Probleme mit IE |
||
|---|---|---|
| #0
| ||
|
21.12.2006, 19:57
Member
Beiträge: 22 |
||
 
|
|
|
|
22.12.2006, 01:24
Ehrenmitglied
 Beiträge: 29434 |
#2
1.
wende cleanUp an http://virus-protect.org/cleanup.html 2. Avenger http://virus-protect.org/artikel/tools/avenger.html kopiere rein Zitat Registry values to delete:Klicke die grüne Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten »» poste hier das log vom Avenger, was nach neustart erscheint »» poste noch mal die 6 logs von datfindbat ___________________ öffne das HijackThis -- Button "scan" -- vor diese Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten Zitat F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,rundll32.exe C:\WINDOWS\System32\winsys16_061221.dll startPC neustarten «« ServiceFilter.zip http://virus-protect.org/artikel/tools/ServiceFilter.zip - entzippen - doppelklick auf die datei ServiceFilter.vbs - versions-nummer bestätigen - scannen - öffnen von wordpad oder editor erlauben - POST_THIS.TXT abkopieren _______________ ist fuer mich 病毒名称: Backdoor.Win32.Hupigon.bnn 病毒类型: 后门 文件 MD5: E09020BAD97AE4DA85226713A28FEB74 公开范围: 完全公开 危害等级: 中 文件长度: 665,600 字节 感染系统: Windows98以上版本 开发工具: Borland Delphi 6.0 - 7.0 加壳类型: 无 命名对照: Symentec[Backdoor.Graybird] ---------------------------------------------------------- %WINDIR%\g_server1.23.exe 原病毒文件 %WINDIR%\Delete.bat 批处理文件 2、修改注册表,添加启动项,以达到随机启动的目的: HKEY_LOCAL_MACHINE\SoftWare\Microsoft\Windows \CurrentVersion\Run 键值:字串:"病毒名"="病毒所在路径\病毒名" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root 键值: 字串: "LEGACY_SYSTEM_EVENT_COM+"="LegacyDriver" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root \LEGACY_SYSTEM_EVENT_COM+\0000\Control\ 键值: 字串: "ActiveService "="System Event COM+" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ 键值: 字串: " System Event COM+"="提供终结点映射程序以及其它 RPC 服务。" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\System Event COM+ 键值: 字串: "Enum "="Root\LEGACY_SYSTEM_EVENT_COM+\0000" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\System Event COM+\ 键值: 字串: "ImagePath "="C:\WINDOWS\G_Server1.23.exe" HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\System Event COM+\ 键值: 字串: "ObjectName "="LocalSystem" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\ 键值: 字串: "LEGACY_SYSTEM_EVENT_COM+"="LegacyDriver" __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
22.12.2006, 15:07
Member
Themenstarter Beiträge: 22 |
#3
CleanUp! angewendet + neugestartet
_______________________________________________________________ Avenger angewendet + neugestartet; kein log beim startup erschienen aber ich habe ein log von avenger auf C:\ gefunden: Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\futiywgu ******************* Fatal error: integrity of Services key failed verification check! Security may be fatally compromised. Exiting immediately. Could not open script file! Status: 0xc0000034 Abort! ____________________________________________________________ Die 6 logs von datfind: Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 08BF-B934 Verzeichnis von C:\WINDOWS\system32 22.12.2006 14:40 41.984 ksdihg.dll 22.12.2006 14:40 37.725 ksdihg.exe 22.12.2006 14:40 37.725 QQhx.dat 22.12.2006 14:36 184 myconfig.ini 22.12.2006 14:33 3.704 almms.dat 22.12.2006 14:30 3.880 norton.sys 22.12.2006 14:23 9.350 RIqMw.exe 22.12.2006 14:23 11.264 vUBDdl.exe 22.12.2006 14:23 23.224 nsvc32.exe 22.12.2006 14:09 9.350 KZTei.exe 22.12.2006 14:09 11.264 TqrVqB.exe 22.12.2006 14:01 21.484 wincab.sys 22.12.2006 13:59 41.472 windhcp.ocx 22.12.2006 13:57 11.264 jGwudB.exe 22.12.2006 13:57 9.350 oNckZ.exe 22.12.2006 13:50 30 d3d3caps.SRG 21.12.2006 23:03 98 d3d1caps.SRG 21.12.2006 22:24 46.080 xpdhcp.dll 21.12.2006 22:23 11.264 xYUgau.exe 21.12.2006 22:14 11.264 QhptYx.exe 21.12.2006 22:09 9.738 dllhost32.dll 21.12.2006 21:42 1.978 webhit.ini.tmp 21.12.2006 21:42 155 webhit.ini 21.12.2006 21:41 203.776 qsjtddfjcnbaj.dll 21.12.2006 21:40 203.776 ldludivbofpoe.dll 21.12.2006 21:40 203.776 qctvbouriuogg.dll 21.12.2006 21:35 11.264 EgcKkg.exe 21.12.2006 21:31 31.306 devgt.exe 21.12.2006 21:27 11.264 hQxrjg.exe 21.12.2006 19:47 45.568 svch0st.exe 21.12.2006 19:44 41.472 windds32.dll 21.12.2006 19:44 28.476 rx.dll 21.12.2006 19:43 203.776 ruqesgeztghyu.dll 21.12.2006 19:43 203.776 tytwmoyrdzucl.dll 21.12.2006 19:40 203.776 zagdrbmmxizls.dll 21.12.2006 19:39 203.776 jpbtgmruuzobw.dll 21.12.2006 19:39 203.776 nwcxkjcrwewgh.dll 21.12.2006 19:39 203.776 umjtxhmdlmrjl.dll 21.12.2006 19:37 203.776 zkjlklbhgswcb.dll 21.12.2006 19:24 203.776 ghkorhruizrvl.dll 21.12.2006 18:56 203.776 qyxdiatvoacup.dll 21.12.2006 18:51 203.776 wlkrgsqdoydyf.dll 21.12.2006 18:50 37.888 scvhsot.exe 21.12.2006 18:31 203.776 hgcgpyytzouyv.dll 21.12.2006 18:28 203.776 unehdalvccmfi.dll 21.12.2006 18:09 203.776 fmaqypjbeqhtp.dll 21.12.2006 17:51 203.776 ssbmvajmtvmgk.dll 21.12.2006 17:49 203.776 azysosblrufdt.dll 21.12.2006 17:49 203.776 dzispyxiodbmi.dll 21.12.2006 17:22 203.776 dudctxukpsymw.dll 21.12.2006 17:22 203.776 zqijbtsuplvom.dll 21.12.2006 17:04 203.776 rlgdwqnbohkgh.dll 21.12.2006 17:04 203.776 wkpcjnnymwmqn.dll 21.12.2006 17:04 203.776 rqqyajamqfdbe.dll 21.12.2006 16:59 203.776 tpezydravqwaq.dll 21.12.2006 14:51 203.776 cxpfmcjvexqoy.dll 21.12.2006 14:50 203.776 mvofmvdnihrlf.dll 20.12.2006 22:42 203.776 djyqfqyqirltg.dll 20.12.2006 22:39 203.776 dxnahgnztnwep.dll 20.12.2006 18:50 1.464 00001085.DAT 20.12.2006 18:46 203.776 nhyehogqkdbqt.dll 20.12.2006 18:41 32 mprmsgse.axz 20.12.2006 18:38 27.136 winsys16_061220.dll 20.12.2006 18:38 27.136 scrsys16_061220.scr 20.12.2006 18:38 85.960 AlxRes061220.exe 20.12.2006 18:38 85.960 scrsys061220.scr 20.12.2006 18:35 203.776 knxngdwfejlwd.dll 20.12.2006 18:30 27.136 winsys16_061221.dll 20.12.2006 18:30 27.136 scrsys16_061221.scr 20.12.2006 18:30 162.816 winsys32_061221.dll 20.12.2006 18:30 86.164 scrsys061221.scr 20.12.2006 18:30 86.164 AlxRes061221.exe 20.12.2006 18:27 162.304 winsys32_061220.dll 11.12.2006 23:53 224.816 FNTCACHE.DAT 05.12.2006 09:42 2.206 wpa.dbl 02.12.2006 03:39 77.824 mallgoo2.dll 04.11.2006 11:11 8.891 jupdate-1.5.0_09-b03.log 29.10.2006 09:12 311.740 perfh009.dat 29.10.2006 09:12 40.128 perfc009.dat 29.10.2006 09:12 316.924 perfh007.dat 29.10.2006 09:12 48.354 perfc007.dat 29.10.2006 09:12 723.744 PerfStringBackup.INI 12.10.2006 03:10 127.078 javaws.exe 12.10.2006 03:10 49.265 jpicpl32.cpl 12.10.2006 01:35 53.346 javaw.exe 12.10.2006 01:35 49.248 java.exe 04.10.2006 12:03 9.639.336 MRT.exe ------------------------------------------------------------------------- Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 08BF-B934 Verzeichnis von C:\DOKUME~1\info\LOKALE~1\Temp 22.12.2006 14:41 76 17697.txt 22.12.2006 14:41 76 17.txt 22.12.2006 14:41 76 14452.txt 22.12.2006 14:41 76 10130.txt 22.12.2006 14:41 76 2406.txt 22.12.2006 14:41 76 11643.txt 22.12.2006 14:41 76 5748.txt 22.12.2006 14:41 76 2175.txt 22.12.2006 14:41 76 32250.txt 22.12.2006 14:41 76 2977.txt 22.12.2006 14:41 76 15682.txt 22.12.2006 14:41 76 21937.txt 22.12.2006 14:41 76 21634.txt 22.12.2006 14:41 76 4211.txt 22.12.2006 14:41 76 31819.txt 22.12.2006 14:41 76 6996.txt 22.12.2006 14:41 76 809.txt 22.12.2006 14:41 76 25777.txt 22.12.2006 14:41 76 12893.txt 22.12.2006 14:41 76 29213.txt 22.12.2006 14:41 76 12015.txt 22.12.2006 14:41 76 15148.txt 22.12.2006 14:41 76 16537.txt 22.12.2006 14:41 76 21416.txt 22.12.2006 14:41 76 18992.txt 22.12.2006 14:41 76 16704.txt 22.12.2006 14:41 76 8090.txt 22.12.2006 14:41 76 3600.txt 22.12.2006 14:41 76 21362.txt 22.12.2006 14:41 76 1168.txt 22.12.2006 14:41 76 8932.txt 22.12.2006 14:41 76 21198.txt 22.12.2006 14:41 76 24690.txt 22.12.2006 14:41 76 27138.txt 22.12.2006 14:41 76 13969.txt 22.12.2006 14:41 76 7381.txt 22.12.2006 14:41 76 24943.txt 22.12.2006 14:41 76 4604.txt 22.12.2006 14:41 76 9017.txt 22.12.2006 14:41 76 27117.txt 22.12.2006 14:41 76 18615.txt 22.12.2006 14:41 76 17886.txt 22.12.2006 14:41 76 9249.txt 22.12.2006 14:41 76 846.txt 22.12.2006 14:41 76 626.txt 22.12.2006 14:41 76 19138.txt 22.12.2006 14:41 76 23463.txt 22.12.2006 14:41 76 20864.txt 22.12.2006 14:41 76 26797.txt 22.12.2006 14:40 76 13681.txt 22.12.2006 14:40 76 29163.txt 22.12.2006 14:40 76 30576.txt 22.12.2006 14:40 76 8104.txt 22.12.2006 14:40 76 7080.txt 22.12.2006 14:40 76 27072.txt 22.12.2006 14:40 76 12501.txt 22.12.2006 14:40 76 1635.txt 22.12.2006 14:40 76 16011.txt 22.12.2006 14:40 76 30676.txt 22.12.2006 14:40 76 12228.txt 22.12.2006 14:40 76 10085.txt 22.12.2006 14:40 76 2664.txt 22.12.2006 14:40 37.725 5701.exe 22.12.2006 14:40 76 26653.txt 22.12.2006 14:40 76 30096.txt 22.12.2006 14:40 76 21965.txt 22.12.2006 14:40 76 1967.txt 22.12.2006 14:40 76 25246.txt 22.12.2006 14:40 76 6448.txt 22.12.2006 14:40 76 30680.txt 22.12.2006 14:40 76 9109.txt 22.12.2006 14:40 76 11245.txt 22.12.2006 14:40 76 5896.txt 22.12.2006 14:40 37.754 19859.exe 22.12.2006 14:40 76 23150.txt 22.12.2006 14:40 76 31265.txt 22.12.2006 14:40 45.056 mhs2.dll 22.12.2006 14:40 39.758 16818.exe 22.12.2006 14:40 76 23058.txt 22.12.2006 14:40 76 615.txt 22.12.2006 14:40 76 16391.txt 22.12.2006 14:40 76 11434.txt 22.12.2006 14:40 76 28347.txt 22.12.2006 14:40 76 4819.txt 22.12.2006 14:40 76 6509.txt 22.12.2006 14:40 76 12428.txt 22.12.2006 14:40 76 26087.txt 22.12.2006 14:40 76 13808.txt 22.12.2006 14:40 76 20429.txt 22.12.2006 14:40 76 17297.txt 22.12.2006 14:40 76 4265.txt 22.12.2006 14:40 76 19916.txt 22.12.2006 14:40 76 27537.txt 22.12.2006 14:40 76 18216.txt 22.12.2006 14:40 76 26237.txt 22.12.2006 14:40 76 24075.txt 22.12.2006 14:40 76 18447.txt 22.12.2006 14:40 76 12969.txt 22.12.2006 14:40 76 10087.txt 22.12.2006 14:40 76 14397.txt 22.12.2006 14:40 76 21567.txt 22.12.2006 14:40 76 3965.txt 22.12.2006 14:40 76 29333.txt 22.12.2006 14:40 76 1678.txt 22.12.2006 14:40 76 12427.txt 22.12.2006 14:39 76 26341.txt 22.12.2006 14:39 76 32320.txt 22.12.2006 14:39 76 25552.txt 22.12.2006 14:39 76 30418.txt 22.12.2006 14:39 76 25766.txt 22.12.2006 14:39 76 1740.txt 22.12.2006 14:39 76 7112.txt 22.12.2006 14:39 76 8101.txt 22.12.2006 14:39 76 28663.txt 22.12.2006 14:39 76 16674.txt 22.12.2006 14:39 76 16311.txt 22.12.2006 14:39 76 8380.txt 22.12.2006 14:39 76 1706.txt 22.12.2006 14:39 76 3148.txt 22.12.2006 14:39 76 31531.txt 22.12.2006 14:39 76 8376.txt 22.12.2006 14:39 76 26264.txt 22.12.2006 14:39 76 24145.txt 22.12.2006 14:39 76 21766.txt 22.12.2006 14:39 76 23582.txt 22.12.2006 14:39 76 20817.txt 22.12.2006 14:39 76 10322.txt 22.12.2006 14:39 76 18638.txt 22.12.2006 14:39 76 6034.txt 22.12.2006 14:39 76 30211.txt 22.12.2006 14:39 76 11748.txt 22.12.2006 14:39 76 25653.txt 22.12.2006 14:39 76 15186.txt 22.12.2006 14:39 76 19881.txt 22.12.2006 14:39 76 2990.txt 22.12.2006 14:39 76 21738.txt 22.12.2006 14:39 76 29685.txt 22.12.2006 14:39 76 30071.txt 22.12.2006 14:39 76 26948.txt 22.12.2006 14:39 76 4769.txt 22.12.2006 14:39 76 29795.txt 22.12.2006 14:39 76 21380.txt 22.12.2006 14:39 76 4677.txt 22.12.2006 14:39 76 4447.txt 22.12.2006 14:39 76 13590.txt 22.12.2006 14:39 76 4535.txt 22.12.2006 14:39 76 29362.txt 22.12.2006 14:39 76 10249.txt 22.12.2006 14:39 76 19602.txt 22.12.2006 14:39 76 15094.txt 22.12.2006 14:39 76 12944.txt 22.12.2006 14:39 76 5934.txt 22.12.2006 14:39 76 15648.txt 22.12.2006 14:39 76 1676.txt 22.12.2006 14:39 76 27840.txt 22.12.2006 14:39 76 23571.txt 22.12.2006 14:39 76 21457.txt 22.12.2006 14:39 76 7641.txt 22.12.2006 14:39 76 15645.txt 22.12.2006 14:38 76 15359.txt 22.12.2006 14:38 76 29872.txt 22.12.2006 14:38 76 26687.txt 22.12.2006 14:38 76 8661.txt 22.12.2006 14:38 76 13254.txt 22.12.2006 14:38 76 28744.txt 22.12.2006 14:38 76 10571.txt 22.12.2006 14:38 76 27659.txt 22.12.2006 14:38 76 14234.txt 22.12.2006 14:38 76 15961.txt 22.12.2006 14:38 76 32033.txt 22.12.2006 14:38 76 15276.txt 22.12.2006 14:38 76 28432.txt 22.12.2006 14:38 76 14805.txt 22.12.2006 14:38 76 32556.txt 22.12.2006 14:38 76 17040.txt 22.12.2006 14:38 76 22896.txt 22.12.2006 14:38 76 14879.txt 22.12.2006 14:38 76 9989.txt 22.12.2006 14:38 76 19155.txt 22.12.2006 14:38 76 1600.txt 22.12.2006 14:38 76 9606.txt 22.12.2006 14:38 