Ergebnis 1 bis 6 von 6

Thema: trojan backdoor in windows\system\reginv.dll-how to proceed with HJthis?? HELP!!

  1. #1
    Einsteiger
    Registriert seit
    08.02.2005
    Beiträge
    1

    trojan backdoor in windows\system\reginv.dll-how to proceed with HJthis?? HELP!!

    hello!!
    I really hope u can help me 'cause I'm not that good at all in this computering stuff and then........I can spesk english and not german!!
    well.............I've a version of windows 98 SE

    and this virus is driving me crazy....
    I scanned my PC with avast antivirus and the followin is the log of HJTHIS
    Somebody told me that before erasing using Hjthis u must be sure that preocess in exe are shut..
    well .....with ctrl+alt+canc it seems that everything is closed but if i start process explorer some processes in exe are running........the problem is that i don't knoe how to stop them before fixing with HJThis.............

    i attach this
    Code:
    Logfile of HijackThis v1.99.0
    Scan saved at 13.44.52, on 08/02/05
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
    
    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SERVICES.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\DOCUMENTI\PROGRAMMI\HJTHIS\HIJACKTHIS.EXE
    
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.magicaweb.it/motori.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virgilio.it/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = marcello
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    F1 - win.ini: run=                                                                                              C:\WINDOWS\system\sservice.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
    O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
    O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\RunServices: [avast!] C:\Programmi\Alwil Software\Avast4\ashServ.exe
    O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
    O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {ADB6CCF9-8853-4431-82A0-B7494DED18C3} (WcnfGrpCtl Class) - http://download.paltalk.com/webconft...oupControl.cab
    O16 - DPF: {F5820AD3-9B20-423E-B2AA-7AF2B4055746} (CRegistryDownload Class) - http://download.paltalk.com/download/0.x/regdload.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by2fd.bay2.hotmail.msn.com/re...s/MsnPUpld.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
    
    Sorry for the silly questions but I'm not that good in this............
    hope u can give me easy suggestions and step by step  to solve my problem
    THx

    Tommaso
    Geändert von Ruby (16.02.2005 um 04:48 Uhr) Grund: BoardRules: Know how - HijackThis

  2. #2
    Unregistriert
    Gast

    AW: trojan backdoor in windows\system\reginv.dll-how to proceed with HJthis?? HELP!!

    Zitat Zitat von tommaso
    hello!!
    I really hope u can help me 'cause I'm not that good at all in this computering stuff and then........I can spesk english and not german!!
    well.............I've a version of windows 98 SE

    and this virus is driving me crazy....
    I scanned my PC with avast antivirus and the followin is the log of HJTHIS
    Somebody told me that before erasing using Hjthis u must be sure that preocess in exe are shut..
    well .....with ctrl+alt+canc it seems that everything is closed but if i start process explorer some processes in exe are running........the problem is that i don't knoe how to stop them before fixing with HJThis.............

    i attach this

    Logfile of HijackThis v1.99.0
    Scan saved at 13.44.52, on 08/02/05
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SERVICES.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\DOCUMENTI\PROGRAMMI\HJTHIS\HIJACKTHIS.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.magicaweb.it/motori.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.virgilio.it/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = marcello
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
    F1 - win.ini: run= C:\WINDOWS\system\sservice.exe
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMI\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmi\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O4 - HKLM\..\Run: [Run StartupMonitor] StartupMonitor.exe
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
    O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
    O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [MessengerPlus3] "C:\Programmi\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\RunServices: [avast!] C:\Programmi\Alwil Software\Avast4\ashServ.exe
    O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
    O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
    O12 - Plugin for .pdf: C:\PROGRA~1\INTERN~1\PLUGINS\nppdf32.dll
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {ADB6CCF9-8853-4431-82A0-B7494DED18C3} (WcnfGrpCtl Class) - http://download.paltalk.com/webconft...oupControl.cab
    O16 - DPF: {F5820AD3-9B20-423E-B2AA-7AF2B4055746} (CRegistryDownload Class) - http://download.paltalk.com/download/0.x/regdload.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by2fd.bay2.hotmail.msn.com/re...s/MsnPUpld.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab

    Sorry for the silly questions but I'm not that good in this............
    hope u can give me easy suggestions and step by step to solve my problem

    THx

    Tommaso
    I add this.......maybe it's usefull

    DoubleClick: Cookie tracciante (Internet Explorer: Magica) (Cookie, nothing done)


