Thumbs.db
30.05.2006 22:38 756 win.ini
28.05.2006 15:57 0 b.exe
28.05.2006 15:49 11.959 mozver.dat
25.05.2006 11:24 893 GTA-SA_Trn_Settings.ini
14.05.2006 15:52 316.640 WMSysPr9.prx
01.05.2006 13:44 92 CMISETUP.INI
01.05.2006 13:44 26 CMCDPLAY.INI
01.05.2006 13:44 0 Wininit.ini
01.05.2006 13:43 2.547 Ascd_tmp.ini
29.04.2006 19:27 365.978 IrfanView_Wallpaper.bmp
25.04.2006 18:52 0 ATICIM.MIF
11.04.2006 22:43 107.134 UninstallFirefox.exe
C:
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: BC8E-3E90
Verzeichnis von C:\
21.07.2006 16:36 0 sys.txt
21.07.2006 16:36 1.526 system.txt
21.07.2006 16:35 134 temp.txt
21.07.2006 16:35 3.522 system32.txt
21.07.2006 15:44 402.653.184 pagefile.sys
23.06.2006 12:29 419 lxce.log
30.05.2006 22:38 211 boot.ini
14.05.2006 13:43 47.564 NTDETECT.COM
14.05.2006 13:43 251.184 ntldr
14.05.2006 13:33 93 lxcescan.log
vielen dank
- Trone
- Beiträge: 175
- Registriert: 03.02.2006, 17:10
- Wohnort: grevenmacher
von Nikita am 21.07.2006, 16:50
Download Registry Search by Bobbi Flekman
http://virus-protect.org/artikel/tools/regsearch.html
und doppelklicken, um zu starten.
in: "Enter search strings" (reinschreiben oder reinkopieren)
xptpmm.sys
in edit und klicke "Ok".
Notepad wird sich oeffnen -- kopiere den Text ab und poste ihn
in: "Enter search strings" (reinschreiben oder reinkopieren)
sd.sys
in edit und klicke "Ok".
Notepad wird sich oeffnen -- kopiere den Text ab und poste ihn
-----------------------------------------------------------------------------
hackfix : http://users.telenet.be/marcvn/tools/haxfix.exe
Icon klicken --> in "deutsch" einstellen --> installieren --> irgendeine Taste klicken
1. Make logfile
2. Run auto fix -> 2 eingeben
3. Run manual fix
4. Run goldun fix
E. Exit Haxfix
Log abkopieren (rechte maustaste -> kopieren -> einfuegen)
http://virus-protect.org/artikel/tools/regsearch.html
und doppelklicken, um zu starten.
in: "Enter search strings" (reinschreiben oder reinkopieren)
xptpmm.sys
in edit und klicke "Ok".
Notepad wird sich oeffnen -- kopiere den Text ab und poste ihn
in: "Enter search strings" (reinschreiben oder reinkopieren)
sd.sys
in edit und klicke "Ok".
Notepad wird sich oeffnen -- kopiere den Text ab und poste ihn
-----------------------------------------------------------------------------
hackfix : http://users.telenet.be/marcvn/tools/haxfix.exe
Icon klicken --> in "deutsch" einstellen --> installieren --> irgendeine Taste klicken
1. Make logfile
2. Run auto fix -> 2 eingeben
3. Run manual fix
4. Run goldun fix
E. Exit Haxfix
Log abkopieren (rechte maustaste -> kopieren -> einfuegen)
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
danke
von Trone am 21.07.2006, 17:15
also beim haxfix opt. 2 schreibt mir das fenster ; no hax found ....
hier aber die geforderten reports
GOLDUNFIX logfile - by Marckie
-----------------
version 1.06
21.07.2006 17:11:45,10
running from: C:\Programme\HaxFix
checking for notifykeys:
no notifykeys found
checking for services:
no services found
searching for services
no services found
checking for files
Finished!