76 10146.txt 22.12.2006 14:38 76 15476.txt 22.12.2006 14:38 76 19985.txt 22.12.2006 14:38 76 22782.txt 22.12.2006 14:38 76 23746.txt 22.12.2006 14:38 76 7726.txt 22.12.2006 14:38 76 14219.txt 22.12.2006 14:38 76 287.txt 22.12.2006 14:38 76 4759.txt 22.12.2006 14:38 76 19861.txt 22.12.2006 14:38 76 29878.txt 22.12.2006 14:38 76 16482.txt 22.12.2006 14:38 76 13236.txt 22.12.2006 14:38 76 27251.txt 22.12.2006 14:38 76 9353.txt 22.12.2006 14:38 76 16025.txt 22.12.2006 14:38 76 10552.txt 22.12.2006 14:38 76 12643.txt 22.12.2006 14:38 76 17591.txt 22.12.2006 14:38 76 32174.txt 22.12.2006 14:38 76 31034.txt 22.12.2006 14:38 76 16814.txt 22.12.2006 14:38 76 32695.txt 22.12.2006 14:38 76 3998.txt 22.12.2006 14:38 76 28534.txt 22.12.2006 14:38 76 2660.txt 22.12.2006 14:37 76 17171.txt 22.12.2006 14:37 76 2487.txt 22.12.2006 14:37 76 23608.txt 22.12.2006 14:37 76 23228.txt 22.12.2006 14:37 76 18932.txt 22.12.2006 14:37 76 20752.txt 22.12.2006 14:37 76 13703.txt 22.12.2006 14:37 76 20911.txt 22.12.2006 14:37 76 2029.txt 22.12.2006 14:37 76 7240.txt 22.12.2006 14:37 76 9876.txt 22.12.2006 14:37 76 10450.txt 22.12.2006 14:37 76 8198.txt 22.12.2006 14:37 76 18050.txt 22.12.2006 14:37 76 22884.txt 22.12.2006 14:37 76 5747.txt 22.12.2006 14:37 76 21515.txt 22.12.2006 14:37 76 20383.txt 22.12.2006 14:37 76 1723.txt 22.12.2006 14:37 76 17142.txt 22.12.2006 14:37 76 6164.txt 22.12.2006 14:37 76 9659.txt 22.12.2006 14:37 76 6219.txt 22.12.2006 14:37 76 3440.txt 22.12.2006 14:37 76 13911.txt 22.12.2006 14:37 76 5100.txt 22.12.2006 14:37 76 26907.txt 22.12.2006 14:37 76 7042.txt 22.12.2006 14:37 76 12076.txt 22.12.2006 14:37 76 29240.txt 22.12.2006 14:37 76 28732.txt 22.12.2006 14:37 76 28794.txt 22.12.2006 14:37 76 16736.txt 22.12.2006 14:37 76 29399.txt 22.12.2006 14:37 76 25001.txt 22.12.2006 14:37 76 1959.txt 22.12.2006 14:37 76 18109.txt 22.12.2006 14:37 76 10409.txt 22.12.2006 14:37 76 4477.txt 22.12.2006 14:37 76 11771.txt 22.12.2006 14:37 76 20696.txt 22.12.2006 14:37 76 8952.txt 22.12.2006 14:37 76 9562.txt 22.12.2006 14:37 76 5861.txt 22.12.2006 14:37 76 12828.txt 22.12.2006 14:37 76 14961.txt 22.12.2006 14:37 76 24600.txt 22.12.2006 14:37 76 26735.txt 22.12.2006 14:37 76 24342.txt 22.12.2006 14:37 76 27487.txt 22.12.2006 14:37 76 5036.txt 22.12.2006 14:37 76 14998.txt 22.12.2006 14:36 76 21505.txt 22.12.2006 14:36 76 22824.txt 22.12.2006 14:36 76 1369.txt 22.12.2006 14:36 76 17896.txt 22.12.2006 14:36 76 27283.txt 22.12.2006 14:36 76 22284.txt 22.12.2006 14:36 76 20508.txt 22.12.2006 14:36 76 15714.txt 22.12.2006 14:36 76 19465.txt 22.12.2006 14:36 76 4635.txt 22.12.2006 14:36 76 4435.txt 22.12.2006 14:36 76 3978.txt 22.12.2006 14:36 76 27503.txt 22.12.2006 14:36 76 14454.txt 22.12.2006 14:36 76 27567.txt 22.12.2006 14:36 76 2762.txt 22.12.2006 14:36 76 13363.txt 22.12.2006 14:36 76 14792.txt 22.12.2006 14:36 76 11355.txt 22.12.2006 14:36 76 8462.txt 22.12.2006 14:36 76 22764.txt 22.12.2006 14:36 76 32006.txt 22.12.2006 14:36 76 7788.txt 22.12.2006 14:36 76 18079.txt 22.12.2006 14:36 76 28261.txt 22.12.2006 14:36 76 22666.txt 22.12.2006 14:36 76 10305.txt 22.12.2006 14:36 76 16111.txt 22.12.2006 14:36 76 20634.txt 22.12.2006 14:36 76 4318.txt 22.12.2006 14:36 76 13450.txt 22.12.2006 14:36 76 487.txt 22.12.2006 14:36 76 16472.txt 22.12.2006 14:36 76 17213.txt 22.12.2006 14:36 76 13444.txt 22.12.2006 14:36 76 25476.txt 22.12.2006 14:36 76 4357.txt 22.12.2006 14:36 76 13716.txt 22.12.2006 14:36 76 28549.txt 22.12.2006 14:36 76 2276.txt 22.12.2006 14:36 76 21437.txt 22.12.2006 14:36 76 9878.txt 22.12.2006 14:36 76 5708.txt 22.12.2006 14:36 76 31832.txt 22.12.2006 14:36 76 4492.txt 22.12.2006 14:36 76 12963.txt 22.12.2006 14:36 76 29022.txt 22.12.2006 14:36 76 11758.txt 22.12.2006 14:36 76 17894.txt 22.12.2006 14:36 76 15098.txt 22.12.2006 14:36 76 3745.txt 22.12.2006 14:36 76 29759.txt 22.12.2006 14:36 76 11880.txt 22.12.2006 14:36 76 23329.txt 22.12.2006 14:36 76 27192.txt 22.12.2006 14:36 76 14713.txt 22.12.2006 14:35 76 3028.txt 22.12.2006 14:35 76 14482.txt 22.12.2006 14:35 76 20129.txt 22.12.2006 14:35 76 16558.txt 22.12.2006 14:35 76 12361.txt 22.12.2006 14:35 76 14505.txt 22.12.2006 14:35 76 26635.txt 22.12.2006 14:35 76 12125.txt 22.12.2006 14:35 76 30401.txt 22.12.2006 14:35 76 26829.txt 22.12.2006 14:35 76 18172.txt 22.12.2006 14:35 76 18240.txt 22.12.2006 14:35 76 32719.txt 22.12.2006 14:35 76 9436.txt 22.12.2006 14:35 76 20002.txt 22.12.2006 14:35 76 31831.txt 22.12.2006 14:35 76 20376.txt 22.12.2006 14:35 76 18394.txt 22.12.2006 14:35 76 18295.txt 22.12.2006 14:35 76 21300.txt 22.12.2006 14:35 76 10513.txt 22.12.2006 14:35 76 29404.txt 22.12.2006 14:35 76 7322.txt 22.12.2006 14:35 76 13191.txt 22.12.2006 14:35 76 17017.txt 22.12.2006 14:35 76 13873.txt 22.12.2006 14:35 76 28268.txt 22.12.2006 14:35 76 6891.txt 22.12.2006 14:35 76 12056.txt 22.12.2006 14:35 76 10449.txt 22.12.2006 14:35 76 2024.txt 22.12.2006 14:35 76 23537.txt 22.12.2006 14:35 76 6712.txt 22.12.2006 14:35 76 14857.txt 22.12.2006 14:35 76 26694.txt 22.12.2006 14:35 76 21868.txt 22.12.2006 14:35 76 12131.txt 22.12.2006 14:35 76 18790.txt 22.12.2006 14:35 76 24658.txt 22.12.2006 14:35 76 19965.txt 22.12.2006 14:35 76 19421.txt 22.12.2006 14:35 76 20705.txt 22.12.2006 14:35 76 32519.txt 22.12.2006 14:35 76 24545.txt 22.12.2006 14:35 76 21859.txt 22.12.2006 14:35 76 11595.txt 22.12.2006 14:35 76 18802.txt 22.12.2006 14:35 76 8441.txt 22.12.2006 14:35 76 21028.txt 22.12.2006 14:35 76 20730.txt 22.12.2006 14:35 76 31172.txt 22.12.2006 14:35 76 29465.txt 22.12.2006 14:35 76 7678.txt 22.12.2006 14:34 76 27827.txt 22.12.2006 14:34 76 16824.txt 22.12.2006 14:34 76 10388.txt 22.12.2006 14:34 76 22779.txt 22.12.2006 14:34 76 23257.txt 22.12.2006 14:34 76 19494.txt 22.12.2006 14:34 76 26886.txt 22.12.2006 14:34 76 27406.txt 22.12.2006 14:34 76 22741.txt 22.12.2006 14:34 76 31206.txt 22.12.2006 14:34 76 611.txt 22.12.2006 14:34 76 14601.txt 22.12.2006 14:34 76 23239.txt 22.12.2006 14:34 76 5609.txt 22.12.2006 14:34 76 4671.txt 22.12.2006 14:34 76 26336.txt 22.12.2006 14:34 76 1389.txt 22.12.2006 14:34 76 31892.txt 22.12.2006 14:34 76 13150.txt 22.12.2006 14:34 76 17187.txt 22.12.2006 14:34 76 6738.txt 22.12.2006 14:34 76 29279.txt 22.12.2006 14:34 76 7038.txt 22.12.2006 14:34 76 14264.txt 22.12.2006 14:34 76 25146.txt 22.12.2006 14:34 76 9645.txt 22.12.2006 14:34 76 21858.txt 22.12.2006 14:34 76 23511.txt 22.12.2006 14:34 76 25036.txt 22.12.2006 14:34 76 6124.txt 22.12.2006 14:34 76 801.txt 22.12.2006 14:34 76 842.txt 22.12.2006 14:34 76 25728.txt 22.12.2006 14:34 76 27118.txt 22.12.2006 14:34 76 21678.txt 22.12.2006 14:34 76 26340.txt 22.12.2006 14:34 76 10697.txt 22.12.2006 14:34 76 18313.txt 22.12.2006 14:34 76 7850.txt 22.12.2006 14:34 76 16960.txt 22.12.2006 14:34 76 16517.txt 22.12.2006 14:34 76 15720.txt 22.12.2006 14:34 76 701.txt 22.12.2006 14:34 76 23715.txt 22.12.2006 14:34 76 3138.txt 22.12.2006 14:34 76 12353.txt 22.12.2006 14:34 76 25529.txt 22.12.2006 14:34 76 13077.txt 22.12.2006 14:34 76 28684.txt 22.12.2006 14:34 76 6424.txt 22.12.2006 14:34 76 5132.txt 22.12.2006 14:34 76 10232.txt 22.12.2006 14:34 76 19130.txt 22.12.2006 14:34 76 3118.txt 22.12.2006 14:33 76 16582.txt 22.12.2006 14:33 76 23297.txt 22.12.2006 14:33 76 31498.txt 22.12.2006 14:33 76 23594.txt 22.12.2006 14:33 76 8491.txt 22.12.2006 14:33 76 24104.txt 22.12.2006 14:33 76 8357.txt 22.12.2006 14:33 76 20066.txt 22.12.2006 14:33 76 24557.txt 22.12.2006 14:33 76 8858.txt 22.12.2006 14:33 76 29301.txt 22.12.2006 14:33 76 25454.txt 22.12.2006 14:33 76 32170.txt 22.12.2006 14:33 76 26586.txt 22.12.2006 14:33 76 5195.txt 22.12.2006 14:33 76 8174.txt 22.12.2006 14:33 76 2216.txt 22.12.2006 14:33 76 14648.txt 22.12.2006 14:33 76 26544.txt 22.12.2006 14:33 76 409.txt 22.12.2006 14:33 76 17870.txt 22.12.2006 14:33 76 17782.txt 22.12.2006 14:33 76 5129.txt 22.12.2006 14:33 76 3208.txt 22.12.2006 14:33 76 9957.txt 22.12.2006 14:33 76 7351.txt 22.12.2006 14:33 76 16881.txt 22.12.2006 14:33 76 7363.txt 22.12.2006 14:33 76 10767.txt 22.12.2006 14:33 76 8362.txt 22.12.2006 14:33 76 17873.txt 22.12.2006 14:33 76 32390.txt 22.12.2006 14:33 76 13046.txt 22.12.2006 14:33 76 13763.txt 22.12.2006 14:33 76 23529.txt 22.12.2006 14:33 76 2711.txt 22.12.2006 14:33 76 28136.txt 22.12.2006 14:33 76 9895.txt 22.12.2006 14:33 76 17398.txt 22.12.2006 14:33 76 12000.txt 22.12.2006 14:33 76 29529.txt 22.12.2006 14:33 76 3205.txt 22.12.2006 14:33 76 25706.txt 22.12.2006 14:33 76 25287.txt 22.12.2006 14:33 76 7652.txt 22.12.2006 14:33 76 31269.txt 22.12.2006 14:33 76 29930.txt 22.12.2006 14:33 76 1597.txt 22.12.2006 14:33 76 8263.txt 22.12.2006 14:33 76 15339.txt 22.12.2006 14:33 76 10124.txt 22.12.2006 14:33 76 1204.txt 22.12.2006 14:33 76 24344.txt 22.12.2006 14:32 76 2550.txt 22.12.2006 14:32 76 10286.txt 22.12.2006 14:32 76 9564.txt 22.12.2006 14:32 76 4267.txt 22.12.2006 14:32 76 19834.txt 22.12.2006 14:32 76 16375.txt 22.12.2006 14:32 76 9380.txt 22.12.2006 14:32 76 28481.txt 22.12.2006 14:32 76 13660.txt 22.12.2006 14:32 76 2348.txt 22.12.2006 14:32 76 29422.txt 22.12.2006 14:32 76 2420.txt 22.12.2006 14:32 76 5646.txt 22.12.2006 14:32 76 24375.txt 22.12.2006 14:32 76 13460.txt 22.12.2006 14:32 76 31969.txt 22.12.2006 14:32 76 20652.txt 22.12.2006 14:32 76 30451.txt 22.12.2006 14:32 76 24346.txt 22.12.2006 14:32 76 10006.txt 22.12.2006 14:32 76 15702.txt 22.12.2006 14:32 76 19260.txt 22.12.2006 14:32 76 4019.txt 22.12.2006 14:32 76 6334.txt 22.12.2006 14:32 76 21711.txt 22.12.2006 14:32 76 18870.txt 22.12.2006 14:32 76 30456.txt 22.12.2006 14:32 76 22281.txt 22.12.2006 14:32 76 5461.txt 22.12.2006 14:32 76 27611.txt 22.12.2006 14:32 76 30181.txt 22.12.2006 14:32 76 14176.txt 22.12.2006 14:32 76 24257.txt 22.12.2006 14:32 76 10313.txt 22.12.2006 14:32 76 18455.txt 22.12.2006 14:32 76 24904.txt 22.12.2006 14:32 76 16864.txt 22.12.2006 14:32 76 26700.txt 22.12.2006 14:32 76 22339.txt 22.12.2006 14:32 76 17044.txt 22.12.2006 14:32 76 32531.txt 22.12.2006 14:32 76 28073.txt 22.12.2006 14:32 76 5113.txt 22.12.2006 14:32 76 465.txt 22.12.2006 14:32 76 12324.txt 22.12.2006 14:32 76 21676.txt 22.12.2006 14:32 76 28568.txt 22.12.2006 14:32 76 15085.txt 22.12.2006 14:32 76 22890.txt 22.12.2006 14:32 76 7795.txt 22.12.2006 14:32 76 21395.txt 22.12.2006 14:32 76 4649.txt 22.12.2006 14:32 76 24096.txt 22.12.2006 14:32 76 28539.txt 22.12.2006 14:31 76 12772.txt 22.12.2006 14:31 76 26944.txt 22.12.2006 14:31 76 5120.txt 22.12.2006 14:31 76 28266.txt 22.12.2006 14:31 76 2768.txt 22.12.2006 14:31 76 17111.txt 22.12.2006 14:31 76 29221.txt 22.12.2006 14:31 76 28445.txt 22.12.2006 14:31 76 987.txt 22.12.2006 14:31 76 8230.txt 22.12.2006 14:31 76 5921.txt 22.12.2006 14:31 76 22003.txt 22.12.2006 14:31 76 27661.txt 22.12.2006 14:31 76 25830.txt 22.12.2006 14:31 76 8795.txt 22.12.2006 14:31 76 24410.txt 22.12.2006 14:31 76 18789.txt 22.12.2006 14:31 76 3452.txt 22.12.2006 14:31 76 7341.txt 22.12.2006 14:31 76 19356.txt 22.12.2006 14:31 76 17254.txt 22.12.2006 14:31 76 27709.txt 22.12.2006 14:31 76 3808.txt 22.12.2006 14:31 76 16413.txt 22.12.2006 14:31 76 7140.txt 22.12.2006 14:31 76 3995.txt 22.12.2006 14:31 76 5517.txt 22.12.2006 14:31 76 25412.txt 22.12.2006 14:31 76 3305.txt 22.12.2006 14:31 76 7194.txt 22.12.2006 14:31 76 3262.txt 22.12.2006 14:31 76 10964.txt 22.12.2006 14:31 76 25667.txt 22.12.2006 14:31 76 15218.txt 22.12.2006 14:31 76 22302.txt 22.12.2006 14:31 76 26045.txt 22.12.2006 14:31 76 19720.txt 22.12.2006 14:31 346 jusched.log 22.12.2006 14:31 76 9364.txt 22.12.2006 14:31 76 13801.txt 22.12.2006 14:31 76 19726.txt 22.12.2006 14:31 76 12099.txt 22.12.2006 14:31 76 19407.txt 22.12.2006 14:31 76 7747.txt 22.12.2006 14:31 76 25142.txt 22.12.2006 14:31 76 30174.txt 22.12.2006 14:31 76 17955.txt 22.12.2006 14:31 76 21178.txt 22.12.2006 14:31 76 13953.txt 22.12.2006 14:31 76 1745.txt 22.12.2006 14:30 76 11543.txt 22.12.2006 14:30 76 30673.txt 22.12.2006 14:30 76 31114.txt 22.12.2006 14:30 76 1681.txt 22.12.2006 14:30 45.896 9782.exe 22.12.2006 14:30 76 17515.txt 22.12.2006 14:30 76 24219.txt 22.12.2006 14:30 76 22430.txt 22.12.2006 