    Alexa Related: What's related link (Sostituisci file, nothing done)
    C:\WINDOWS\Web\RELATED.HTM

    DSO Exploit: Data source object exploit (Modifica al registro, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersio n\Internet Settings\Zones\0\1004!=W=3

    NewsUpdate: Libreria dei tipi (CTMarq ActiveX Control module) (Chiave di registro, nothing done)
    HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{C1B43B7E-8B3C-11D4-B615-00A0C98E9F5B}

    NewsUpdate: Ad settings (Chiave di registro, nothing done)
    HKEY_LOCAL_MACHINE\Software\Creative Tech\Software Installed\News

    NewsUpdate: Classe radice (Root) (Chiave di registro, nothing done)
    HKEY_CLASSES_ROOT\CTMARQ.CTMarqCtrl.1

    NewsUpdate: ID di classe (Chiave di registro, nothing done)
    HKEY_CLASSES_ROOT\CLSID\{C1B43B81-8B3C-11D4-B615-00A0C98E9F5B}

    NewsUpdate: Interfaccia (_DCTMarq) (Chiave di registro, nothing done)
    HKEY_LOCAL_MACHINE\Software\Classes\Interface\{C1B43B7F-8B3C-11D4-B615-00A0C98E9F5B}

    NewsUpdate: Interfaccia (_DCTMarqEvents) (Chiave di registro, nothing done)
    HKEY_LOCAL_MACHINE\Software\Classes\Interface\{C1B43B80-8B3C-11D4-B615-00A0C98E9F5B}

    NewsUpdate: Program directory (Cartella, nothing done)
    C:\Programmi\Creative\News\

    VLoading: Utilizzo di moduli (Chiave di registro, nothing done)
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion \ModuleUsage\C:/WINDOWS/Downloaded Program Files/MaConnect.dll


    --- Spybot - Search && Destroy version: 1.3 ---
    2004-05-12 Includes\Cookies.sbi
    2004-05-12 Includes\Dialer.sbi
    2004-05-12 Includes\Hijackers.sbi
    2004-05-12 Includes\Keyloggers.sbi
    2004-05-12 Includes\LSP.sbi
    2004-05-12 Includes\Malware.sbi
    2004-05-12 Includes\Revision.sbi
    2004-05-12 Includes\Security.sbi
    2004-05-12 Includes\Spybots.sbi
    2004-05-12 Includes\Tracks.uti
    2004-05-12 Includes\Trojans.sbi


    thnk you!
    Tom

  3. #3
    Supermod a.D. Avatar von Ruby
    Registriert seit
    25.01.2005
    Ort
    The Netherlands
    Beiträge
    20.038

    AW: trojan backdoor in windows\system\reginv.dll-how to proceed with HJthis?? HELP!

    Hi tommaso

    Make sure you set windows to see the hidden files and folders.

    Download escan: mwav.exe. Create a new directory c:\bases (MUST!) and unzip (!) the mwav.exe into that directory. Use kavupd.exe to get the latest signatures.

    Go to safe mode, turn off System Restore. Close everything else, all windows, all browsers, stay offline, and start a full scan (all files) (!) by running mwavscan.com. This scan lasts about one an hour. Reboot your system into normal mode. Turn on System Restore. Search the logfile (mwav.log) and post everything (!) escan flagged as "virus". Also post the result:

    =>Total Number of Files Scanned:
    =>Total Number of Virus(es) Found:
    =>Total Number of Disinfected Files:
    =>Total Number of Files Renamed:
    =>Total Number of Deleted Files:
    =>Total Number of Errors:
    ***** Scanning complete. *****

  4. #4
    Unregistriert
    Gast

    AW: trojan backdoor in windows\system\reginv.dll-how to proceed with HJthis?? HELP!

    Zitat Zitat von Ruby
    Hi tommaso

    Make sure you set windows to see the hidden files and folders.

    Download escan: mwav.exe. Create a new directory c:\bases (MUST!) and unzip (!) the mwav.exe into that directory. Use kavupd.exe to get the latest signatures.
    THX friend............but ......I feel so ignorant!! ........could u pls explain step by step what do I have to do after downloading mwav.exe???........
    sorry and thank u again

    Tom

  5. #5
    Supermod a.D. Avatar von Ruby
    Registriert seit
    25.01.2005
    Ort
    The Netherlands
    Beiträge
    20.038

    AW: trojan backdoor in windows\system\reginv.dll-how to proceed with HJthis?? HELP!