REGEDIT4
; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.1.0
; Results at 21.07.2006 17:08:46 for strings:
; 'xptpmm.sys'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\xptpmm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\xptpmm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptpmm]
; Contents of value:
; \??\c:\windows\system32\xptpmm.sys
"ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,\
6d,33,32,5c,78,70,74,70,6d,6d,2e,73,79,73,00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptptt]
; Contents of value:
; \??\c:\windows\system32\xptpmm.sys
"ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,\
6d,33,32,5c,78,70,74,70,6d,6d,2e,73,79,73,00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Minimal\xptpmm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Network\xptpmm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptpmm]
; Contents of value:
; \??\c:\windows\system32\xptpmm.sys
"ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,\
6d,33,32,5c,78,70,74,70,6d,6d,2e,73,79,73,00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptptt]
; Contents of value:
; \??\c:\windows\system32\xptpmm.sys
"ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,\
6d,33,32,5c,78,70,74,70,6d,6d,2e,73,79,73,00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptpmm]
; Contents of value:
; \??\c:\windows\system32\xptpmm.sys
"ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,\
6d,33,32,5c,78,70,74,70,6d,6d,2e,73,79,73,00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptptt]
; Contents of value:
; \??\c:\windows\system32\xptpmm.sys
"ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,\
6d,33,32,5c,78,70,74,70,6d,6d,2e,73,79,73,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xptpmm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\xptpmm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptpmm]
; Contents of value:
; \??\c:\windows\system32\xptpmm.sys
"ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,\
6d,33,32,5c,78,70,74,70,6d,6d,2e,73,79,73,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptptt]
; Contents of value:
; \??\c:\windows\system32\xptpmm.sys
"ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,\
6d,33,32,5c,78,70,74,70,6d,6d,2e,73,79,73,00
; End Of The Log...
REGEDIT4
; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.1.0
; Results at 21.07.2006 17:07:00 for strings:
; 'sd.sys'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS
; End Of The Log...
hier aber die geforderten reports
GOLDUNFIX logfile - by Marckie
-----------------
version 1.06
21.07.2006 17:11:45,10
running from: C:\Programme\HaxFix
checking for notifykeys:
no notifykeys found
checking for services:
no services found
searching for services
no services found
checking for files
Finished!
REGEDIT4
; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.1.0
; Results at 21.07.2006 17:08:46 for strings:
; 'xptpmm.sys'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\xptpmm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\xptpmm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptpmm]
; Contents of value:
; \??\c:\windows\system32\xptpmm.sys
"ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,\
6d,33,32,5c,78,70,74,70,6d,6d,2e,73,79,73,00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptptt]
; Contents of value:
; \??\c:\windows\system32\xptpmm.sys
"ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,\
6d,33,32,5c,78,70,74,70,6d,6d,2e,73,79,73,00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Minimal\xptpmm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Network\xptpmm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptpmm]
; Contents of value:
; \??\c:\windows\system32\xptpmm.sys
"ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,\
6d,33,32,5c,78,70,74,70,6d,6d,2e,73,79,73,00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptptt]
; Contents of value:
; \??\c:\windows\system32\xptpmm.sys
"ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,\
6d,33,32,5c,78,70,74,70,6d,6d,2e,73,79,73,00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptpmm]
; Contents of value:
; \??\c:\windows\system32\xptpmm.sys
"ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,\
6d,33,32,5c,78,70,74,70,6d,6d,2e,73,79,73,00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptptt]
; Contents of value:
; \??\c:\windows\system32\xptpmm.sys
"ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,\
6d,33,32,5c,78,70,74,70,6d,6d,2e,73,79,73,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xptpmm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\xptpmm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptpmm]
; Contents of value:
; \??\c:\windows\system32\xptpmm.sys
"ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,\
6d,33,32,5c,78,70,74,70,6d,6d,2e,73,79,73,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptptt]
; Contents of value:
; \??\c:\windows\system32\xptpmm.sys
"ImagePath"=hex(2):5c,3f,3f,5c,43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,\
6d,33,32,5c,78,70,74,70,6d,6d,2e,73,79,73,00
; End Of The Log...