14:30 76 22005.txt 22.12.2006 14:30 76 23385.txt 22.12.2006 14:30 76 22819.txt 22.12.2006 14:30 76 29615.txt 22.12.2006 14:30 76 30845.txt 22.12.2006 14:30 76 17055.txt 22.12.2006 14:30 76 4091.txt 22.12.2006 14:30 76 8863.txt 22.12.2006 14:30 76 25307.txt 22.12.2006 14:30 76 7146.txt 22.12.2006 14:30 76 8119.txt 22.12.2006 14:30 76 25333.txt 22.12.2006 14:30 76 21211.txt 22.12.2006 14:30 76 10457.txt 22.12.2006 14:30 76 9204.txt 22.12.2006 14:30 76 16015.txt 22.12.2006 14:30 76 10627.txt 22.12.2006 14:30 76 4689.txt 22.12.2006 14:30 76 28555.txt 22.12.2006 14:30 76 29320.txt 22.12.2006 14:30 76 22640.txt 22.12.2006 14:30 76 21506.txt 22.12.2006 14:30 76 10602.txt 22.12.2006 14:30 76 7790.txt 22.12.2006 14:30 76 14392.txt 22.12.2006 14:30 76 27279.txt 22.12.2006 14:30 76 21398.txt 22.12.2006 14:30 76 3928.txt 22.12.2006 14:30 76 4070.txt 22.12.2006 14:30 76 14217.txt 22.12.2006 14:30 76 27122.txt 22.12.2006 14:30 76 9009.txt 22.12.2006 14:30 76 4846.txt 22.12.2006 14:29 76 29739.txt 22.12.2006 14:29 76 9939.txt 22.12.2006 14:29 76 18561.txt 22.12.2006 14:29 76 5301.txt 22.12.2006 14:29 76 10959.txt 22.12.2006 14:29 76 299.txt 22.12.2006 14:29 76 13812.txt 22.12.2006 14:29 76 30950.txt 22.12.2006 14:29 76 30198.txt 22.12.2006 14:29 76 30512.txt 22.12.2006 14:29 76 5252.txt 22.12.2006 14:29 76 3847.txt 22.12.2006 14:29 76 27617.txt 22.12.2006 14:29 76 28917.txt 22.12.2006 14:29 76 26421.txt 22.12.2006 14:29 76 19715.txt 22.12.2006 14:29 76 15675.txt 22.12.2006 14:29 76 22649.txt 22.12.2006 14:29 76 22731.txt 22.12.2006 14:29 76 29576.txt 22.12.2006 14:29 76 13343.txt 22.12.2006 14:29 76 23044.txt 22.12.2006 14:29 76 26389.txt 22.12.2006 14:29 76 27087.txt 22.12.2006 14:29 76 1249.txt 22.12.2006 14:29 76 27337.txt 22.12.2006 14:29 76 28647.txt 22.12.2006 14:29 76 4792.txt 22.12.2006 14:29 76 518.txt 22.12.2006 14:29 76 870.txt 22.12.2006 14:29 76 26449.txt 22.12.2006 14:29 76 2732.txt 22.12.2006 14:29 76 13662.txt 22.12.2006 14:29 76 27288.txt 22.12.2006 14:29 76 30922.txt 22.12.2006 14:29 76 8384.txt 22.12.2006 14:29 76 29813.txt 22.12.2006 14:29 76 20010.txt 22.12.2006 14:29 76 21684.txt 22.12.2006 14:29 76 31586.txt 22.12.2006 14:29 76 24523.txt 22.12.2006 14:29 76 10626.txt 22.12.2006 14:29 76 18622.txt 22.12.2006 14:29 76 6418.txt 22.12.2006 14:28 76 30428.txt 22.12.2006 14:28 76 30215.txt 22.12.2006 14:28 76 10134.txt 22.12.2006 14:28 76 15440.txt 22.12.2006 14:28 76 6519.txt 22.12.2006 14:28 76 15022.txt 22.12.2006 14:28 76 15971.txt 22.12.2006 14:28 76 10698.txt 22.12.2006 14:28 76 6238.txt 22.12.2006 14:28 76 27591.txt 22.12.2006 14:28 76 12167.txt 22.12.2006 14:28 76 17604.txt 22.12.2006 14:28 76 20765.txt 22.12.2006 14:28 76 18184.txt 22.12.2006 14:28 76 20117.txt 22.12.2006 14:28 76 21961.txt 22.12.2006 14:28 76 4398.txt 22.12.2006 14:28 76 6104.txt 22.12.2006 14:28 76 22927.txt 22.12.2006 14:28 76 1938.txt 22.12.2006 14:28 76 15436.txt 22.12.2006 14:28 76 4064.txt 22.12.2006 14:28 76 11107.txt 22.12.2006 14:28 76 26166.txt 22.12.2006 14:28 76 29205.txt 22.12.2006 14:28 76 8142.txt 22.12.2006 14:28 76 17319.txt 22.12.2006 14:28 76 27794.txt 22.12.2006 14:28 76 12006.txt 22.12.2006 14:28 76 31851.txt 22.12.2006 14:28 76 16274.txt 22.12.2006 14:28 76 27641.txt 22.12.2006 14:28 76 9202.txt 22.12.2006 14:28 76 15327.txt 22.12.2006 14:28 76 8252.txt 22.12.2006 14:28 76 23070.txt 22.12.2006 14:28 76 17058.txt 22.12.2006 14:28 76 14145.txt 22.12.2006 14:28 76 31257.txt 22.12.2006 14:28 76 20800.txt 22.12.2006 14:28 76 14131.txt 22.12.2006 14:28 76 7268.txt 22.12.2006 14:28 76 27057.txt 22.12.2006 14:28 76 20119.txt 22.12.2006 14:28 76 20108.txt 22.12.2006 14:28 76 23519.txt 22.12.2006 14:28 76 27044.txt 22.12.2006 14:28 76 31485.txt 22.12.2006 14:28 76 863.txt 22.12.2006 14:28 76 24412.txt 22.12.2006 14:28 76 26076.txt 22.12.2006 14:28 76 2526.txt 22.12.2006 14:28 76 11906.txt 22.12.2006 14:28 76 13349.txt 22.12.2006 14:28 76 10259.txt 22.12.2006 14:27 76 31332.txt 22.12.2006 14:27 76 5774.txt 22.12.2006 14:27 76 5611.txt 22.12.2006 14:27 76 31110.txt 22.12.2006 14:27 76 18141.txt 22.12.2006 14:27 76 23223.txt 22.12.2006 14:27 76 1495.txt 22.12.2006 14:27 76 5626.txt 22.12.2006 14:27 76 20079.txt 22.12.2006 14:27 76 29933.txt 22.12.2006 14:27 76 22997.txt 22.12.2006 14:27 76 19438.txt 22.12.2006 14:27 76 1278.txt 22.12.2006 14:27 76 20274.txt 22.12.2006 14:27 76 28702.txt 22.12.2006 14:27 76 26144.txt 22.12.2006 14:27 76 10301.txt 22.12.2006 14:27 76 29445.txt 22.12.2006 14:27 76 14917.txt 22.12.2006 14:27 76 25009.txt 22.12.2006 14:27 76 17230.txt 22.12.2006 14:27 76 22790.txt 22.12.2006 14:27 76 30979.txt 22.12.2006 14:27 76 3627.txt 22.12.2006 14:27 76 8018.txt 22.12.2006 14:27 76 3339.txt 22.12.2006 14:27 76 6961.txt 22.12.2006 14:27 76 488.txt 22.12.2006 14:27 76 12602.txt 22.12.2006 14:27 76 27391.txt 22.12.2006 14:27 76 2128.txt 22.12.2006 14:27 76 18978.txt 22.12.2006 14:27 76 23958.txt 22.12.2006 14:27 76 31895.txt 22.12.2006 14:27 76 21067.txt 22.12.2006 14:27 76 2972.txt 22.12.2006 14:27 76 11640.txt 22.12.2006 14:27 76 8798.txt 22.12.2006 14:27 76 8814.txt 22.12.2006 14:27 76 28235.txt 22.12.2006 14:27 76 31366.txt 22.12.2006 14:27 76 5377.txt 22.12.2006 14:27 76 13219.txt 22.12.2006 14:27 76 12104.txt 22.12.2006 14:27 76 3679.txt 22.12.2006 14:27 76 27355.txt 22.12.2006 14:27 76 30194.txt 22.12.2006 14:27 76 9459.txt 22.12.2006 14:27 76 28978.txt 22.12.2006 14:27 76 3523.txt 22.12.2006 14:27 76 14137.txt 22.12.2006 14:27 76 16746.txt 22.12.2006 14:27 76 25499.txt 22.12.2006 14:27 76 19731.txt 22.12.2006 14:27 76 27946.txt 22.12.2006 14:26 76 24364.txt 22.12.2006 14:26 76 16319.txt 22.12.2006 14:26 76 30715.txt 22.12.2006 14:26 76 31876.txt 22.12.2006 14:26 76 25607.txt 22.12.2006 14:26 76 15786.txt 22.12.2006 14:26 76 11270.txt 22.12.2006 14:26 76 6549.txt 22.12.2006 14:26 76 1610.txt 22.12.2006 14:26 76 22246.txt 22.12.2006 14:26 76 17387.txt 22.12.2006 14:26 76 7662.txt 22.12.2006 14:26 76 16422.txt 22.12.2006 14:26 76 17759.txt 22.12.2006 14:26 76 4760.txt 22.12.2006 14:26 76 28518.txt 22.12.2006 14:26 76 15718.txt 22.12.2006 14:26 76 22901.txt 22.12.2006 14:26 76 22139.txt 22.12.2006 14:26 76 21588.txt 22.12.2006 14:26 76 20307.txt 22.12.2006 14:26 76 9056.txt 22.12.2006 14:26 76 4370.txt 22.12.2006 14:26 76 20743.txt 22.12.2006 14:26 76 13024.txt 22.12.2006 14:26 76 11211.txt 22.12.2006 14:26 76 11956.txt 22.12.2006 14:26 2.663.312 RCX1.tmp 22.12.2006 14:26 76 27271.txt 22.12.2006 14:26 76 13595.txt 22.12.2006 14:26 76 14250.txt 22.12.2006 14:26 76 10912.txt 22.12.2006 14:26 76 27282.txt 22.12.2006 14:26 76 471.txt 22.12.2006 14:26 76 21342.txt 22.12.2006 14:26 76 6981.txt 22.12.2006 14:26 76 207.txt 22.12.2006 14:26 76 8459.txt 22.12.2006 14:26 76 21202.txt 22.12.2006 14:26 40.960 rxzs.dll 22.12.2006 14:26 76 23895.txt 22.12.2006 14:26 5.120 FcfyaWAz.sys 22.12.2006 14:26 76 9093.txt 22.12.2006 14:26 93.184 wowexec.tmp 22.12.2006 14:24 3.728.372 RCX33.tmp 22.12.2006 14:24 3.827.200 hMHmSGtc 22.12.2006 14:24 76 10238.txt 22.12.2006 14:24 76 15373.txt 22.12.2006 14:24 76 10849.txt 22.12.2006 14:24 76 2822.txt 22.12.2006 14:24 76 1851.txt 22.12.2006 14:24 76 24476.txt 22.12.2006 14:24 76 1865.txt 22.12.2006 14:24 76 6655.txt 22.12.2006 14:24 104.960 svchost.exe 22.12.2006 14:24 76 10385.txt 22.12.2006 14:24 76 11357.txt 22.12.2006 14:24 76 24134.txt 22.12.2006 14:24 76 9074.txt 22.12.2006 14:24 76 8310.txt 22.12.2006 14:24 76 6946.txt 22.12.2006 14:24 76 25506.txt 22.12.2006 14:24 76 25027.txt 22.12.2006 14:24 76 11482.txt 22.12.2006 14:24 76 11756.txt 22.12.2006 14:24 76 16621.txt 22.12.2006 14:24 76 12773.txt 22.12.2006 14:24 76 30160.txt 22.12.2006 14:24 3.531.776 kWNqnTWB 22.12.2006 14:24 76 21764.txt 22.12.2006 14:23 76 841.txt 22.12.2006 14:23 76 16030.txt 22.12.2006 14:23 76 25724.txt 22.12.2006 14:23 76 30553.txt 22.12.2006 14:23 3.531.776 GpnKZTRQ 22.12.2006 14:23 76 32246.txt 22.12.2006 14:23 76 23614.txt 22.12.2006 14:23 76 23067.txt 22.12.2006 14:23 76 3359.txt 22.12.2006 14:23 76 3611.txt 22.12.2006 14:23 76 25119.txt 22.12.2006 14:23 3.531.776 XvOmurio 22.12.2006 14:23 76 25495.txt 22.12.2006 14:23 76 25829.txt 22.12.2006 14:23 76 31248.txt 22.12.2006 14:23 3.531.776 WgmPnDqt 22.12.2006 14:23 76 32379.txt 22.12.2006 14:23 76 30036.txt 22.12.2006 14:23 76 22699.txt 22.12.2006 14:23 3.531.776 mQgEnHNB 22.12.2006 14:23 76 14391.txt 22.12.2006 14:23 76 25838.txt 22.12.2006 14:23 36 NGtUvud 22.12.2006 14:23 76 22894.txt 22.12.2006 14:23 76 18083.txt 22.12.2006 14:23 76 2213.txt 22.12.2006 14:23 76 11907.txt 22.12.2006 14:23 3.531.776 XDznEEeG 22.12.2006 14:23 76 32560.txt 22.12.2006 14:23 76 5015.txt 22.12.2006 14:23 76 8933.txt 22.12.2006 14:23 76 12825.txt 22.12.2006 14:23 76 759.txt 22.12.2006 14:23 76 25339.txt 22.12.2006 14:23 3.531.776 ZjOyYwWW 22.12.2006 14:23 76 7671.txt 22.12.2006 14:23 76 18200.txt 22.12.2006 14:23 76 15684.txt 22.12.2006 14:23 76 30515.txt 22.12.2006 14:23 98.167 zleFzc.exe 22.12.2006 14:23 76 30089.txt 22.12.2006 14:23 3.531.776 tQMluLWZ 22.12.2006 14:23 76 32339.txt 22.12.2006 14:23 76 21793.txt 22.12.2006 14:23 3.531.776 FbNyfhSx 22.12.2006 14:23 76 18550.txt 22.12.2006 14:23 196 wqYjwVHM 22.12.2006 14:23 76 7486.txt 22.12.2006 14:23 76 4536.txt 22.12.2006 14:23 76 3567.txt 22.12.2006 14:23 76 11391.txt 22.12.2006 14:23 76 26452.txt 22.12.2006 14:23 76 26416.txt 22.12.2006 14:23 76 30244.txt 22.12.2006 14:23 76 13127.txt 22.12.2006 14:23 76 449.txt 22.12.2006 14:23 76 31434.txt 22.12.2006 14:23 76 2275.txt 22.12.2006 14:23 76 31891.txt 22.12.2006 14:23 76 32086.txt 22.12.2006 14:23 76 6715.txt 22.12.2006 14:23 76 20608.txt 22.12.2006 14:23 76 29121.txt 22.12.2006 14:23 76 21164.txt 22.12.2006 14:22 76 25162.txt 22.12.2006 14:22 76 9545.txt 22.12.2006 14:22 76 1672.txt 22.12.2006 14:22 76 23705.txt 22.12.2006 14:22 76 4268.txt 22.12.2006 14:22 76 30609.txt 22.12.2006 14:22 76 6897.txt 22.12.2006 14:22 76 7378.txt 22.12.2006 14:22 76 15646.txt 22.12.2006 14:22 76 8703.txt 22.12.2006 14:22 76 23188.txt 22.12.2006 14:22 76 22240.txt 22.12.2006 14:22 76 30146.txt 22.12.2006 14:22 76 28695.txt 22.12.2006 14:22 76 13589.txt 22.12.2006 14:22 76 19783.txt 22.12.2006 14:22 76 31421.txt 22.12.2006 14:22 76 17671.txt 22.12.2006 14:22 76 19424.txt 22.12.2006 14:22 76 11508.txt 22.12.2006 14:22 76 5392.txt 22.12.2006 14:22 76 3766.txt 22.12.2006 14:22 76 28962.txt 22.12.2006 14:22 76 29414.txt 22.12.2006 14:22 76 17590.txt 22.12.2006 14:22 76 28937.txt 22.12.2006 14:22 76 5130.txt 22.12.2006 14:22 76 22558.txt 22.12.2006 14:22 76 16893.txt 22.12.2006 14:22 76 21878.txt 22.12.2006 14:22 76 13888.txt 22.12.2006 14:22 76 4042.txt 22.12.2006 14:22 76 3624.txt 22.12.2006 14:22 76 19150.txt 22.12.2006 14:22 76 18085.txt 22.12.2006 14:22 76 25520.txt 22.12.2006 14:22 76 3908.txt 22.12.2006 14:22 76 24901.txt 22.12.2006 14:22 76 32075.txt 22.12.2006 14:22 76 31447.txt 22.12.2006 14:22 76 29513.txt 22.12.2006 14:22 76 28357.txt 22.12.2006 14:22 76 5302.txt 22.12.2006 14:22 76 22132.txt 22.12.2006 14:22 76 26483.txt 22.12.2006 14:22 76 31826.txt 22.12.2006 14:22 76 20785.txt 22.12.2006 14:22 76 26850.txt 22.12.2006 14:22 76 13952.txt 22.12.2006 14:22 76 24630.txt 22.12.2006 14:22 76 11351.txt 22.12.2006 14:22 76 3951.txt 22.12.2006 14:22 76 17203.txt 22.12.2006 14:21 76 8730.txt 22.12.2006 14:21 76 30657.txt 22.12.2006 14:21 76 15311.txt 22.12.2006 14:21 76 3637.txt 22.12.2006 14:21 76 8085.txt 22.12.2006 14:21 76 24481.txt 22.12.2006 14:21 76 30700.txt 22.12.2006 14:21 76 4894.txt 22.12.2006 14:21 76 24986.txt 22.12.2006 14:21 76 11445.txt 22.12.2006 14:21 76 24706.txt 22.12.2006 14:21 76 23103.txt 22.12.2006 14:21 76 4403.txt 22.12.2006 14:21 76 694.txt 22.12.2006 14:21 76 2807.txt 22.12.2006 14:21 76 26289.txt 22.12.2006 14:21 76 19838.txt 22.12.2006 14:21 76 10495.txt 22.12.2006 14:21 76 4734.txt 22.12.2006 14:21 76 27805.txt 22.12.2006 14:21 76 16103.txt 22.12.2006 14:21 76 27003.txt 22.12.2006 14:21 76 18542.txt 22.12.2006 14:21 76 31692.txt 22.12.2006 14:21 76 934.txt 22.12.2006 14:21 76 20947.txt 22.12.2006 14:21 76 17374.txt 22.12.2006 14:21 76 2672.txt 22.12.2006 14:21 76 20858.txt 22.12.2006 14:21 76 25303.txt 22.12.2006 14:21 76 19588.txt 22.12.2006 14:21 76 3123.txt 22.12.2006 14:21 76 26790.txt 22.12.2006 14:21 76 31275.txt 22.12.2006 14:21 76 23758.txt 22.12.2006 14:21 76 383.txt 22.12.2006 14:21 76 13355.txt 22.12.2006 14:21 76 565.txt 22.12.2006 14:21 76 14144.txt 22.12.2006 14:21 76 11022.txt 22.12.2006 14:21 76 13125.txt 22.12.2006 14:21 76 13380.txt 22.12.2006 14:21 76 19215.txt 22.12.2006 14:21 76 19893.txt 22.12.2006 14:21 76 2090.txt 22.12.2006 14:21 76 30980.txt 22.12.2006 14:21 76 25597.txt 22.12.2006 14:21 76 12907.txt 22.12.2006 14:21 76 18433.txt 22.12.2006 14:21 76 13089.txt 22.12.2006 14:21 76 24949.txt 22.12.2006 14:21 76 20127.txt 22.12.2006 14:21 76 26655.txt 22.12.2006 14:21 76 57.txt 22.12.2006 14:21 76 28905.txt 22.12.2006 14:20 76 16570.txt 22.12.2006 14:20 76 25736.txt 22.12.2006 14:20 76 15365.txt 22.12.2006 14:20 76 1899.txt 22.12.2006 14:20 76 3312.txt 22.12.2006 14:20 76 31651.txt 22.12.2006 14:20 76 20937.txt 22.12.2006 14:20 76 5768.txt 22.12.2006 14:20 76 17998.txt 22.12.2006 14:20 76 6974.txt 22.12.2006 14:20 76 10235.txt 22.12.2006 14:20 76 14443.txt 22.12.2006 14:20 76 4095.txt 22.12.2006 14:20 76 23236.txt 22.12.2006 14:20 76 12850.txt 22.12.2006 14:20 76 20273.txt 22.12.2006 14:20 76 8928.txt 22.12.2006 14:20 76 7867.txt 22.12.2006 14:20 76 30032.txt 22.12.2006 14:20 76 21384.txt 22.12.2006 14:20 76 17222.txt 22.12.2006 14:20 76 16771.txt 22.12.2006 14:20 76 2546.txt 22.12.2006 14:20 76 20110.txt 22.12.2006 14:20 76 21261.txt 22.12.2006 14:20 76 23884.txt 22.12.2006 14:20 76 26902.txt 22.12.2006 14:20 76 15078.txt 22.12.2006 14:20 76 27619.txt 22.12.2006 14:20 76 4951.txt 22.12.2006 14:20 76 3852.txt 22.12.2006 14:20 76 18717.txt 22.12.2006 14:20 76 11733.txt 22.12.2006 14:20 76 27760.txt 22.12.2006 14:20 76 16544.txt 22.12.2006 14:20 76 17215.txt 22.12.2006 14:20 76 11801.txt 22.12.2006 14:20 76 11945.txt 22.12.2006 14:20 76 32392.txt 22.12.2006 14:20 76 2995.txt 22.12.2006 14:20 76 17498.txt 22.12.2006 14:20 76 29450.txt 22.12.2006 14:20 76 29534.txt 22.12.2006 14:20 76 8909.txt 22.12.2006 14:20 76 4184.txt 22.12.2006 14:20 76 26097.txt 22.12.2006 14:20 76 25334.txt 22.12.2006 14:20 76 25643.txt 22.12.2006 14:20 76 19316.txt 22.12.2006 14:20 76 689.txt 22.12.2006 14:20 76 5029.txt 22.12.2006 14:20 76 32011.txt 22.12.2006 14:20 76 18229.txt 22.12.2006 14:20 76 31959.txt 22.12.2006 14:20 76 21217.txt 22.12.2006 14:19 76 15150.txt 22.12.2006 14:19 76 12760.txt 22.12.2006 14:19 76 24245.txt 22.12.2006 14:19 76 3465.txt 22.12.2006 14:19 76 16257.txt 22.12.2006 14:19 76 14214.txt 22.12.2006 14:19 76 3661.txt 22.12.2006 14:19 76 7746.txt 22.12.2006 14:19 76 7861.txt 22.12.2006 14:19 76 7382.txt 22.12.2006 14:19 76 21628.txt 22.12.2006 14:19 76 6931.txt 22.12.2006 14:19 76 513.txt 22.12.2006 14:19 76 11909.txt 22.12.2006 14:19 76 29290.txt 22.12.2006 14:19 76 7741.txt 22.12.2006 14:19 76 29749.txt 22.12.2006 14:19 76 8819.txt 22.12.2006 14:19 76 4400.txt 22.12.2006 14:19 76 18015.txt 22.12.2006 14:19 76 18178.txt 22.12.2006 14:19 76 17888.txt 22.12.2006 14:19 76 6090.txt 22.12.2006 14:19 76 27081.txt 22.12.2006 14:19 76 15494.txt 22.12.2006 14:19 76 5350.txt 22.12.2006 14:19 76 13118.txt 22.12.2006 14:19 76 14622.txt 22.12.2006 14:19 76 24861.txt 22.12.2006 14:19 76 5944.txt 22.12.2006 14:19 76 7436.txt 22.12.2006 14:19 76 19759.txt 22.12.2006 14:19 76 16741.txt 22.12.2006 14:19 76 7708.txt 22.12.2006 14:19 76 27607.txt 22.12.2006 14:19 76 23574.txt 22.12.2006 14:19 76 26770.txt 22.12.2006 14:19 76 16292.txt 22.12.2006 14:19 76 31315.txt 22.12.2006 14:19 76 4496.txt 22.12.2006 14:19 76 21234.txt 22.12.2006 14:19 76 11059.txt 22.12.2006 14:19 76 12400.txt 22.12.2006 14:19 76 18078.txt 22.12.2006 14:19 76 16578.txt 22.12.2006 14:19 76 13102.txt 22.12.2006 14:19 76 15047.txt 22.12.2006 14:19 76 5214.txt 22.12.2006 14:19 76 5425.txt 22.12.2006 14:19 76 10240.txt 22.12.2006 14:19 76 31812.txt 22.12.2006 14:18 76 32293.txt 22.12.2006 14:18 76 11700.txt 22.12.2006 14:18 76 24659.txt 22.12.2006 14:18 76 17940.txt 22.12.2006 14:18 76 23947.txt 22.12.2006 14:18 76 2699.txt 22.12.2006 14:18 76 8655.txt 22.12.2006 14:18 76 1451.txt 22.12.2006 14:18 76 31123.txt 22.12.2006 14:18 76 14824.txt 22.12.2006 14:18 76 28080.txt 22.12.2006 14:18 76 8268.txt 22.12.2006 14:18 76 11920.txt 22.12.2006 14:18 76 11347.txt 22.12.2006 14:18 76 10796.txt 22.12.2006 14:18 76 2730.txt 22.12.2006 14:18 76 21367.txt 22.12.2006 14:18 76 6207.txt 22.12.2006 14:18 76 28197.txt 22.12.2006 14:18 76 254.txt 22.12.2006 14:18 76 20821.txt 22.12.2006 14:18 76 4506.txt 22.12.2006 14:18 76 18034.txt 22.12.2006 14:18 37.754 9100.exe 22.12.2006 14:18 76 26780.txt 22.12.2006 14:18 76 26872.txt 22.12.2006 14:18 76 2125.txt 22.12.2006 14:18 76 425.txt 22.12.2006 14:18 76 31610.txt 22.12.2006 14:18 76 29215.txt 22.12.2006 14:18 76 31593.txt 22.12.2006 14:18 76 11260.txt 22.12.2006 14:18 76 29479.txt 22.12.2006 14:18 76 20852.txt 22.12.2006 14:18 76 23761.txt 22.12.2006 14:18 76 28634.txt 22.12.2006 14:18 76 11581.txt 22.12.2006 14:18 76 20227.txt 22.12.2006 14:18 76 29828.txt 22.12.2006 14:18 76 21011.txt 22.12.2006 14:18 76 9924.txt 22.12.2006 14:18 76 14492.txt 22.12.2006 14:18 76 32459.txt 22.12.2006 14:17 3.531.776 RCX7.tmp 22.12.2006 14:16 3.531.776 vOQnMhhw 22.12.2006 14:16 3.531.776 tJZQhJsh 22.12.2006 14:16 3.531.776 OqYDDZsk 22.12.2006 14:16 3.531.776 wxzZQzfF 22.12.2006 14:16 5.120 ptUtZmIF.sys 22.12.2006 14:14 0 11060.txt 22.12.2006 14:14 76 2444.txt 22.12.2006 14:14 76 28924.txt 22.12.2006 14:14 76 18153.txt 22.12.2006 14:14 76 18596.txt 22.12.2006 14:14 76 25010.txt 22.12.2006 14:14 76 36.txt 22.12.2006 14:14 76 5089.txt 22.12.2006 14:14 76 25681.txt 22.12.2006 14:14 76 3671.txt 22.12.2006 14:14 76 16464.txt 22.12.2006 14:14 76 7211.txt 22.12.2006 14:14 76 12408.txt 22.12.2006 14:14 76 24992.txt 22.12.2006 14:14 76 7984.txt 22.12.2006 14:14 76 17571.txt 22.12.2006 14:14 76 19862.txt 22.12.2006 14:14 76 25321.txt 22.12.2006 14:14 76 25418.txt 22.12.2006 14:14 76 24023.txt 22.12.2006 14:14 76 29431.txt 22.12.2006 14:14 76 5673.txt 22.12.2006 14:14 76 2801.txt 22.12.2006 14:14 76 28563.txt 22.12.2006 14:14 76 5245.txt 22.12.2006 14:14 76 20689.txt 22.12.2006 14:14 76 24293.txt 21.12.2006 17:42 3.531.776 yvLbLBWZ 21.12.2006 17:42 3.531.776 LWXatUZd 21.12.2006 17:42 3.531.776 MediaSups.exe 29.08.2002 02:43 11.542 Ztgx.dll 1202 Datei(en) 70.951.190 Bytes 0 Verzeichnis(se), 3.955.560.448 Bytes frei ------------------------------------------------------------------------- Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 08BF-B934 Verzeichnis von C:\WINDOWS 22.12.2006 14:36 116.207 kwl_t4.exe 22.12.2006 14:31 32.546 SchedLgU.Txt 22.12.2006 14:29 0 0.log 22.12.2006 14:29 1.082.637 WindowsUpdate.log 22.12.2006 14:26 159 wiadebug.log 22.12.2006 14:26 50 wiaservc.log 22.12.2006 14:26 415 winsys.ini 22.12.2006 14:25 2.048 bootstat.dat 22.12.2006 14:24 11.068 ztcaizi10223.exe 22.12.2006 14:22 11.069 jianghucaizidlfgjlj8.exe 22.12.2006 14:09 22.380 mhldfsgjldsfjg.exe 22.12.2006 13:49 449.376 setupapi.log 21.12.2006 22:28 31.232 Realplayones.exe 21.12.2006 21:38 1.109 hitpop_tmp.txt 21.12.2006 21:31 146 a.bat 21.12.2006 20:28 116 NeroDigital.ini 21.12.2006 20:18 54.156 QTFont.qfn 21.12.2006 19:44 663.552 G_Server1.23.exe 21.12.2006 18:38 139.264 mTmp.exe 21.12.2006 18:38 4.286 tmp.ico 21.12.2006 18:33 120.847 tubar1253.exe 21.12.2006 18:28 159.744 dodolook059.exe 21.12.2006 18:27 122.342 mms_730.exe 21.12.2006 18:26 91.648 mycount.exe 20.12.2006 22:38 1.086 win.ini 20.12.2006 22:35 3.531.776 net.com 20.12.2006 22:35 3.531.776 cmd.com 20.12.2006 22:35 3.531.776 regedit.com 20.12.2006 21:49 16 KB611311.log 20.12.2006 18:35 0 rtti.dll 15.12.2006 22:43 725 aolback.exe.lnk 15.12.2006 22:42 61.136 wmsetup.log 15.12.2006 22:33 4 msoffice.ini 28.11.2006 16:38 151 PhotoSnapViewer.INI 17.11.2006 17:20 1.409 QTFont.for 15.11.2006 13:58 0 muma2004.INI 14.10.2006 16:10 2.780 KB911567-OE6SP1-20060316.165634Uninst.log 14.10.2006 16:10 154.539 comsetup.log 14.10.2006 16:10 527.082 iis6.log 14.10.2006 16:10 1.393 imsins.log 14.10.2006 16:10 21.841 tabletoc.log 14.10.2006 16:10 93.281 ntdtcsetup.log 14.10.2006 16:10 203.663 tsoc.log 14.10.2006 16:10 234.097 ocgen.log 14.10.2006 16:10 75.542 netfxocm.log 14.10.2006 16:10 15.727 ocmsn.log 14.10.2006 16:10 21.630 msgsocm.log 14.10.2006 16:10 425.025 FaxSetup.log 14.10.2006 16:10 143.568 msmqinst.log 14.10.2006 16:10 1.393 imsins.BAK 14.10.2006 16:10 4.842 KB891781Uninst.log 14.10.2006 16:09 4.491 KB890859Uninst.log 14.10.2006 16:09 39.102 updspapi.log 14.10.2006 16:08 2.411 KB893803v2Uninst.log 14.10.2006 16:04 184.824 setupact.log 14.10.2006 16:01 4.364 KB888302Uninst.log 14.10.2006 16:00 3.340 KB835409Uninst.log 14.10.2006 16:00 3.355 KB892944Uninst.log 14.10.2006 15:49 48.622 KB842773Uninst.log 14.10.2006 15:49 48.787 KB918899-IE6SP1-20060725.123917Uninst.log 14.10.2006 15:48 44.710 KB923191Uninst.log 14.10.2006 15:47 43.109 KB920683Uninst.log 14.10.2006 15:47 40.623 KB920670Uninst.log 14.10.2006 15:47 40.109 KB919007Uninst.log 14.10.2006 15:47 39.033 KB917953Uninst.log 14.10.2006 15:46 37.892 KB917422Uninst.log 14.10.2006 15:46 36.449 KB917344Uninst.log 14.10.2006 15:46 35.864 KB914389Uninst.log 14.10.2006 15:46 32.120 KB914388Uninst.log 14.10.2006 15:45 27.327 KB913580Uninst.log 14.10.2006 15:44 24.195 KB912919Uninst.log 14.10.2006 15:44 22.820 KB908519Uninst.log 14.10.2006 15:43 21.226 KB905749Uninst.log 14.10.2006 15:43 19.497 KB905414Uninst.log 14.10.2006 15:42 18.534 KB904706Uninst.log 14.10.2006 15:42 18.766 KB902400Uninst.log 14.10.2006 15:41 12.170 KB901214Uninst.log 14.10.2006 15:41 10.664 KB899589Uninst.log 14.10.2006 15:41 9.986 KB900725Uninst.log 14.10.2006 15:40 8.345 KB896428Uninst.log 14.10.2006 15:40 6.299 KB890046Uninst.log 14.10.2006 15:39 6.191 KB898461Uninst.log 14.10.2006 15:39 4.480 KB908531Uninst.log 14.10.2006 15:37 164 wininit.ini 14.10.2006 11:08 2.266 mozver.dat 14.10.2006 11:01 20.147 KB902400.log 14.10.2006 10:59 37.512 KB920670.log 14.10.2006 10:58 36.981 KB891781.log 14.10.2006 10:58 2.064 vminst.log 14.10.2006 10:57 37.911 KB890046.log 14.10.2006 10:56 36.603 KB899589.log 14.10.2006 10:55 37.022 KB919007.log 14.10.2006 10:54 37.444 KB914388.log 14.10.2006 10:53 16.773 KB904706.log 14.10.2006 10:51 25.103 KB917344.log 14.10.2006 10:51 25.577 KB905414.log der Rest ist im Anhang Anhang: der 2. rest.txt Dieser Beitrag wurde am 22.12.2006 um 15:16 Uhr von awtss.dll editiert.
|
|
|
|
|
|
|
22.12.2006, 23:50
Ehrenmitglied
Beiträge: 29434 |
#4
wende das avengerscript noch mal an
poste hier das log vom Avenger, was nach neustart erscheint __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
23.12.2006, 13:59
Member
Themenstarter Beiträge: 22 |
#5
So ich hab Avenger durchgeführt und diesmal mit log:
////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Error: could not create zip file. Error code: 0 ////////////////////////////////////////// Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\tmkhkemh ******************* Script file located at: xqkiuwti Could not open script file! Error Could not open script file! Status: 0xc000003b Abort! Nun ich hab noch mehr probleme bekommen: -mein pc stürzt jede 10.te minute ab -mein desktop verändert sich von alleine (andere styles usw.) -alle Programme auf dem datenträger d:/ funktionieren nicht (ich soll CHKDSK ausführen) -ich muss antivir und spybot ausschalten weil ich hunderte von warnungen bekomme (die neuste ist von antivir, dass ich den gefährlichen backdoorvirus Severqq oder so habe) hoffe ihr könnt mir helfen MfG Frank |
|
|
|
|
|
|
23.12.2006, 14:34
Ehrenmitglied
Beiträge: 29434 |
#6
dein Rechner besteht nur aus viren - selten, dass man sowas zu sehen bekommt ;(
den Avenger musst du korrekt anwenden , dann werden die Viren auch alle geloescht  ansonsten empfehle ich dir - schnellstens zu formatieren __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
23.12.2006, 14:57
Ehrenmitglied
Beiträge: 29434 |
#7
genauso musst du es machen - versuche es nochmal (ohne "Zitat" reinkopieren !!!!!!!!!!!
__________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
23.12.2006, 15:06
Member
Themenstarter Beiträge: 22 |
#8
puhhhhhhhh ich habs nach dem dritten anlauf hinbekommen 8-D hier der log:
Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\krhjgdae ******************* Script file located at: \??\C:\Program Files\ejfkydkl.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\System Event COM+ not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\System Event COM+ failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\System Event COM+ Status: 0xc0000034 File C:\myDelm.bat deleted successfully. File C:\WINDOWS\Temp\mm.vbs not found! Deletion of file C:\WINDOWS\Temp\mm.vbs failed! Could not process line: C:\WINDOWS\Temp\mm.vbs Status: 0xc0000034 File C:\WINDOWS\Temp\svchoost.exe not found! Deletion of file C:\WINDOWS\Temp\svchoost.exe failed! Could not process line: C:\WINDOWS\Temp\svchoost.exe Status: 0xc0000034 File C:\WINDOWS\Temp\webhitlogtmp.dat deleted successfully. File C:\WINDOWS\rtti.dll deleted successfully. File C:\WINDOWS\winsys.ini deleted successfully. File C:\WINDOWS\G_Server1.23.exe deleted successfully. File C:\WINDOWS\tubar1253.exe deleted successfully. File C:\WINDOWS\dodolook059.exe deleted successfully. File C:\WINDOWS\mms_730.exe deleted successfully. File C:\WINDOWS\mycount.exe deleted successfully. File C:\WINDOWS\tmp.ico deleted successfully. File C:\WINDOWS\mTmp.exe deleted successfully. File C:\WINDOWS\regedit.com deleted successfully. File C:\WINDOWS\net.com deleted successfully. File C:\WINDOWS\cmd.com deleted successfully. File C:\WINDOWS\System32\mallgoo2.dll deleted successfully. File C:\WINDOWS\system32\myconfig.ini deleted successfully. File C:\WINDOWS\system32\svch0st.exe deleted successfully. File C:\WINDOWS\system32\devgt.exe deleted successfully. File C:\WINDOWS\system32\windds32.dll deleted successfully. File C:\WINDOWS\system32\xpdhcp.dll deleted successfully. File C:\WINDOWS\system32\rx.dll deleted successfully. File C:\WINDOWS\system32\windhcp.ocx deleted successfully. File C:\WINDOWS\system32\ruqesgeztghyu.dll deleted successfully. File C:\WINDOWS\system32\tytwmoyrdzucl.dll deleted successfully. File C:\WINDOWS\system32\almms.dat deleted successfully. File C:\WINDOWS\system32\zagdrbmmxizls.dll deleted successfully. File C:\WINDOWS\system32\ksdihg.dll deleted successfully. File C:\WINDOWS\system32\webhit.ini.tmp deleted successfully. File C:\WINDOWS\system32\webhit.ini deleted successfully. File C:\WINDOWS\system32\jpbtgmruuzobw.dll deleted successfully. File C:\WINDOWS\system32\nwcxkjcrwewgh.dll deleted successfully. File C:\WINDOWS\system32\umjtxhmdlmrjl.dll deleted successfully. File C:\WINDOWS\system32\QQhx.dat deleted successfully. File C:\WINDOWS\system32\ksdihg.exe deleted successfully. File C:\WINDOWS\system32\zkjlklbhgswcb.dll deleted successfully. File C:\WINDOWS\system32\ghkorhruizrvl.dll deleted successfully. File C:\WINDOWS\system32\qyxdiatvoacup.dll deleted successfully. File C:\WINDOWS\system32\wlkrgsqdoydyf.dll deleted successfully. File C:\WINDOWS\system32\d3d1caps.SRG deleted successfully. File C:\WINDOWS\system32\scvhsot.exe deleted successfully. File C:\WINDOWS\system32\d3d3caps.SRG deleted successfully. File C:\WINDOWS\system32\hgcgpyytzouyv.dll deleted successfully. File C:\WINDOWS\system32\unehdalvccmfi.dll deleted successfully. File C:\WINDOWS\system32\fmaqypjbeqhtp.dll deleted successfully. File C:\WINDOWS\system32\ssbmvajmtvmgk.dll deleted successfully. File C:\WINDOWS\system32\azysosblrufdt.dll deleted successfully. File C:\WINDOWS\system32\dzispyxiodbmi.dll deleted successfully. File C:\WINDOWS\system32\dudctxukpsymw.dll deleted successfully. File C:\WINDOWS\system32\zqijbtsuplvom.dll deleted successfully. File C:\WINDOWS\system32\rlgdwqnbohkgh.dll deleted successfully. File C:\WINDOWS\system32\wkpcjnnymwmqn.dll deleted successfully. File C:\WINDOWS\system32\rqqyajamqfdbe.dll deleted successfully. File C:\WINDOWS\system32\tpezydravqwaq.dll deleted successfully. File C:\WINDOWS\system32\cxpfmcjvexqoy.dll deleted successfully. File C:\WINDOWS\system32\mvofmvdnihrlf.dll deleted successfully. File C:\WINDOWS\system32\djyqfqyqirltg.dll deleted successfully. File C:\WINDOWS\system32\dxnahgnztnwep.dll deleted successfully. File C:\WINDOWS\system32\00001085.DAT deleted successfully. File C:\WINDOWS\system32\nhyehogqkdbqt.dll deleted successfully. File C:\WINDOWS\system32\mprmsgse.axz deleted successfully. File C:\WINDOWS\system32\winsys16_061220.dll deleted successfully. File C:\WINDOWS\system32\scrsys16_061220.scr deleted successfully. File C:\WINDOWS\system32\scrsys061220.scr deleted successfully. File C:\WINDOWS\system32\AlxRes061220.exe deleted successfully. File C:\WINDOWS\system32\knxngdwfejlwd.dll deleted successfully. File C:\WINDOWS\system32winsys16_061221.dll not found! Deletion of file C:\WINDOWS\system32winsys16_061221.dll failed! Could not process line: C:\WINDOWS\system32winsys16_061221.dll Status: 0xc0000034 File C:\WINDOWS\system32\scrsys16_061221.scr deleted successfully. File C:\WINDOWS\system32\winsys32_061221.dll deleted successfully. File C:\WINDOWS\system32\AlxRes061221.exe deleted successfully. File C:\WINDOWS\system32\scrsys061221.scr deleted successfully. File C:\WINDOWS\system32\winsys32_061220.dll deleted successfully. File C:\WINDOWS\system32\mallgoo2.dll not found! Deletion of file C:\WINDOWS\system32\mallgoo2.dll failed! Could not process line: C:\WINDOWS\system32\mallgoo2.dll Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\IDmIr.exe.vir not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\IDmIr.exe.vir failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\IDmIr.exe.vir Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\0055.exe not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\0055.exe failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\0055.exe Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\config.mdb not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\config.mdb failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\config.mdb Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\iim.dll not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\iim.dll failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\iim.dll Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\zi.exe not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\zi.exe failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\zi.exe Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\nu.dll not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\nu.dll failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\nu.dll Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\ie777.exe not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\ie777.exe failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\ie777.exe Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\npf.sys not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\npf.sys failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\npf.sys Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\~tenp.exe not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\~tenp.exe failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\~tenp.exe Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\lHBmvA.exe not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\lHBmvA.exe failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\lHBmvA.exe Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\wowexec.tmp deleted successfully. File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\24820.exe not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\24820.exe failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\24820.exe Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\MediaSups.exe deleted successfully. File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\itemp.exe not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\itemp.exe failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\itemp.exe Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\wanpacket.dll not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\wanpacket.dll failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\wanpacket.dll Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\packet.dll not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\packet.dll failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\packet.dll Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\ie888.exe not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\ie888.exe failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\ie888.exe Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\iesys.exe not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\iesys.exe failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\iesys.exe Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\14183.exe not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\14183.exe failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\14183.exe Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\31355.txt deleted successfully. File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\793.exe not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\793.exe failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\793.exe Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\~WRC0001.tmp not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\~WRC0001.tmp failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\~WRC0001.tmp Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\8144.txt deleted successfully. File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\26461.exe not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\26461.exe failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\26461.exe Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\18745.exe not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\18745.exe failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\18745.exe Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\~WRS0000.tmp not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\~WRS0000.tmp failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\~WRS0000.tmp Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\svchoost.exe not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\svchoost.exe failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\svchoost.exe Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\JnZOLgjY not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\JnZOLgjY failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\JnZOLgjY Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\mhs2.dll deleted successfully. File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\0055.exe not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\0055.exe failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\0055.exe Status: 0xc0000034 File C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\mh.exe not found! Deletion of file C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\mh.exe failed! Could not process line: C:\Dokumente und Einstellungen\info\Lokale Einstellungen\Temp\mh.exe Status: 0xc0000034 Folder C:\Programme\vision deleted successfully. Folder C:\WINDOWS\aW5mbw deleted successfully. Could not delete registry value HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{C1B4DEC2-2623-438e-9CA2-C9043AB28508} Deletion of registry value HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{C1B4DEC2-2623-438e-9CA2-C9043AB28508} failed! Status: 0xc0000034 Registry value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run|jiahus deleted successfully. Registry value HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run|{08BFB934-0321-1031-0921-000003270031} deleted successfully. Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C155E2F4-EA4D-48AD-BEE2-C837C0DC137F} deleted successfully. Registry key HKLM\SOFTWARE\Classes\CLSID\{C155E2F4-EA4D-48AD-BEE2-C837C0DC137F} not found! Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{C155E2F4-EA4D-48AD-BEE2-C837C0DC137F} failed! Status: 0xc0000034 Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3B30B48F-617D-4F73-A20F-D3D54357F103} deleted successfully. Registry key HKLM\SOFTWARE\Classes\CLSID\{3B30B48F-617D-4F73-A20F-D3D54357F103} not found! Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{3B30B48F-617D-4F73-A20F-D3D54357F103} failed! Status: 0xc0000034 Registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1B4DEC2-2623-438e-9CA2-C9043AB28508} deleted successfully. Registry key HKLM\SOFTWARE\Classes\CLSID\{C1B4DEC2-2623-438e-9CA2-C9043AB28508} not found! Deletion of registry key HKLM\SOFTWARE\Classes\CLSID\{C1B4DEC2-2623-438e-9CA2-C9043AB28508} failed! Status: 0xc0000034 Completed script processing. ******************* Finished! Terminate. |
|
|
|
|
|
|
23.12.2006, 15:35
Ehrenmitglied
Beiträge: 29434 |
#9
««
wende cleanUp an - poste den report http://virus-protect.org/cleanup.html «« ServiceFilter.zip http://virus-protect.org/artikel/tools/ServiceFilter.zip - entzippen - doppelklick auf die datei ServiceFilter.vbs - versions-nummer bestätigen - scannen - öffnen von wordpad oder editor erlauben - POST_THIS.TXT abkopieren »» poste noch mal die 6 logs von datfindbat __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
23.12.2006, 16:18
Member
Themenstarter Beiträge: 22 |
#10
so jez ma so die grobe zusammenfassung:
CleanUp durchgeführt allerdings kein log ServiceFilter durchgeführt, log: The script did not recognize the services listed below. This does not mean that they are a problem. To copy the entire contents of this document for posting: At the top of this window click "Edit" then "Select All" Next click "Edit" again then "Copy" Now right click in the forum post box then click "Paste" ######################################## ServiceFilter 1.1 by rand1038 Microsoft Windows XP Professional Version: 5.1.2600 Service Pack 1 Dez 23, 2006 16:07:14 ---> Begin Service Listing <--- Unknown Service # 1 Service Name: ADIDown Display Name: Power Adapter Start Mode: Auto Start Name: LocalSystem Description: ... Service Type: Own Process Path: c:\windows\svchost.exe State: Running Process ID: 1588 Started: Wahr Exit Code: 0 Accept Pause: Falsch Accept Stop: Wahr Unknown Service # 5 Service Name: COM+ Messages Display Name: COM+ Messages Start Mode: Disabled Start Name: LocalSystem Description: ... Service Type: Own Process Path: "c:\windows\system32\svchosts.exe" -e te-110-12-0000175 State: Stopped Process ID: 0 Started: Falsch Exit Code: 1077 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 7 Service Name: PigeonServer1.23 Display Name: Pigeon_Server1.23 Start Mode: Auto Start Name: LocalSystem Description: ¹§Ï²°¡!!!... Service Type: Own Process Path: c:\windows\g_server1.23.exe State: Stopped Process ID: 0 Started: Falsch Exit Code: 0 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 8 Service Name: Process Launcher Display Name: Process Launcher Start Mode: Auto Start Name: LocalSystem Description: Process ... Service Type: Own Process Path: c:\windows\serverqq.exe State: Stopped Process ID: 0 Started: Falsch Exit Code: 0 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 9 Service Name: RpcS Display Name: Remote Procedure Call System(RPCS) Start Mode: Auto Start Name: LocalSystem Description: ¹ÜÀí²¢¿ØÖÆRPC·þÎñÊý¾Ý¿â¡£... Service Type: Own Process Path: c:\windows\system32\rpcs.exe State: Running Process ID: 1788 Started: Wahr Exit Code: 0 Accept Pause: Wahr Accept Stop: Wahr Unknown Service # 10 Service Name: Sbscpw Display Name: Transaction Provisioning Service Start Mode: Auto Start Name: LocalSystem Description: ½âÎöºÍ»º³åÓòÃûϵͳ (DNS) Ãû³Æ¡£Èç¹û´Ë·þÎñ±»Í£Ö¹£¬¼ÆËã»ú½«²»ÄܽâÎö DNS Ãû³Æ²¢¶¨Î» Active Directory ... Service Type: Own Process Path: c:\windows\system32\ozipt.exe State: Stopped Process ID: 0 Started: Falsch Exit Code: 0 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 13 Service Name: VisionService Display Name: VisionService Start Mode: Auto Start Name: LocalSystem Description: ... Service Type: Own Process Path: c:\windows\system32\rundll32.exe c:\progra~1\vision\visver.dll,service State: Stopped Process ID: 0 Started: Falsch Exit Code: 0 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 14 Service Name: Webclients Display Name: Webclients Start Mode: Auto Start Name: LocalSystem Description: ʹ»ùÓÚ Windows µÄ³ÌÐòÄÜ´´½¨¡¢·ÃÎʺÍÐ޸ĻùÓÚ Internet ... Service Type: Own Process Path: c:\windows\qqip.exe State: Stopped Process ID: 0 Started: Falsch Exit Code: 1067 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 15 Service Name: Win32DDS Display Name: Win32 Display Driver Start Mode: Auto Start Name: LocalSystem Description: Provides system and desktop level support to the display ... Service Type: Own Process Path: c:\windows\system32\rundll32.exe windds32.dll,start State: Stopped Process ID: 0 Started: Falsch Exit Code: 0 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 16 Service Name: Win32DHCPsvc Display Name: Win32 DHCP Service Start Mode: Auto Start Name: LocalSystem Description: ΪԶ³Ì¼ÆËã»ú×¢²á²¢¸üРIP ... Service Type: Own Process Path: c:\windows\system32\rundll32.exe windhcp.dll,start State: Stopped Process ID: 0 Started: Falsch Exit Code: 0 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 17 Service Name: WinDHCPsvc Display Name: Windows DHCP Service Start Mode: Auto Start Name: LocalSystem Description: ΪԶ³Ì¼ÆËã»ú×¢²á²¢¸üРIP ... Service Type: Own Process Path: c:\windows\system32\rundll32.exe windhcp.ocx,start State: Stopped Process ID: 0 Started: Falsch Exit Code: 0 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 18 Service Name: WinXPDHCPsvc Display Name: WinXP DHCP Service Start Mode: Auto Start Name: LocalSystem Description: ΪԶ³Ì¼ÆËã»ú×¢²á²¢¸üРIP ... Service Type: Own Process Path: c:\windows\system32\rundll32.exe xpdhcp.dll,start State: Stopped Process ID: 0 Started: Falsch Exit Code: 0 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 19 Service Name: www.ppandora.com Display Name: www.ppandora.com Start Mode: Disabled Start Name: LocalSystem Description: ... Service Type: Own Process Path: c:\windows\system32\nsvc32.exe State: Stopped Process ID: 0 Started: Falsch Exit Code: 1077 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 20 Service Name: zhongguozhizao.3322.org Display Name: zhongguozhizao.3322.org Start Mode: Disabled Start Name: LocalSystem Description: ... Service Type: Own Process Path: c:\windows\system32\zhongguozhizao.3322.org.exe State: Stopped Process ID: 0 Started: Falsch Exit Code: 1077 Accept Pause: Falsch Accept Stop: Falsch Verzeichnis von C:\WINDOWS\system32 23.12.2006 16:14 3.745 norton.sys 23.12.2006 16:13 41.984 windhcp.ocx 23.12.2006 15:15 68 d3d1caps.SRG 23.12.2006 15:12 32 mprmsgse.axz 22.12.2006 23:23 9.350 yfBqE.exe 22.12.2006 23:16 41.984 windhcp.dll 22.12.2006 23:13 9.350 WCapz.exe 22.12.2006 23:03 9.350 WkhXJ.exe 22.12.2006 22:52 9.350 UostF.exe 22.12.2006 22:41 9.350 TnIYr.exe 22.12.2006 18:53 9.350 UAaAU.exe 22.12.2006 18:43 9.350 NuMlJ.exe 22.12.2006 18:32 9.350 QTcPL.exe 22.12.2006 18:22 9.350 vivuD.exe 22.12.2006 18:12 9.350 KNPEX.exe 22.12.2006 18:02 9.350 TWRtl.exe 22.12.2006 17:52 9.350 viJpt.exe 22.12.2006 15:43 126 Deleteme.bat 22.12.2006 15:43 23.224 nsvc32.exe 22.12.2006 15:42 9.350 hVaDQ.exe 22.12.2006 15:31 11.264 ulAXDU.exe 22.12.2006 15:31 9.350 Xxmds.exe 22.12.2006 14:23 9.350 RIqMw.exe 22.12.2006 14:23 11.264 vUBDdl.exe 22.12.2006 14:09 9.350 KZTei.exe 22.12.2006 14:09 11.264 TqrVqB.exe 22.12.2006 14:01 21.484 wincab.sys 22.12.2006 13:57 11.264 jGwudB.exe 22.12.2006 13:57 9.350 oNckZ.exe 21.12.2006 22:23 11.264 xYUgau.exe 21.12.2006 22:14 11.264 QhptYx.exe 21.12.2006 22:09 9.738 dllhost32.dll 21.12.2006 21:41 203.776 qsjtddfjcnbaj.dll 21.12.2006 21:40 203.776 ldludivbofpoe.dll 21.12.2006 21:40 203.776 qctvbouriuogg.dll 21.12.2006 21:35 11.264 EgcKkg.exe 21.12.2006 21:27 11.264 hQxrjg.exe 20.12.2006 18:30 27.136 winsys16_061221.dll 11.12.2006 23:53 224.816 FNTCACHE.DAT 05.12.2006 09:42 2.206 wpa.dbl 04.11.2006 11:11 8.891 jupdate-1.5.0_09-b03.log ------------------------------------------------------------------------- Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 08BF-B934 Verzeichnis von C:\DOKUME~1\info\LOKALE~1\Temp 23.12.2006 16:16 0 WER2.tmp 23.12.2006 16:14 0 WER1B.tmp 23.12.2006 16:14 342 jusched.log 23.12.2006 16:08 0 WER28.tmp 23.12.2006 16:04 2.764.768 RCX1B.tmp 23.12.2006 16:04 3.709.952 VtdkACUC 23.12.2006 16:04 3.709.952 sLeBZjGt 23.12.2006 16:04 3.709.952 IJtggJdK 23.12.2006 16:04 3.709.952 EbGwnbws 23.12.2006 16:04 3.709.952 XNBQCiEC 23.12.2006 16:03 3.709.952 KHgwicPP 23.12.2006 16:03 3.709.952 dnWziDVE 23.12.2006 16:03 3.709.952 oupZJqVa 23.12.2006 16:03 3.709.952 dEIovHWa 23.12.2006 16:03 93.184 wowexec.tmp 22.12.2006 22:39 3.709.952 GsteLBtt 22.12.2006 22:39 3.709.952 MediaSups.exe 17 Datei(en) 43.667.766 Bytes 0 Verzeichnis(se), 4.046.954.496 Bytes frei ------------------------------------------------------------------------- Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 08BF-B934 Verzeichnis von C:\WINDOWS 23.12.2006 16:17 1.481.575 WindowsUpdate.log 23.12.2006 16:16 32.636 SchedLgU.Txt 23.12.2006 16:16 50 wiaservc.log 23.12.2006 16:16 159 wiadebug.log 23.12.2006 16:15 2.048 bootstat.dat 23.12.2006 16:14 42.316 mhldfsgjldsfjg.exe 23.12.2006 16:12 0 0.log 23.12.2006 14:31 279.552 QQIP.exe 23.12.2006 13:30 11.662 bplgwlji.txt 22.12.2006 18:33 394.240 gz.exe 22.12.2006 17:55 184.884 setupact.log 22.12.2006 15:31 57.344 douhaowow.exe 22.12.2006 14:36 116.207 kwl_t4.exe 22.12.2006 14:24 11.068 ztcaizi10223.exe 22.12.2006 13:49 449.376 setupapi.log 21.12.2006 22:28 31.232 Realplayones.exe 21.12.2006 21:31 146 a.bat 21.12.2006 20:28 116 NeroDigital.ini 21.12.2006 20:18 54.156 QTFont.qfn 20.12.2006 22:38 1.086 win.ini 20.12.2006 21:49 16 KB611311.log 15.12.2006 22:43 725 aolback.exe.lnk 15.12.2006 22:42 61.136 wmsetup.log 15.12.2006 22:33 4 msoffice.ini 28.11.2006 16:38 151 PhotoSnapViewer.INI 17.11.2006 17:20 1.409 QTFont.for 15.11.2006 13:58 0 muma2004.INI 14.10.2006 16:10 2.780 KB911567-OE6SP1-20060316.165634Uninst.log 14.10.2006 16:10 527.082 iis6.log 14.10.2006 16:10 154.539 comsetup.log 14.10.2006 16:10 1.393 imsins.log 14.10.2006 16:10 203.663 tsoc.log -------------------------------------------------------------------------- Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 08BF-B934 Verzeichnis von C:\WINDOWS\Temp -------------------------------------------------------------------------- Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 08BF-B934 Verzeichnis von C:\WINDOWS\Downloaded Program Files 09.11.2006 14:36 5.019 swflash.inf -------------------------------------------------------------------------- Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: 08BF-B934 Verzeichnis von C:\ 23.12.2006 16:19 0 sys.txt 23.12.2006 16:19 186 down.txt 23.12.2006 16:18 117 temp.txt 23.12.2006 16:18 117 tmp.txt 23.12.2006 16:18 6.924 windows.txt 23.12.2006 16:18 10.423 system.txt 23.12.2006 16:18 1.038 systemtemp.txt 23.12.2006 16:17 2.667 system32.txt 23.12.2006 16:15 267.968.512 hiberfil.sys 23.12.2006 16:15 402.653.184 pagefile.sys 23.12.2006 15:10 32.474 avenger.txt 23.12.2006 15:09 10.998 test.log 23.12.2006 15:09 6.023 delete please.txt 22.12.2006 15:16 22.288 der 2. rest.txt 22.12.2006 14:42 1.023 c.txt 22.12.2006 14:23 1.080 hhwimxtw.bat 22.12.2006 14:23 11.662 jmlxkapo.txt 21.12.2006 20:11 21.102 der rest.txt 21.12.2006 19:25 15.006 ComboFix.txt 21.12.2006 18:48 4.161 ComboFix2.txt 03.08.2006 22:01 0 CONFIG.SYS so mal sehn ob wa weiterkommen  ps: zwischendurch gab es ca. 10 abstürze bzw. neustarts |
|
|
|
|
|
|
23.12.2006, 16:25
Ehrenmitglied
Beiträge: 29434 |
#11
es ist fast sinnlos - willst du weiterreinigen ??? falls ja, sag bescheid
__________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
23.12.2006, 16:27
Member
Themenstarter Beiträge: 22 |
#12
joa eigentlich schon xP
|
|
|
|
|
|
|
23.12.2006, 16:38
Ehrenmitglied
Beiträge: 29434 |
#13
Download Registry Search by Bobbi Flekman
http://virus-protect.org/artikel/tools/regsearch.html und doppelklicken, um zu starten. in: "Enter search strings" (reinschreiben oder reinkopieren) ADIDown in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. das gleiche mache mit: COM+ Messages PigeonServer1.23 Process Launcher ¹ÜÀí²¢¿ØÖÆRPC·þÎñÊý¾Ý¿â¡£... Sbscpw VisionService Webclients Win32DDS Win32DHCPsvc WinDHCPsvc WinXPDHCPsvc nsvc32.exe zhongguozhizao.3322.org norton.sys « __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
23.12.2006, 17:41
Member
Themenstarter Beiträge: 22 |
#14
ADIDown
REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 23.12.2006 16:50:15 for strings: ; 'adidown' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ADIDOWN] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ADIDOWN\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ADIDOWN\0000] "Service"="ADIDown" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ADIDOWN\0000\Control] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ADIDOWN\0000\Control] "ActiveService"="ADIDown" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ADIDown] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ADIDown\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ADIDown\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ADIDown\Enum] "0"="Root\\LEGACY_ADIDOWN\\0000" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_ADIDOWN] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_ADIDOWN\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_ADIDOWN\0000] "Service"="ADIDown" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ADIDown] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ADIDown\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ADIDOWN] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ADIDOWN\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ADIDOWN\0000] "Service"="ADIDown" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ADIDOWN\0000\Control] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ADIDOWN\0000\Control] "ActiveService"="ADIDown" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ADIDown] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ADIDown\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ADIDown\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ADIDown\Enum] "0"="Root\\LEGACY_ADIDOWN\\0000" ; End Of The Log... ___________________________________________________________________________ COM+ Messages REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 23.12.2006 16:59:32 for strings: ; 'com+ messages' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_COM+_MESSAGES\0000] "Service"="COM+ Messages" "DeviceDesc"="COM+ Messages" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\COM+ Messages] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\COM+ Messages] "DisplayName"="COM+ Messages" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\COM+ Messages\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\COM+ Messages\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_COM+_MESSAGES\0000] "Service"="COM+ Messages" "DeviceDesc"="COM+ Messages" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\COM+ Messages] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\COM+ Messages] "DisplayName"="COM+ Messages" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\COM+ Messages\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_COM+_MESSAGES\0000] "Service"="COM+ Messages" "DeviceDesc"="COM+ Messages" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\COM+ Messages] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\COM+ Messages] "DisplayName"="COM+ Messages" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\COM+ Messages\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\COM+ Messages\Enum] ; End Of The Log... ___________________________________________________________________________ PigeonServer1.23 REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 23.12.2006 17:03:23 for strings: ; 'pigeonserver1.23' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_PIGEONSERVER1.23] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_PIGEONSERVER1.23\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_PIGEONSERVER1.23\0000] "Service"="PigeonServer1.23" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PigeonServer1.23] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PigeonServer1.23\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PigeonServer1.23\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PigeonServer1.23\Enum] "0"="Root\\LEGACY_PIGEONSERVER1.23\\0000" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_PIGEONSERVER1.23] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_PIGEONSERVER1.23\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_PIGEONSERVER1.23\0000] "Service"="PigeonServer1.23" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PigeonServer1.23] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PigeonServer1.23\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PIGEONSERVER1.23] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PIGEONSERVER1.23\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PIGEONSERVER1.23\0000] "Service"="PigeonServer1.23" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PigeonServer1.23] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PigeonServer1.23\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PigeonServer1.23\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PigeonServer1.23\Enum] "0"="Root\\LEGACY_PIGEONSERVER1.23\\0000" ; End Of The Log... ___________________________________________________________________________ Process Launcher REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 23.12.2006 17:04:50 for strings: ; 'process launcher' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_PROCESS_LAUNCHER\0000] "Service"="Process Launcher" "DeviceDesc"="Process Launcher" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_PROCESS_LAUNCHER\0000\Control] "ActiveService"="Process Launcher" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Process Launcher] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Process Launcher] "DisplayName"="Process Launcher" "Description"="Process Launcher" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Process Launcher\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Process Launcher\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_PROCESS_LAUNCHER\0000] "Service"="Process Launcher" "DeviceDesc"="Process Launcher" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Process Launcher] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Process Launcher] "DisplayName"="Process Launcher" "Description"="Process Launcher" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Process Launcher\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PROCESS_LAUNCHER\0000] "Service"="Process Launcher" "DeviceDesc"="Process Launcher" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_PROCESS_LAUNCHER\0000\Control] "ActiveService"="Process Launcher" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Process Launcher] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Process Launcher] "DisplayName"="Process Launcher" "Description"="Process Launcher" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Process Launcher\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Process Launcher\Enum] ; End Of The Log... ___________________________________________________________________________ ¹ÜÀí²¢¿ØÖÆRPC•þÎñÊý¾Ý¿â¡£... REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 23.12.2006 17:06:13 for strings: ; '¹ÜÀí²¢¿ØÖÆrpc•þÎñÊý¾Ý¿â¡£...' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS ; End Of The Log... ___________________________________________________________________________ Sbscpw REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 23.12.2006 17:07:41 for strings: ; 'sbscpw' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SBSCPW] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SBSCPW\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SBSCPW\0000] "Service"="Sbscpw" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Sbscpw] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Sbscpw\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Sbscpw\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Sbscpw\Enum] "0"="Root\\LEGACY_SBSCPW\\0000" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SBSCPW] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SBSCPW\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SBSCPW\0000] "Service"="Sbscpw" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Sbscpw] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Sbscpw\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBSCPW] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBSCPW\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBSCPW\0000] "Service"="Sbscpw" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sbscpw] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sbscpw\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sbscpw\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sbscpw\Enum] "0"="Root\\LEGACY_SBSCPW\\0000" ; End Of The Log... ___________________________________________________________________________ VisionService REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 23.12.2006 17:09:02 for strings: ; 'visionservice' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_VISIONSERVICE] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_VISIONSERVICE\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_VISIONSERVICE\0000] "Service"="VisionService" "DeviceDesc"="VisionService" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VisionService] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VisionService] "DisplayName"="VisionService" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VisionService\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VisionService\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\VisionService\Enum] "0"="Root\\LEGACY_VISIONSERVICE\\0000" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_VISIONSERVICE] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_VISIONSERVICE\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_VISIONSERVICE\0000] "Service"="VisionService" "DeviceDesc"="VisionService" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\VisionService] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\VisionService] "DisplayName"="VisionService" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\VisionService\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VISIONSERVICE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VISIONSERVICE\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_VISIONSERVICE\0000] "Service"="VisionService" "DeviceDesc"="VisionService" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VisionService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VisionService] "DisplayName"="VisionService" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VisionService\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VisionService\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VisionService\Enum] "0"="Root\\LEGACY_VISIONSERVICE\\0000" ; End Of The Log... ___________________________________________________________________________ Webclients REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 23.12.2006 17:11:00 for strings: ; 'webclients' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WEBCLIENTS] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WEBCLIENTS\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WEBCLIENTS\0000] "Service"="Webclients" "DeviceDesc"="Webclients" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WEBCLIENTS\0000\Control] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WEBCLIENTS\0000\Control] "ActiveService"="Webclients" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Webclients] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Webclients] "DisplayName"="Webclients" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Webclients\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Webclients\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Webclients\Enum] "0"="Root\\LEGACY_WEBCLIENTS\\0000" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WEBCLIENTS] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WEBCLIENTS\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WEBCLIENTS\0000] "Service"="Webclients" "DeviceDesc"="Webclients" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Webclients] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Webclients] "DisplayName"="Webclients" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Webclients\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WEBCLIENTS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WEBCLIENTS\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WEBCLIENTS\0000] "Service"="Webclients" "DeviceDesc"="Webclients" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WEBCLIENTS\0000\Control] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WEBCLIENTS\0000\Control] "ActiveService"="Webclients" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Webclients] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Webclients] "DisplayName"="Webclients" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Webclients\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Webclients\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Webclients\Enum] "0"="Root\\LEGACY_WEBCLIENTS\\0000" ; End Of The Log... ___________________________________________________________________________ Win32DDS REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 23.12.2006 17:12:30 for strings: ; 'win32dds' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WIN32DDS] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WIN32DDS\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WIN32DDS\0000] "Service"="Win32DDS" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Win32DDS] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Win32DDS\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Win32DDS\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Win32DDS\Enum] "0"="Root\\LEGACY_WIN32DDS\\0000" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WIN32DDS] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WIN32DDS\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WIN32DDS\0000] "Service"="Win32DDS" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Win32DDS] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Win32DDS\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WIN32DDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WIN32DDS\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WIN32DDS\0000] "Service"="Win32DDS" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Win32DDS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Win32DDS\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Win32DDS\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Win32DDS\Enum] "0"="Root\\LEGACY_WIN32DDS\\0000" ; End Of The Log... ___________________________________________________________________________ Win32DHCPsvc REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 23.12.2006 17:14:18 for strings: ; 'win32dhcpsvc' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WIN32DHCPSVC] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WIN32DHCPSVC\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WIN32DHCPSVC\0000] "Service"="Win32DHCPsvc" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Win32DHCPsvc] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Win32DHCPsvc\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Win32DHCPsvc\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Win32DHCPsvc\Enum] "0"="Root\\LEGACY_WIN32DHCPSVC\\0000" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WIN32DHCPSVC] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WIN32DHCPSVC\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WIN32DHCPSVC\0000] "Service"="Win32DHCPsvc" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Win32DHCPsvc] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Win32DHCPsvc\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WIN32DHCPSVC] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WIN32DHCPSVC\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WIN32DHCPSVC\0000] "Service"="Win32DHCPsvc" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Win32DHCPsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Win32DHCPsvc\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Win32DHCPsvc\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Win32DHCPsvc\Enum] "0"="Root\\LEGACY_WIN32DHCPSVC\\0000" ; End Of The Log... ___________________________________________________________________________ WinDHCPsvc REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 23.12.2006 17:15:55 for strings: ; 'windhcpsvc' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINDHCPSVC] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINDHCPSVC\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINDHCPSVC\0000] "Service"="WinDHCPsvc" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinDHCPsvc] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinDHCPsvc\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinDHCPsvc\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinDHCPsvc\Enum] "0"="Root\\LEGACY_WINDHCPSVC\\0000" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINDHCPSVC] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINDHCPSVC\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINDHCPSVC\0000] "Service"="WinDHCPsvc" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WinDHCPsvc] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WinDHCPsvc\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINDHCPSVC] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINDHCPSVC\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINDHCPSVC\0000] "Service"="WinDHCPsvc" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDHCPsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDHCPsvc\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDHCPsvc\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDHCPsvc\Enum] "0"="Root\\LEGACY_WINDHCPSVC\\0000" ; End Of The Log... ___________________________________________________________________________ WinXPDHCPsvc REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 23.12.2006 17:17:46 for strings: ; 'winxpdhcpsvc' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINXPDHCPSVC] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINXPDHCPSVC\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINXPDHCPSVC\0000] "Service"="WinXPDHCPsvc" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinXPDHCPsvc] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinXPDHCPsvc\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinXPDHCPsvc\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinXPDHCPsvc\Enum] "0"="Root\\LEGACY_WINXPDHCPSVC\\0000" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINXPDHCPSVC] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINXPDHCPSVC\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINXPDHCPSVC\0000] "Service"="WinXPDHCPsvc" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WinXPDHCPsvc] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WinXPDHCPsvc\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINXPDHCPSVC] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINXPDHCPSVC\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINXPDHCPSVC\0000] "Service"="WinXPDHCPsvc" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinXPDHCPsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinXPDHCPsvc\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinXPDHCPsvc\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinXPDHCPsvc\Enum] "0"="Root\\LEGACY_WINXPDHCPSVC\\0000" ; End Of The Log... ___________________________________________________________________________ nsvc32.exe REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 23.12.2006 17:26:32 for strings: ; 'nsvc32' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\www.ppandora.com] ; Contents of value: ; c:\windows\system32\nsvc32.exe "ImagePath"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,6d,33,32,5c,\ 6e,73,76,63,33,32,2e,65,78,65,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\www.ppandora.com] ; Contents of value: ; c:\windows\system32\nsvc32.exe "ImagePath"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,6d,33,32,5c,\ 6e,73,76,63,33,32,2e,65,78,65,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\www.ppandora.com] ; Contents of value: ; c:\windows\system32\nsvc32.exe "ImagePath"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,6d,33,32,5c,\ 6e,73,76,63,33,32,2e,65,78,65,00 [HKEY_USERS\S-1-5-21-1757981266-854245398-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*] "i"="C:\\Dokumente und Einstellungen\\info\\Desktop\\nsvc32.exe" [HKEY_USERS\S-1-5-21-1757981266-854245398-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\exe] "d"="C:\\Dokumente und Einstellungen\\info\\Desktop\\nsvc32.exe" [HKEY_USERS\S-1-5-21-1757981266-854245398-1202660629-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache] "C:\\Dokumente und Einstellungen\\info\\Desktop\\nsvc32.exe"="nsvc32" ; End Of The Log... ___________________________________________________________________________ zhongguozhizao.3322.org REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 23.12.2006 17:22:44 for strings: ; 'zhongguozhizao.3322.org' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ZHONGGUOZHIZAO.3322.ORG] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ZHONGGUOZHIZAO.3322.ORG\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ZHONGGUOZHIZAO.3322.ORG\0000] "Service"="zhongguozhizao.3322.org" "DeviceDesc"="zhongguozhizao.3322.org" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\zhongguozhizao.3322.org] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\zhongguozhizao.3322.org] ; Contents of value: ; c:\windows\system32\zhongguozhizao.3322.org.exe "ImagePath"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,6d,33,32,5c,\ 7a,68,6f,6e,67,67,75,6f,7a,68,69,7a,61,6f,2e,33,33,32,32,2e,6f,72,67,2e,65,\ 78,65,00 "DisplayName"="zhongguozhizao.3322.org" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\zhongguozhizao.3322.org\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\zhongguozhizao.3322.org\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\zhongguozhizao.3322.org\Enum] "0"="Root\\LEGACY_ZHONGGUOZHIZAO.3322.ORG\\0000" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_ZHONGGUOZHIZAO.3322.ORG] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_ZHONGGUOZHIZAO.3322.ORG\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_ZHONGGUOZHIZAO.3322.ORG\0000] "Service"="zhongguozhizao.3322.org" "DeviceDesc"="zhongguozhizao.3322.org" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\zhongguozhizao.3322.org] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\zhongguozhizao.3322.org] ; Contents of value: ; c:\windows\system32\zhongguozhizao.3322.org.exe "ImagePath"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,6d,33,32,5c,\ 7a,68,6f,6e,67,67,75,6f,7a,68,69,7a,61,6f,2e,33,33,32,32,2e,6f,72,67,2e,65,\ 78,65,00 "DisplayName"="zhongguozhizao.3322.org" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\zhongguozhizao.3322.org\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ZHONGGUOZHIZAO.3322.ORG] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ZHONGGUOZHIZAO.3322.ORG\0000] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ZHONGGUOZHIZAO.3322.ORG\0000] "Service"="zhongguozhizao.3322.org" "DeviceDesc"="zhongguozhizao.3322.org" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\zhongguozhizao.3322.org] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\zhongguozhizao.3322.org] ; Contents of value: ; c:\windows\system32\zhongguozhizao.3322.org.exe "ImagePath"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,6d,33,32,5c,\ 7a,68,6f,6e,67,67,75,6f,7a,68,69,7a,61,6f,2e,33,33,32,32,2e,6f,72,67,2e,65,\ 78,65,00 "DisplayName"="zhongguozhizao.3322.org" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\zhongguozhizao.3322.org\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\zhongguozhizao.3322.org\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\zhongguozhizao.3322.org\Enum] "0"="Root\\LEGACY_ZHONGGUOZHIZAO.3322.ORG\\0000" ; End Of The Log... ___________________________________________________________________________ norton.sys REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 23.12.2006 17:24:29 for strings: ; 'norton.sys' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS ; End Of The Log... ___________________________________________________________________________ so bin fertig hoffe es lohnt sich |O .... ps: mein pc is jez seit 1 1/2 stunden am laufen ... ohne abzustürzen =D Dieser Beitrag wurde am 23.12.2006 um 17:44 Uhr von awtss.dll editiert.
|
|
|
|
|
|
|
23.12.2006, 18:40
Ehrenmitglied
Beiträge: 29434 |
#15
Avenger
kopiere rein Zitat registry keys to delete:poste das log nach neustart + noch mal die 6 logs von datfindbat + noch mal das log von ServiceFilter.zip __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
ich habe Probleme mit Trojanischen Pferden und Droppern. Wenn ich meinen PC starte (dauert seit einpaar Tagen sehr lange) öffnet sich mein IE und zeigt mir Seiten an die ich nicht geöffnet habe. Außerden versucht "irgendetwas" die ganze Zeit meine Startseite zu ändern, weil mein Spybot resident mich die ganze warnt. Folgende Meldungen bekomme ich beim Antivir Guard:
C:\Programme\InetGet2\MTE3MTk6ODoxNg.exe
Ist das Trojanische Pferd TR/Dldr.Small.buy.1
C:\Dokumente und Einstellungen\...\index[5].htm
Enthält Signatur des HTML-Scriptvirus HTML/Dldr.Psyme.X.2
C:\WINDOWS\System32\RpcS.dll
Ist das Trojanische Pferd TR/Delphi.Downloader.Gen
C:\WINDOWS\websvr.part1.exe
Ist das Trojanische Pferd TR/Dldr.Small.DWJ.2
C:\DOKUME~1\info\LOKALE~1\Temp\b103.exe
Enthält Signatur des Droppers DR/Dldr.TSUpdate.O
C:\WINDOWS\system32\nsvc32.exe
Ist das Trojanische Pferd TR/Agent.23224
C:\WINDOWS\...\zhongguozhizao.3322.exe
Ist das Trojanische Pferd TR/Rincux.A
Mittlerweile bekomme ich noch mehr Meldungen...
Hier sind die Logfiles:
_________________________________________________________________
Logfile of HijackThis v1.99.1
Scan saved at 18:12:38, on 21.12.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Java\jre1.5.0_09\bin\jusched.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\vsnpstd.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
C:\Programme\Gemeinsame Dateien\{08BFB934-0321-1031-0921-000003270031}\Update.exe
C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programme\AOL 9.0\aoltray.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\PROGRA~1\GEMEIN~1\aol\ACS\AOLacsd.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programme\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Programme\Opera\Opera.exe
C:\DOKUME~1\info\LOKALE~1\Temp\wowexec.tmp
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\RpcS.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\AntiVir PersonalEdition Classic\GUARDGUI.EXE
C:\Dokumente und Einstellungen\info\Eigene Dateien\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 1717bt.com/bbs
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,rundll32.exe C:\WINDOWS\System32\winsys16_061221.dll start
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - D:\Programme\ICQToolbar\toolbaru.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Info cache - {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} - C:\Dokumente und Einstellungen\All Users\Application Data\Microsoft\PCTools\pctools.dll
O2 - BHO: MallObj Class - {3B30B48F-617D-4F73-A20F-D3D54357F103} - C:\WINDOWS\System32\mallgoo2.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Vision - {6671A431-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\vision\vision.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar3.dll
O2 - BHO: (no name) - {C155E2F4-EA4D-48AD-BEE2-C837C0DC137F} - C:\WINDOWS\system32\fmaqypjbeqhtp.dll
O2 - BHO: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\GEMEIN~1\{38BFB~1\Bar888.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Programme\ICQToolbar\toolbaru.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar3.dll
O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\GEMEIN~1\{38BFB~1\Bar888.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Babylon Client] D:\Programme\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ICQ Lite] "D:\Programme\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [{08BFB934-0321-1031-0921-000003270031}] "C:\Programme\Gemeinsame Dateien\{08BFB934-0321-1031-0921-000003270031}\Update.exe" te-110-12-0000175
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Programme\Gemeinsame Dateien\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: >>²ÊÐÅ•¢ËÍ<< - res://C:\PROGRA~1\vision\vision.dll/mms.htm
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\vision\vision.dll
O9 - Extra 'Tools' menuitem: ²ÊE¾«ÁéÉèÖà - {6671A433-5C3D-463d-A7CF-5587F9B7E191} - C:\PROGRA~1\vision\vision.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - d:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - d:\Programme\PartyGaming.Net\PartyPokerNet\RunPF.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.maalaimalar.com/wfplayer/tdserver.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols3/fscax.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\GEMEIN~1\aol\ACS\AOLacsd.exe
O23 - Service: COM+ Messages - Unknown owner - C:\WINDOWS\System32\svchosts.exe" -e te-110-12-0000175 (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Transaction Provisioning Service (Sbscpw) - Unknown owner - C:\WINDOWS\System32\oZIpT.exe (file missing)
O23 - Service: www.ppandora.com - Unknown owner - C:\WINDOWS\System32\nsvc32.exe (file missing)
O23 - Service: zhongguozhizao.3322.org - Unknown owner - C:\WINDOWS\System32\zhongguozhizao.3322.org.exe (file missing)
_________________________________________________________________
CleanUp! erfolgreich durchgeführt und beendet
_________________________________________________________________
info - 06-12-21 19:15:43.72 Service Pack 1
ComboFix 06.11.27 - Running from: "C:\Dokumente und Einstellungen\info\Eigene Dateien"
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Programme\Gemeinsame Dateien\{08BFB934-0321-1031-0921-000003270031}
C:\Programme\Gemeinsame Dateien\{38BFB934-0321-1031-0921-000003270031}
C:\Programme\Gemeinsame Dateien\{08BFB934-0321-1031-0921-000003270031}
C:\Programme\Gemeinsame Dateien\{38BFB934-0321-1031-0921-000003270031}
((((((((((((((((((((((((((((((( Files Created from 2006-11-21 to 2006-12-21 ))))))))))))))))))))))))))))))))))
2006-12-21 19:19 116 --a------ C:\myDelm.bat
2006-12-21 19:06 45,896 --a------ C:\WINDOWS\system32\svchqs.exe
2006-12-21 18:59 32,512 --a------ C:\WINDOWS\system32\drivers\npf.sys
2006-12-21 18:56 31,232 --a------ C:\WINDOWS\Realplayones.exe
2006-12-21 18:56 203,776 --a------ C:\WINDOWS\system32\qyxdiatvoacup.dll
2006-12-21 18:51 37,888 --a------ C:\WINDOWS\system32\scvhsot.exe
2006-12-21 18:51 203,776 --a------ C:\WINDOWS\system32\wlkrgsqdoydyf.dll
2006-12-21 18:46 116 --a------ C:\myDelm.bat
2006-12-21 18:31 203,776 --a------ C:\WINDOWS\system32\hgcgpyytzouyv.dll
2006-12-21 18:31 203,776 --a------ C:\WINDOWS\system32\hgcgpyytzouyv.dll
2006-12-21 18:28 203,776 --a------ C:\WINDOWS\system32\unehdalvccmfi.dll
2006-12-21 18:28 203,776 --a------ C:\WINDOWS\system32\unehdalvccmfi.dll
2006-12-21 18:14 <DIR> d-------- C:\CleanUp!
2006-12-21 18:14 <DIR> d-------- C:\CleanUp!
2006-12-21 18:09 203,776 --a------ C:\WINDOWS\system32\fmaqypjbeqhtp.dll
2006-12-21 18:09 203,776 --a------ C:\WINDOWS\system32\fmaqypjbeqhtp.dll
2006-12-21 17:51 203,776 --a------ C:\WINDOWS\system32\ssbmvajmtvmgk.dll
2006-12-21 17:51 203,776 --a------ C:\WINDOWS\system32\ssbmvajmtvmgk.dll
2006-12-21 17:49 203,776 --a------ C:\WINDOWS\system32\dzispyxiodbmi.dll
2006-12-21 17:49 203,776 --a------ C:\WINDOWS\system32\dzispyxiodbmi.dll
2006-12-21 17:49 203,776 --a------ C:\WINDOWS\system32\azysosblrufdt.dll
2006-12-21 17:49 203,776 --a------ C:\WINDOWS\system32\azysosblrufdt.dll
2006-12-21 17:22 203,776 --a------ C:\WINDOWS\system32\zqijbtsuplvom.dll
2006-12-21 17:22 203,776 --a------ C:\WINDOWS\system32\zqijbtsuplvom.dll
2006-12-21 17:22 203,776 --a------ C:\WINDOWS\system32\dudctxukpsymw.dll
2006-12-21 17:22 203,776 --a------ C:\WINDOWS\system32\dudctxukpsymw.dll
2006-12-21 17:04 203,776 --a------ C:\WINDOWS\system32\wkpcjnnymwmqn.dll
2006-12-21 17:04 203,776 --a------ C:\WINDOWS\system32\wkpcjnnymwmqn.dll
2006-12-21 17:04 203,776 --a------ C:\WINDOWS\system32\rqqyajamqfdbe.dll
2006-12-21 17:04 203,776 --a------ C:\WINDOWS\system32\rqqyajamqfdbe.dll
2006-12-21 17:04 203,776 --a------ C:\WINDOWS\system32\rlgdwqnbohkgh.dll
2006-12-21 17:04 203,776 --a------ C:\WINDOWS\system32\rlgdwqnbohkgh.dll
2006-12-21 16:59 203,776 --a------ C:\WINDOWS\system32\tpezydravqwaq.dll
2006-12-21 16:59 203,776 --a------ C:\WINDOWS\system32\tpezydravqwaq.dll
2006-12-21 14:51 203,776 --a------ C:\WINDOWS\system32\cxpfmcjvexqoy.dll
2006-12-21 14:51 203,776 --a------ C:\WINDOWS\system32\cxpfmcjvexqoy.dll
2006-12-21 14:50 203,776 --a------ C:\WINDOWS\system32\mvofmvdnihrlf.dll
2006-12-21 14:50 203,776 --a------ C:\WINDOWS\system32\mvofmvdnihrlf.dll
2006-12-21 14:45 <DIR> d--hs---- C:\WINDOWS\aW5mbw
2006-12-21 14:45 <DIR> d--hs---- C:\WINDOWS\aW5mbw
2006-12-20 22:42 203,776 --a------ C:\WINDOWS\system32\djyqfqyqirltg.dll
2006-12-20 22:42 203,776 --a------ C:\WINDOWS\system32\djyqfqyqirltg.dll
2006-12-20 22:39 203,776 --a------ C:\WINDOWS\system32\dxnahgnztnwep.dll
2006-12-20 22:39 203,776 --a------ C:\WINDOWS\system32\dxnahgnztnwep.dll
2006-12-20 18:46 203,776 --a------ C:\WINDOWS\system32\nhyehogqkdbqt.dll
2006-12-20 18:46 203,776 --a------ C:\WINDOWS\system32\nhyehogqkdbqt.dll
2006-12-20 18:42 120,847 --a------ C:\WINDOWS\tubar1253.exe
2006-12-20 18:42 120,847 --a------ C:\WINDOWS\tubar1253.exe
2006-12-20 18:41 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Application Data
2006-12-20 18:41 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Application Data
2006-12-20 18:38 85,960 -r-hs---- C:\WINDOWS\system32\scrsys061220.scr
2006-12-20 18:38 85,960 -r-hs---- C:\WINDOWS\system32\scrsys061220.scr
2006-12-20 18:38 85,960 -r-hs---- C:\WINDOWS\system32\AlxRes061220.exe
2006-12-20 18:38 85,960 -r-hs---- C:\WINDOWS\system32\AlxRes061220.exe
2006-12-20 18:38 27,136 -r-hs---- C:\WINDOWS\system32\winsys16_061220.dll
2006-12-20 18:38 27,136 -r-hs---- C:\WINDOWS\system32\winsys16_061220.dll
2006-12-20 18:38 27,136 -r-hs---- C:\WINDOWS\system32\scrsys16_061220.scr
2006-12-20 18:38 27,136 -r-hs---- C:\WINDOWS\system32\scrsys16_061220.scr
2006-12-20 18:38 159,744 --a------ C:\WINDOWS\dodolook059.exe
2006-12-20 18:38 159,744 --a------ C:\WINDOWS\dodolook059.exe
2006-12-20 18:36 28,672 --a------ C:\WINDOWS\system32\drivers\00001085.SYS
2006-12-20 18:36 28,672 --a------ C:\WINDOWS\system32\drivers\00001085.SYS
2006-12-20 18:36 139,264 --a------ C:\WINDOWS\mTmp.exe
2006-12-20 18:36 139,264 --a------ C:\WINDOWS\mTmp.exe
2006-12-20 18:36 122,342 --a------ C:\WINDOWS\mms_730.exe
2006-12-20 18:36 122,342 --a------ C:\WINDOWS\mms_730.exe
2006-12-20 18:36 <DIR> d-------- C:\Programme\vision
2006-12-20 18:36 <DIR> d-------- C:\Programme\vision
2006-12-20 18:35 91,648 --a------ C:\WINDOWS\mycount.exe
2006-12-20 18:35 91,648 --a------ C:\WINDOWS\mycount.exe
2006-12-20 18:35 203,776 --a------ C:\WINDOWS\system32\knxngdwfejlwd.dll
2006-12-20 18:35 203,776 --a------ C:\WINDOWS\system32\knxngdwfejlwd.dll
2006-12-20 18:35 0 --a------ C:\WINDOWS\rtti.dll
2006-12-20 18:35 0 --a------ C:\WINDOWS\rtti.dll
2006-12-20 18:30 86,164 -r-hs---- C:\WINDOWS\system32\scrsys061221.scr
2006-12-20 18:30 86,164 -r-hs---- C:\WINDOWS\system32\scrsys061221.scr
2006-12-20 18:30 86,164 -r-hs---- C:\WINDOWS\system32\AlxRes061221.exe
2006-12-20 18:30 86,164 -r-hs---- C:\WINDOWS\system32\AlxRes061221.exe
2006-12-20 18:30 27,136 -r-hs---- C:\WINDOWS\system32\winsys16_061221.dll
2006-12-20 18:30 27,136 -r-hs---- C:\WINDOWS\system32\winsys16_061221.dll
2006-12-20 18:30 27,136 -r-hs---- C:\WINDOWS\system32\scrsys16_061221.scr
2006-12-20 18:30 27,136 -r-hs---- C:\WINDOWS\system32\scrsys16_061221.scr
2006-12-20 18:30 162,816 -r-hs---- C:\WINDOWS\system32\winsys32_061221.dll
2006-12-20 18:30 162,816 -r-hs---- C:\WINDOWS\system32\winsys32_061221.dll
2006-12-20 18:27 162,304 --------- C:\WINDOWS\system32\winsys32_061220.dll
2006-12-20 18:27 162,304 --------- C:\WINDOWS\system32\winsys32_061220.dll
2006-12-17 20:27 3,531,776 --a------ C:\WINDOWS\regedit.com
2006-12-17 20:27 3,531,776 --a------ C:\WINDOWS\regedit.com
2006-12-17 20:27 3,531,776 --a------ C:\WINDOWS\net.com
2006-12-17 20:27 3,531,776 --a------ C:\WINDOWS\net.com
2006-12-17 20:27 3,531,776 --a------ C:\WINDOWS\cmd.com
2006-12-17 20:27 3,531,776 --a------ C:\WINDOWS\cmd.com
2006-12-15 22:40 33,588 --a------ C:\WINDOWS\system32\drivers\wanatw4.sys
2006-12-15 22:40 33,588 --a------ C:\WINDOWS\system32\drivers\wanatw4.sys
2006-12-15 22:40 153,088 --a------ C:\WINDOWS\system32\jgdwmie.dll
2006-12-15 22:40 153,088 --a------ C:\WINDOWS\system32\jgdwmie.dll
2006-12-15 22:39 225,280 --a------ C:\WINDOWS\system32\AOLDial.dll
2006-12-15 22:39 225,280 --a------ C:\WINDOWS\system32\AOLDial.dll
2006-12-15 22:39 <DIR> d-------- C:\Programme\Gemeinsame Dateien\aolshare
2006-12-15 22:39 <DIR> d-------- C:\Programme\Gemeinsame Dateien\aolshare
2006-12-15 22:39 <DIR> d-------- C:\Programme\AOL 9.0
2006-12-15 22:39 <DIR> d-------- C:\Programme\AOL 9.0
2006-12-15 22:21 <DIR> d-------- C:\Programme\Gemeinsame Dateien\aolback
2006-12-15 22:21 <DIR> d-------- C:\Programme\Gemeinsame Dateien\aolback
2006-12-10 16:33 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2006-12-10 16:33 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2006-12-02 03:39 77,824 --a------ C:\WINDOWS\system32\mallgoo2.dll
2006-12-02 03:39 77,824 --a------ C:\WINDOWS\system32\mallgoo2.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-21 18:46 -------- d-------- C:\Programme\Gemeinsame Dateien
2006-12-21 16:24 -------- d-------- C:\Programme\AntiVir PersonalEdition Classic
2006-12-21 14:47 34304 --a------ C:\WINDOWS\system32\drivers\avgntdd.sys
2006-12-21 14:47 14848 --a------ C:\WINDOWS\system32\drivers\avgntmgr.sys
2006-12-18 20:38 -------- d-------- C:\Programme\Gemeinsame Dateien\aol
2006-12-15 22:44 -------- d-------- C:\Dokumente und Einstellungen\info\Anwendungsdaten\AOL
2006-12-15 22:07 -------- d-------- C:\Dokumente und Einstellungen\info\Anwendungsdaten\Mozilla
2006-12-10 13:33 -------- d-------- C:\Dokumente und Einstellungen\info\Anwendungsdaten\teamspeak2
2006-11-15 14:14 -------- d-------- C:\Dokumente und Einstellungen\info\Anwendungsdaten\Adobe
2006-11-12 16:52 -------- d-------- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared
2006-11-12 16:46 -------- d-------- C:\Programme\Gemeinsame Dateien\Adobe
2006-11-12 16:40 -------- d--h----- C:\Programme\InstallShield Installation Information
2006-11-12 16:40 -------- d-------- C:\Programme\Adobe
2006-11-11 13:27 -------- d-------- C:\Dokumente und Einstellungen\info\Anwendungsdaten\REAPER
2006-11-07 18:36 -------- d-------- C:\Programme\Gemeinsame Dateien\snpstd
2006-11-06 23:15 69456 --a------ C:\Dokumente und Einstellungen\info\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2006-11-04 11:11 -------- d-------- C:\Programme\Java
2006-10-30 13:37 -------- d-------- C:\Programme\Google
2006-10-28 12:06 -------- d-------- C:\Programme\Internet Explorer
2006-10-28 12:05 -------- d-------- C:\Dokumente und Einstellungen\info\Anwendungsdaten\MSN6
2006-10-28 11:51 -------- d-------- C:\Programme\Online-Dienste
2006-10-28 10:48 -------- d-------- C:\Programme\Windows Media Player
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Programme\\Gemeinsame Dateien\\Ahead\\lib\\NMBgMonitor.exe\""
"MsnMsgr"="\"C:\\Programme\\MSN Messenger\\MsnMsgr.Exe\" /background"
"swg"="C:\\Programme\\Google\\GoogleToolbarNotifier\\1.0.720.3640\\GoogleToolbarNotifier.exe"
"SpybotSD TeaTimer"="C:\\Programme\\Spybot - Search & Destroy\\TeaTimer.exe"
"CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NWEReboot"=""
"NeroFilterCheck"="C:\\WINDOWS\\System32\\NeroCheck.exe"
"Easy-PrintToolBox"="C:\\Programme\\Canon\\Easy-PrintToolBox\\BJPSMAIN.EXE /logon"
"SunJavaUpdateSched"="\"C:\\Programme\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"QuickTime Task"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime"
"TkBellExe"="\"C:\\Programme\\Gemeinsame Dateien\\Real\\Update_OB\\realsched.exe\" -osboot"
"Babylon Client"="D:\\Programme\\Babylon\\Babylon-Pro\\Babylon.exe -AutoStart"
"avgnt"="\"C:\\Programme\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
"ICQ Lite"="\"D:\\Programme\\ICQLite\\ICQLite.exe\" -minimize"
"snpstd"="C:\\WINDOWS\\vsnpstd.exe"
"AOLDialer"="C:\\Programme\\Gemeinsame Dateien\\AOL\\ACS\\AOLDial.exe"
"{08BFB934-0321-1031-0921-000003270031}"="\"C:\\Programme\\Gemeinsame Dateien\\{08BFB934-0321-1031-0921-000003270031}\\Update.exe\" te-110-12-0000175"
"QQKAV"="C:\\WINDOWS\\System32\\scvhsot.exe"
"jiahus"="c:\\windows\\system32\\svchqs.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Die derzeitige Homepage"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,e6,00,00,00,00,00,00,00,9a,03,00,00,42,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"swg"="C:\\Programme\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"swg"="C:\\Programme\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Completion time: 06-12-21 19:25:37.45
C:\ComboFix.txt ... 06-12-21 19:25
C:\ComboFix2.txt ... 06-12-21 18:48
_________________________________________________________________
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 08BF-B934
Verzeichnis von C:\WINDOWS\system32
21.12.2006 19:47 172 myconfig.ini
21.12.2006 19:47 45.568 svch0st.exe
21.12.2006 19:47 31.306 devgt.exe
21.12.2006 19:44 41.472 windds32.dll
21.12.2006 19:44 46.080 xpdhcp.dll
21.12.2006 19:44 28.476 rx.dll
21.12.2006 19:44 41.984 windhcp.ocx
21.12.2006 19:43 203.776 ruqesgeztghyu.dll
21.12.2006 19:43 203.776 tytwmoyrdzucl.dll
21.12.2006 19:43 3.704 almms.dat
21.12.2006 19:40 203.776 zagdrbmmxizls.dll
21.12.2006 19:40 41.984 ksdihg.dll
21.12.2006 19:39 1.968 webhit.ini.tmp
21.12.2006 19:39 154 webhit.ini
21.12.2006 19:39 203.776 jpbtgmruuzobw.dll
21.12.2006 19:39 203.776 nwcxkjcrwewgh.dll
21.12.2006 19:39 203.776 umjtxhmdlmrjl.dll
21.12.2006 19:37 37.725 QQhx.dat
21.12.2006 19:37 37.725 ksdihg.exe
21.12.2006 19:37 203.776 zkjlklbhgswcb.dll
21.12.2006 19:24 203.776 ghkorhruizrvl.dll
21.12.2006 18:56 203.776 qyxdiatvoacup.dll
21.12.2006 18:51 203.776 wlkrgsqdoydyf.dll
21.12.2006 18:51 98 d3d1caps.SRG
21.12.2006 18:50 37.888 scvhsot.exe
21.12.2006 18:46 30 d3d3caps.SRG
21.12.2006 18:31 203.776 hgcgpyytzouyv.dll
21.12.2006 18:28 203.776 unehdalvccmfi.dll
21.12.2006 18:09 203.776 fmaqypjbeqhtp.dll
21.12.2006 17:51 203.776 ssbmvajmtvmgk.dll
21.12.2006 17:49 203.776 azysosblrufdt.dll
21.12.2006 17:49 203.776 dzispyxiodbmi.dll
21.12.2006 17:22 203.776 dudctxukpsymw.dll
21.12.2006 17:22 203.776 zqijbtsuplvom.dll
21.12.2006 17:04 203.776 rlgdwqnbohkgh.dll
21.12.2006 17:04 203.776 wkpcjnnymwmqn.dll
21.12.2006 17:04 203.776 rqqyajamqfdbe.dll
21.12.2006 16:59 203.776 tpezydravqwaq.dll
21.12.2006 14:51 203.776 cxpfmcjvexqoy.dll
21.12.2006 14:50 203.776 mvofmvdnihrlf.dll
20.12.2006 22:42 203.776 djyqfqyqirltg.dll
20.12.2006 22:39 203.776 dxnahgnztnwep.dll
20.12.2006 18:50 1.464 00001085.DAT
20.12.2006 18:46 203.776 nhyehogqkdbqt.dll
20.12.2006 18:41 32 mprmsgse.axz
20.12.2006 18:38 27.136 winsys16_061220.dll
20.12.2006 18:38 27.136 scrsys16_061220.scr
20.12.2006 18:38 85.960 scrsys061220.scr
20.12.2006 18:38 85.960 AlxRes061220.exe
20.12.2006 18:35 203.776 knxngdwfejlwd.dll
20.12.2006 18:30 27.136 winsys16_061221.dll
20.12.2006 18:30 27.136 scrsys16_061221.scr
20.12.2006 18:30 162.816 winsys32_061221.dll
20.12.2006 18:30 86.164 AlxRes061221.exe
20.12.2006 18:30 86.164 scrsys061221.scr
20.12.2006 18:27 162.304 winsys32_061220.dll
02.12.2006 03:39 77.824 mallgoo2.dll
--------------------------------------------------------------------------
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 08BF-B934
Verzeichnis von C:\DOKUME~1\info\LOKALE~1\Temp
21.12.2006 19:48 76 27893.txt
21.12.2006 19:48 76 17483.txt
21.12.2006 19:47 653 config.mdb
21.12.2006 19:47 663.552 zi.exe
21.12.2006 19:47 76 27032.txt
21.12.2006 19:47 16.384 ~DF952B.tmp
21.12.2006 19:47 76 8659.txt
21.12.2006 19:47 45.056 mhs2.dll
21.12.2006 19:47 43.600 0055.exe
21.12.2006 19:46 31.306 mh.exe
21.12.2006 19:45 512 ~DF2B97.tmp
21.12.2006 19:43 246.272 svchoost.exe
21.12.2006 19:40 45.947 nu.dll
21.12.2006 19:40 76 20377.txt
21.12.2006 19:40 126.603 ie777.exe
21.12.2006 19:40 32.512 npf.sys
21.12.2006 19:40 234.186 ~tenp.exe
21.12.2006 19:40 39.758 18745.exe
21.12.2006 19:39 3.531.776 JnZOLgjY
21.12.2006 19:39 40.457 iim.dll
21.12.2006 19:39 21.213 itemp.exe
21.12.2006 19:39 61.440 wanpacket.dll
21.12.2006 19:39 81.920 packet.dll
21.12.2006 19:39 121.249 ie888.exe
21.12.2006 19:39 31.232 iesys.exe
21.12.2006 19:37 254.750 14183.exe
21.12.2006 19:37 37.725 793.exe
21.12.2006 19:37 37.888 ~WRC0001.tmp
21.12.2006 19:37 76 8144.txt
21.12.2006 19:37 45.896 26461.exe
21.12.2006 19:35 3.531.776 UCvnfwmI
21.12.2006 19:35 3.531.776 qTuAIfdJ
21.12.2006 19:35 3.531.776 EdYOcgLz
21.12.2006 19:35 3.531.776 YyLZbRRu
21.12.2006 19:34 3.531.776 nJLVesgi
21.12.2006 19:27 36 kDRAGBR
21.12.2006 19:27 196 WtjKJHgl
21.12.2006 19:27 93.184 wowexec.tmp
21.12.2006 19:05 45.896 24820.exe
21.12.2006 17:42 3.531.776 MediaSups.exe
21.12.2006 17:42 3.531.776 xJFoYmWX
21.12.2006 19:27 9.350 IDmIr.exe.vir
21.12.2006 19:29 98.167 lHBmvA.exe
---------
Verzeichnis von C:\WINDOWS
21.12.2006 19:44 663.552 G_Server1.23.exe
21.12.2006 19:40 421 winsys.ini
21.12.2006 19:39 31.232 Realplayones.exe
21.12.2006 18:38 139.264 mTmp.exe
21.12.2006 18:38 4.286 tmp.ico
21.12.2006 18:33 120.847 tubar1253.exe
21.12.2006 18:28 159.744 dodolook059.exe
21.12.2006 18:27 122.342 mms_730.exe
21.12.2006 18:26 91.648 mycount.exe
21.12.2006 17:42 3.531.776 cmd.com
21.12.2006 17:42 3.531.776 net.com
21.12.2006 17:42 3.531.776 regedit.com
20.12.2006 18:35 0 rtti.dll