    I've got some help.... www.wiredguide.com
    Code:
    Step 1: Create a Download Folder
    The first step in downloading from the internet, is to create a folder where you will save your downloaded files.  This will help you to locate the file once it is downloaded into your computer. To create a new folder (directory) called "download" use Windows Explorer, highlight your C: drive, and then click on these menu items, one after the other: File | New > Folder. When a folder entitled New Folder is created, rename it "download". 
    
    Step 2: Create a Folder "bases"
    The second step in downloading from the internet, is to create a folder where you will must take your downloaded file: mwav.exe when you are extracting it. This will help you to locate the file once it is downloaded into your computer. To create a new folder (directory) called "bases" use Windows Explorer, highlight your C: drive, and then click on these menu items, one after the other: File | New > Folder. When a folder entitled New Folder is created, rename it "bases". 
    
    Step 3: Download a File Using Your Browser
    Microsoft Internet Explorer (MSIE), and other browsers work in similar ways. After you click the Download Now button, a small window will open and ask you, "What would you like to do with this file?" or something like that. Simply click on the "Save it to disk" or "Save" choice, and then click OK. When the familiar "Save As" window appears, use it to navigate to your first created C:\download folder and click "Save." Watch and wait until the file has finished downloading. Problems? Some older versions of MSIE may require that you right-click on "Download Now," and select "Save Target As" to be able to begin the process described above.
    
    Step 4: Download and Install WinZip
    Click on this link to download the evaluation version of WinZip. Put it in your computer's  C:\download folder. The WinZip file is in the form of an .exe that can be run and installed without any additional steps.
    
    Congratulations!
    You've successfully downloaded files.
    
    Step 5: Install your file 
    Double-click on winzip81.exe to install WinZip, then follow the easy step-by-step installation instructions. We suggest you take all of the suggested default settings and scan all your drives for favorite folders. WinZip can then easily access your C:\download directory for the next step. STOP when you reach the "WinZip Wizard - Welcome" window, and proceed with the next instruction. WinZip has probably been set up to launch using wizards, which are interfaces designed to make it easier to use new programs. They present each step in a series of separate windows, with options and decisions for you to make before you click Next to proceed. 
    
    Step 6: Now you click on the downloaded mwav.exe with the right mouse. You will see a window with many words and winzip. Extract the mwav.exe to the second folder you have created C:\bases. Being there, click on the button "extract" within winzip. Now all the files are extracting to C:\bases. 
    
    Step 7: How To Handle *.exe and *.com Files
    As mentioned at the beginning of Step 3, you will find files ending in *.exe and *.com. The .exe files that you downloaded are ready to be run.
    
    Step 8: Once there, you can double-click on kavupd.exe. Now you see a DOS window, doubleclick linke mouse and it will run and update the last signatures out the web. "Press any key to continue" .. press v  .. escan ist updated. 
    
    Step 9: Now you move to safe mode. Turn off System Restore. Being there you open once more the folder "bases" on C:\ with the Windows Explorer. In this folder you will find "mwavscan.com". Double click, please. 
    
    Step 10: Now you got one of these these pictures to see on your desktop: escan. Look at the pictures on this website. You must fink on what you see on the first two pictures (!!!). Then click the button "scan" of "scan clean" and the scan begins to run. It will last about an hour. When it is finished you click on "view log". Save this logfile. It is called "mwav.log". You will find it back in the folder "bases" on C:\ You can open the folder with your mouse and the logfile with your mouse too.  
    
    Step 11: Take a look to that very long and great logfile you have got from your system. Now you must open a texteditor 
    
    
    Don't write "infected" but "virus", search, keep searching. Every virus file you find, you copy&paste to wordpad of something like that. Go on searching for 'virus' files. Since you have gathered all "virus" files and there are no "virus" files anymore, you may close the editor. Now you copy all these "virus" files from your wordpad in your browser and take it with you to this thread. Here you may paste your "virus" files. Step 12: We want to see all the "virus" files which are named 'virus', 'not a virus', and so on. And we also want to see =>Total Number of Files Scanned: =>Total Number of Virus(es) Found: =>Total Number of Disinfected Files: =>Total Number of Files Renamed: =>Total Number of Deleted Files: =>Total Number of Errors: ***** Scanning complete. *****
    BoardRules: Know how - HijackThis

    You will find it at the end of the logfile from escan, called "mwav.log".