REGEDIT4
; Registry Search 2.0 by Bobbi Flekman © 2005
; Version: 2.0.1.0
; Results at 21.07.2006 17:07:00 for strings:
; 'sd.sys'
; Strings excluded from search:
; (None)
; Search in:
; Registry Keys Registry Values Registry Data
; HKEY_LOCAL_MACHINE HKEY_USERS
; End Of The Log...
- Trone
- Beiträge: 175
- Registriert: 03.02.2006, 17:10
- Wohnort: grevenmacher
von Nikita am 21.07.2006, 17:46
1.
Avenger
http://virus-protect.org/artikel/tools/avenger.html
kopiere rein:
Klicke die gruene Ampel
das Script wird nun ausgeführt, dann wird der PC automatisch neustarten
**
poste das log vom Avenger, was erscheint.
----------------------------------------------------------------------
xptptt.dll - Haxdoor
http://virus-protect.org/artikel/dienst ... xdoor.html
Avenger
http://virus-protect.org/artikel/tools/avenger.html
kopiere rein:
registry keys to delete:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SYSBUS32
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sysbus32
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SYSBUS32
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sysbus32
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SYSBUS32
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sysbus32
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SYSBUS32
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sysbus32
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SYSBUS32
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysbus32
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\xptpmm.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\xptpmm.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Minimal\xptpmm.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Network\xptpmm.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xptpmm.sys
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\xptpmm.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptpmm
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptptt
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptpmm
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptptt
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptpmm
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptptt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptpmm
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptptt
Files to delete:
C:\WINDOWS\system32\drivers\sysbus32.sys
C:\WINDOWS\system32\xptptt.dll
C:\WINDOWS\system32\ixt3.dll
C:\WINDOWS\system32\wnscpsv.exe
C:\WINDOWS\system32\winzdn32.dll
C:\WINDOWS\system32\win32hlp.exe
C:\WINDOWS\system32\ps.a3d
C:\WINDOWS\system32\winbrume.dat
C:\WINDOWS\system32\win32hlp.exe
C:\WINDOWS\system32\stera.job
C:\WINDOWS\system32\ahdp.dat
C:\WINDOWS\system32\azebar.xml
C:\WINDOWS\system32\tempt3.exe
C:\WINDOWS\system32\spoolsv.dll
C:\WINDOWS\system32\winzdn32.dll
C:\WINDOWS\system32\pmnqguh.dll
C:\WINDOWS\system32\ImaS3r
C:\WINDOWS\system32\fux87.ini
C:\WINDOWS\system32\sd.dll
C:\WINDOWS\system32\sd.sys
C:\WINDOWS\system32\klgcptini.dat
C:\WINDOWS\system32\xptpmm.sys
C:\WINDOWS\b.exe
Klicke die gruene Ampel
das Script wird nun ausgeführt, dann wird der PC automatisch neustarten
**
poste das log vom Avenger, was erscheint.
----------------------------------------------------------------------
xptptt.dll - Haxdoor
http://virus-protect.org/artikel/dienst ... xdoor.html
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
report
von Trone am 21.07.2006, 19:13
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\ymybvfoi
*******************
Script file located at: \??\C:\ubkrblbh.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
File C:\WINDOWS\system32\drivers\sysbus32.sys not found!
Deletion of file C:\WINDOWS\system32\drivers\sysbus32.sys failed!
Could not process line:
C:\WINDOWS\system32\drivers\sysbus32.sys
Status: 0xc0000034
File C:\WINDOWS\system32\xptptt.dll not found!
Deletion of file C:\WINDOWS\system32\xptptt.dll failed!
Could not process line:
C:\WINDOWS\system32\xptptt.dll
Status: 0xc0000034
File C:\WINDOWS\system32\ixt3.dll not found!
Deletion of file C:\WINDOWS\system32\ixt3.dll failed!
Could not process line:
C:\WINDOWS\system32\ixt3.dll
Status: 0xc0000034
File C:\WINDOWS\system32\wnscpsv.exe not found!
Deletion of file C:\WINDOWS\system32\wnscpsv.exe failed!
Could not process line:
C:\WINDOWS\system32\wnscpsv.exe
Status: 0xc0000034
File C:\WINDOWS\system32\winzdn32.dll not found!
Deletion of file C:\WINDOWS\system32\winzdn32.dll failed!
Could not process line:
C:\WINDOWS\system32\winzdn32.dll
Status: 0xc0000034
File C:\WINDOWS\system32\win32hlp.exe not found!
Deletion of file C:\WINDOWS\system32\win32hlp.exe failed!
Could not process line:
C:\WINDOWS\system32\win32hlp.exe
Status: 0xc0000034
File C:\WINDOWS\system32\ps.a3d not found!
Deletion of file C:\WINDOWS\system32\ps.a3d failed!
Could not process line:
C:\WINDOWS\system32\ps.a3d
Status: 0xc0000034
File C:\WINDOWS\system32\winbrume.dat not found!
Deletion of file C:\WINDOWS\system32\winbrume.dat failed!
Could not process line:
C:\WINDOWS\system32\winbrume.dat
Status: 0xc0000034
File C:\WINDOWS\system32\win32hlp.exe not found!
Deletion of file C:\WINDOWS\system32\win32hlp.exe failed!
Could not process line:
C:\WINDOWS\system32\win32hlp.exe
Status: 0xc0000034
File C:\WINDOWS\system32\stera.job not found!
Deletion of file C:\WINDOWS\system32\stera.job failed!
Could not process line:
C:\WINDOWS\system32\stera.job
Status: 0xc0000034
File C:\WINDOWS\system32\ahdp.dat not found!
Deletion of file C:\WINDOWS\system32\ahdp.dat failed!
Could not process line:
C:\WINDOWS\system32\ahdp.dat
Status: 0xc0000034
File C:\WINDOWS\system32\azebar.xml not found!
Deletion of file C:\WINDOWS\system32\azebar.xml failed!
Could not process line:
C:\WINDOWS\system32\azebar.xml
Status: 0xc0000034
File C:\WINDOWS\system32\tempt3.exe not found!
Deletion of file C:\WINDOWS\system32\tempt3.exe failed!
Could not process line:
C:\WINDOWS\system32\tempt3.exe
Status: 0xc0000034
File C:\WINDOWS\system32\spoolsv.dll not found!
Deletion of file C:\WINDOWS\system32\spoolsv.dll failed!
Could not process line:
C:\WINDOWS\system32\spoolsv.dll
Status: 0xc0000034
File C:\WINDOWS\system32\winzdn32.dll not found!
Deletion of file C:\WINDOWS\system32\winzdn32.dll failed!
Could not process line:
C:\WINDOWS\system32\winzdn32.dll
Status: 0xc0000034
File C:\WINDOWS\system32\pmnqguh.dll not found!
Deletion of file C:\WINDOWS\system32\pmnqguh.dll failed!
Could not process line:
C:\WINDOWS\system32\pmnqguh.dll
Status: 0xc0000034
File C:\WINDOWS\system32\ImaS3r not found!
Deletion of file C:\WINDOWS\system32\ImaS3r failed!
Could not process line:
C:\WINDOWS\system32\ImaS3r
Status: 0xc0000034
File C:\WINDOWS\system32\fux87.ini not found!
Deletion of file C:\WINDOWS\system32\fux87.ini failed!
Could not process line:
C:\WINDOWS\system32\fux87.ini
Status: 0xc0000034
File C:\WINDOWS\system32\sd.dll not found!
Deletion of file C:\WINDOWS\system32\sd.dll failed!
Could not process line:
C:\WINDOWS\system32\sd.dll
Status: 0xc0000034
File C:\WINDOWS\system32\sd.sys not found!
Deletion of file C:\WINDOWS\system32\sd.sys failed!
Could not process line:
C:\WINDOWS\system32\sd.sys
Status: 0xc0000034
File C:\WINDOWS\system32\klgcptini.dat not found!
Deletion of file C:\WINDOWS\system32\klgcptini.dat failed!
Could not process line:
C:\WINDOWS\system32\klgcptini.dat
Status: 0xc0000034
File C:\WINDOWS\system32\xptpmm.sys not found!
Deletion of file C:\WINDOWS\system32\xptpmm.sys failed!
Could not process line:
C:\WINDOWS\system32\xptpmm.sys
Status: 0xc0000034
File C:\WINDOWS\b.exe not found!
Deletion of file C:\WINDOWS\b.exe failed!
Could not process line:
C:\WINDOWS\b.exe
Status: 0xc0000034
Completed script processing.
*******************
Finished! Terminate.
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\vufcyuhh
*******************
Script file located at: \??\C:\xjlluvwu.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SYSBUS32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SYSBUS32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SYSBUS32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sysbus32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sysbus32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sysbus32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SYSBUS32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SYSBUS32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SYSBUS32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sysbus32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sysbus32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sysbus32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SYSBUS32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SYSBUS32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SYSBUS32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sysbus32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sysbus32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sysbus32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SYSBUS32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SYSBUS32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SYSBUS32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sysbus32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sysbus32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sysbus32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SYSBUS32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SYSBUS32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SYSBUS32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysbus32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysbus32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysbus32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\xptpmm.sys not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\xptpmm.sys failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\xptpmm.sys
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\xptpmm.sys not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\xptpmm.sys failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\xptpmm.sys
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Minimal\xptpmm.sys not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Minimal\xptpmm.sys failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Minimal\xptpmm.sys
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Network\xptpmm.sys not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Network\xptpmm.sys failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Network\xptpmm.sys
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xptpmm.sys not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xptpmm.sys failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xptpmm.sys
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\xptpmm.sys not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\xptpmm.sys failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\xptpmm.sys
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptpmm not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptpmm failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptpmm
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptptt not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptptt failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptptt
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptpmm not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptpmm failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptpmm
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptptt not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptptt failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptptt
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptpmm not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptpmm failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptpmm
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptptt not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptptt failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptptt
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptpmm not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptpmm failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptpmm
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptptt not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptptt failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptptt
Status: 0xc0000034
Completed script processing.
*******************
Finished! Terminate.
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\ymybvfoi
*******************
Script file located at: \??\C:\ubkrblbh.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
File C:\WINDOWS\system32\drivers\sysbus32.sys not found!
Deletion of file C:\WINDOWS\system32\drivers\sysbus32.sys failed!
Could not process line:
C:\WINDOWS\system32\drivers\sysbus32.sys
Status: 0xc0000034
File C:\WINDOWS\system32\xptptt.dll not found!
Deletion of file C:\WINDOWS\system32\xptptt.dll failed!
Could not process line:
C:\WINDOWS\system32\xptptt.dll
Status: 0xc0000034
File C:\WINDOWS\system32\ixt3.dll not found!
Deletion of file C:\WINDOWS\system32\ixt3.dll failed!
Could not process line:
C:\WINDOWS\system32\ixt3.dll
Status: 0xc0000034
File C:\WINDOWS\system32\wnscpsv.exe not found!
Deletion of file C:\WINDOWS\system32\wnscpsv.exe failed!
Could not process line:
C:\WINDOWS\system32\wnscpsv.exe
Status: 0xc0000034
File C:\WINDOWS\system32\winzdn32.dll not found!
Deletion of file C:\WINDOWS\system32\winzdn32.dll failed!
Could not process line:
C:\WINDOWS\system32\winzdn32.dll
Status: 0xc0000034
File C:\WINDOWS\system32\win32hlp.exe not found!
Deletion of file C:\WINDOWS\system32\win32hlp.exe failed!
Could not process line:
C:\WINDOWS\system32\win32hlp.exe
Status: 0xc0000034
File C:\WINDOWS\system32\ps.a3d not found!
Deletion of file C:\WINDOWS\system32\ps.a3d failed!
Could not process line:
C:\WINDOWS\system32\ps.a3d
Status: 0xc0000034
File C:\WINDOWS\system32\winbrume.dat not found!
Deletion of file C:\WINDOWS\system32\winbrume.dat failed!
Could not process line:
C:\WINDOWS\system32\winbrume.dat
Status: 0xc0000034
File C:\WINDOWS\system32\win32hlp.exe not found!
Deletion of file C:\WINDOWS\system32\win32hlp.exe failed!
Could not process line:
C:\WINDOWS\system32\win32hlp.exe
Status: 0xc0000034
File C:\WINDOWS\system32\stera.job not found!
Deletion of file C:\WINDOWS\system32\stera.job failed!
Could not process line:
C:\WINDOWS\system32\stera.job
Status: 0xc0000034
File C:\WINDOWS\system32\ahdp.dat not found!
Deletion of file C:\WINDOWS\system32\ahdp.dat failed!
Could not process line:
C:\WINDOWS\system32\ahdp.dat
Status: 0xc0000034
File C:\WINDOWS\system32\azebar.xml not found!
Deletion of file C:\WINDOWS\system32\azebar.xml failed!
Could not process line:
C:\WINDOWS\system32\azebar.xml
Status: 0xc0000034
File C:\WINDOWS\system32\tempt3.exe not found!
Deletion of file C:\WINDOWS\system32\tempt3.exe failed!
Could not process line:
C:\WINDOWS\system32\tempt3.exe
Status: 0xc0000034
File C:\WINDOWS\system32\spoolsv.dll not found!
Deletion of file C:\WINDOWS\system32\spoolsv.dll failed!
Could not process line:
C:\WINDOWS\system32\spoolsv.dll
Status: 0xc0000034
File C:\WINDOWS\system32\winzdn32.dll not found!
Deletion of file C:\WINDOWS\system32\winzdn32.dll failed!
Could not process line:
C:\WINDOWS\system32\winzdn32.dll
Status: 0xc0000034
File C:\WINDOWS\system32\pmnqguh.dll not found!
Deletion of file C:\WINDOWS\system32\pmnqguh.dll failed!
Could not process line:
C:\WINDOWS\system32\pmnqguh.dll
Status: 0xc0000034
File C:\WINDOWS\system32\ImaS3r not found!
Deletion of file C:\WINDOWS\system32\ImaS3r failed!
Could not process line:
C:\WINDOWS\system32\ImaS3r
Status: 0xc0000034
File C:\WINDOWS\system32\fux87.ini not found!
Deletion of file C:\WINDOWS\system32\fux87.ini failed!
Could not process line:
C:\WINDOWS\system32\fux87.ini
Status: 0xc0000034
File C:\WINDOWS\system32\sd.dll not found!
Deletion of file C:\WINDOWS\system32\sd.dll failed!
Could not process line:
C:\WINDOWS\system32\sd.dll
Status: 0xc0000034
File C:\WINDOWS\system32\sd.sys not found!
Deletion of file C:\WINDOWS\system32\sd.sys failed!
Could not process line:
C:\WINDOWS\system32\sd.sys
Status: 0xc0000034
File C:\WINDOWS\system32\klgcptini.dat not found!
Deletion of file C:\WINDOWS\system32\klgcptini.dat failed!
Could not process line:
C:\WINDOWS\system32\klgcptini.dat
Status: 0xc0000034
File C:\WINDOWS\system32\xptpmm.sys not found!
Deletion of file C:\WINDOWS\system32\xptpmm.sys failed!
Could not process line:
C:\WINDOWS\system32\xptpmm.sys
Status: 0xc0000034
File C:\WINDOWS\b.exe not found!
Deletion of file C:\WINDOWS\b.exe failed!
Could not process line:
C:\WINDOWS\b.exe
Status: 0xc0000034
Completed script processing.
*******************
Finished! Terminate.
Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\vufcyuhh
*******************
Script file located at: \??\C:\xjlluvwu.txt
Script file opened successfully.
Script file read successfully
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SYSBUS32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SYSBUS32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SYSBUS32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sysbus32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sysbus32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sysbus32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SYSBUS32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SYSBUS32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SYSBUS32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sysbus32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sysbus32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sysbus32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SYSBUS32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SYSBUS32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SYSBUS32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sysbus32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sysbus32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sysbus32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SYSBUS32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SYSBUS32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SYSBUS32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sysbus32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sysbus32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sysbus32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SYSBUS32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SYSBUS32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SYSBUS32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysbus32 not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysbus32 failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sysbus32
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\xptpmm.sys not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\xptpmm.sys failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Minimal\xptpmm.sys
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\xptpmm.sys not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\xptpmm.sys failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SafeBoot\Network\xptpmm.sys
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Minimal\xptpmm.sys not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Minimal\xptpmm.sys failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Minimal\xptpmm.sys
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Network\xptpmm.sys not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Network\xptpmm.sys failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\SafeBoot\Network\xptpmm.sys
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xptpmm.sys not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xptpmm.sys failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xptpmm.sys
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\xptpmm.sys not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\xptpmm.sys failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\xptpmm.sys
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptpmm not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptpmm failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptpmm
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptptt not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptptt failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\xptptt
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptpmm not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptpmm failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptpmm
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptptt not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptptt failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\xptptt
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptpmm not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptpmm failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptpmm
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptptt not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptptt failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\xptptt
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptpmm not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptpmm failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptpmm
Status: 0xc0000034
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptptt not found!
Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptptt failed!
Could not process line:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\xptptt
Status: 0xc0000034
Completed script processing.
*******************
Finished! Terminate.
- Trone
- Beiträge: 175
- Registriert: 03.02.2006, 17:10
- Wohnort: grevenmacher
von Nikita am 21.07.2006, 22:35
nun poste noch mal das log vom HijackThis
+
die 4 logs von datfindbat
+
blacklight
------------------------------------------------------------------------
+
Arbeitsplatz-->Rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren.
------------------------------------------------------------------------
dr.web
http://virus-protect.org/cureit.html
scanne + poste den scanreport
+
die 4 logs von datfindbat
+
blacklight
------------------------------------------------------------------------
+
Arbeitsplatz-->Rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren.
------------------------------------------------------------------------
dr.web
http://virus-protect.org/cureit.html
scanne + poste den scanreport
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
31 Beiträge • Seite 1 von 3 • 1, 2, 3
Ähnliche Themen
| the arena Forum: Spiele-News Autor: Anonymous Antworten: |
Knowledgebase in Arbeit! Forum: Aktuelles und News (hier sind die Forenregeln) Autor: Noki Antworten: |
Siemens Amilo A - Arbeitsspeicher wird nicht erkannt Forum: Hardware-Hilfe Autor: Braveheart Antworten: |
Rocket arena Forum: Spiele-Probleme Autor: -=][Trickster][=- Antworten: |
Probleme beim Arbeitsspeicher aufrüsten Forum: Hardware-Hilfe Autor: ronny1012 Antworten: |
Zurück zu Online- und PC-Sicherheit
Wer ist online?
Mitglieder in diesem Forum: 0 Mitglieder und 0 Gäste