    Take a look here, these are the "virus" files of another user brought from his system to our board: escan-files.

    ok?
    Geändert von Ruby (16.02.2005 um 04:49 Uhr) Grund: system restore is a MUST by winXP to delet whatever

  6. #6
    Supermod a.D. Avatar von Ruby
    Registriert seit
    25.01.2005
    Ort
    The Netherlands
    Beiträge
    20.038

    AW: trojan backdoor in windows\system\reginv.dll-how to proceed with HJthis?? HELP!

    Hello tommaso

    I hope you will come back to read here once again. You have a very dangerous Backdoor Program running your system: Backdoor.Prorat: Is a Backdoor Trojan horse that gives an attacker full control over your computer. Please note: there is probably nothing else to do than formatting your system! Please read this: Security Tips. We can try to clean your system, but I don't think, that there is any chance to get it.

    ===> PRINT IT OUT

    STEP 1
    Create some new directories (folders)

    C:\download
    C:\clearprog
    C:\bases
    C:\Program Files\HijackThis

    STEP 2
    Download to C:\download:

    clearprog
    escan: mwav.exe
    zipgenius (if you have no zip-tool)
    install and update Spybot Search and Destroy
    install and update also Ad-Aware
    DELLATER.ZIP, install it to your desktop!
    hijackthis
    KillBox, install it to your desktop!

    STEP 3
    run first DELLATER.exe on your system.

    STEP 4
    Make sure you set windows to see the hidden files and folders.

    STEP 5
    (MUST!)Turn to safe mode and turn off System Restore. Close all windows including Internet Explorer. Run Hijackthis, click scan, and put a checkmark next to each of these items. Then click the Fix button:
    Code:
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.magicaweb.it/motori.html
    F1 - win.ini: run= C:\WINDOWS\system\sservice.exe
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - h**p://a840.g.akamai.net/7/840/537/...all/xscan53.cab
    Reboot your system into normal mode.

    STEP 6
    look for these files and stop running in taskmanager and delete them:
    if you cant't delete them cause windows makes you know that they are running processes, kill them by running the KillBox, Replace on Reboot -> Use dummys, kill with the red x, answer the question if you want to reboot with no:

    c:\windows\services.exe
    c:\windows\system\sservice.exe
    c:\windows\system32\fservice.exe
    c:\windows\system32\wininv.dll

    STEP 7
    (MUST!)Reboot in safe mode

    STEP 8
    run ClearProg
    "Clear all" and "Clear" must be checkmarked: delete all your temporary maps and files

    STEP 9
    run Ad-Aware
    let the program delete everything it finds.

    STEP 10
    run escan if you did not before

    (MUST!) unzip(!) the mwav.exe into that new directory c:\bases (!). Use kavupd.exe to get the latest signatures (MUST!). Then close everything else, close all windows, all browsers, all programs. Start a full scan (all files) (!) by running mwavscan.com (directory c:\bases). escan lasts about one hour. When it's finished, reboot your system into normal mode. Turn on System Restore. Reboot.

    STEP 11
    Search the logfile mwav.log (directory c:\bases) and post every file escan flagged as "virus". Also post the result:

    =>Total Number of Files Scanned:
    =>Total Number of Virus(es) Found:
    =>Total Number of Disinfected Files:
    =>Total Number of Files Renamed:
    =>Total Number of Deleted Files:
    =>Total Number of Errors:
    ***** Scanning complete. *****

    Post another HijackThis logfile.

Aktive Benutzer

Aktive Benutzer

Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1)

Ähnliche Themen

  1. First Time Poster - Help with log analysis
    Von AE86Solo im Forum Archiv
    Antworten: 3
    Letzter Beitrag: 06.02.2005, 04:26
  2. Search For.. Hijacker, need help with log
    Von dodgy dave im Forum Archiv
    Antworten: 6
    Letzter Beitrag: 25.01.2005, 01:16
  3. Explorer shuts down, please help with this logfile
    Von Unregistered im Forum Archiv
    Antworten: 3
    Letzter Beitrag: 19.01.2005, 14:49
  4. I need help with this log of HijackThis
    Von steph im Forum Archiv
    Antworten: 1
    Letzter Beitrag: 15.01.2005, 14:46
  5. help with logfile
    Von imprezala im Forum Archiv
    Antworten: 1
    Letzter Beitrag: 01.01.2005, 04:47

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •