| |
| |||||||
Log-Analyse und Auswertung: dl.exe und mehr LOg plz checken :(Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
17.09.2005, 22:20
| #1 |
 |  dl.exe und mehr LOg plz checken :( so kriege die dl.exe nicht weg sie taucht im log nicht auf aber sie stört mein psychisches wohlempfinden !! im abgesichertem modus ist ist auch gleich nach dem hochfahren in verwendung  also plz log checken und tipps zu der dl.exe wäre nicht schlecht ------------------------------------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 23:18:44, on 17.09.2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Programme\Java\jre1.5.0_04\bin\jusched.exe C:\Programme\D-Tools\daemon.exe C:\Programme\ScanSoft\OmniPageSE\opware32.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Programme\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\KASPER~1\KASPER~1\KASPER~3\OESpamTest.ExE C:\WINDOWS\system32\ctfmon.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Opera\Opera.exe D:\hijackThis\HijackThis.exe C:\WINDOWS\system32\NOTEPAD.EXE O4 - HKLM\..\Run: [NVMixerTray] "C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVSCHED32] C:\Programme\AVPersonal\AVSched32.EXE /min O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Omnipage] C:\Programme\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] C:\Treiber\Creative\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKLM\..\Run: [OESpamTest] C:\PROGRA~1\KASPER~1\KASPER~1\KASPER~3\OESpamTest.ExE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Hacker\KAVPF.exe O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1109280188062 O23 - Service: AntiVir Service (AntiVirService) - Unknown owner - C:\Programme\AVPersonal\AVGUARD.EXE (file missing) O23 - Service: AntiVir Update (AVWUpSrv) - Unknown owner - C:\Programme\AVPersonal\AVWUPSRV.EXE (file missing) O23 - Service: COM+-Systemanwendung (COMSysApp) - Unknown owner - C:\WINDOWS\System32\dllhost.exe (file missing) O23 - Service: Verwaltungsdienst für die Verwaltung logischer Datenträger (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing) O23 - Service: kavsvc - Kaspersky Lab - C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\System32\dllhost.exe (file missing) |
|
18.09.2005, 11:05
| #2 |
  | dl.exe und mehr LOg plz checken :( Hi,
__________________vielleicht erklären mich jetzt alle für blöd, aber: Welche dl.exe? Ich sehe keine solche. cacatoa
__________________ |
|
18.09.2005, 17:13
| #3 |
| | dl.exe und mehr LOg plz checken :( die habe ich schon gefixt!!
__________________die befindet sich im C:\Dokumente und Einstellungen\Elb(user) dl.exe Ordner, und diese Datei lässt in keine Zusatand löschen. Also keine Abgesicherter MOdus etc. Diese DL.exe hat die Funktion wenn sie ausgeführt wird das sie deine Inet Verbindung lahmlegt und du nix machen kannst. Also keine inet seiten ansteuern etc |
|
18.09.2005, 17:23
| #4 |
| | dl.exe und mehr LOg plz checken :( Also, entweder hast du sie gefixt und sie ist weg oder sie ist noch da, dann müßte ich sie irgendwo sehen. Wenn sie weg ist, dann frag ich, ob Du noch ein Problem hast oder nicht. cacatoa edit: Mach doch mal im abgesicherten Modus einen eScan. Poste das Ergebnis.
__________________ Der Mensch sollte eine Hundeseele haben |
|
19.09.2005, 01:30
| #5 |
| | dl.exe und mehr LOg plz checken :( da gibts ein prob ! 110 Viren und das log ist ewig lang Auszug 1: -------------------------------------------------------------------------- Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "Limewire Spyware/Adware" found in File System! Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxwma.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\DOKUME~1\Elb\LOKALE~1\Temp\_ISTMP1.DIR\_ISTMP0.DIR\FileGrp\Msvcrt10.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\DIMM.DLL". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\cddvdint.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\american-flag.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\arrow.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\asian-flag.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\auto-service.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\auto.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_center.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_left.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_ll.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_lower.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_lr.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_right.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_ul.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_upper.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_ur.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_x.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\bang.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\bars.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\building.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\closedFolder.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\closedNetworkFolder.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\coffee_house_16.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\crosshair.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\dining.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\dining_16.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\dot.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\drawCircle.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\drawLine.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\drawPolygon.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\drawPolyLine.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\fast-food.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\four-dollars.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\french-flag.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\hand.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\highway_16.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\high_res_places.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\italian-flag.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\large_traffic_count_16.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\loading.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\metacarta.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\metacartahl.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\mexican-flag.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\misc-dining.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\mysavedplaces_closed.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\mysavedplaces_open.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\note.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\notfound.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\one-dollar.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\openFolder.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\openNetworkFolder.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\overlay.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\palette-2.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\palette-3.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\palette-4.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\palette-5.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\parks.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\premium_lock.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\premium_locked.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\premium_star.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\query.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\recreation.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\school_16.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\search.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\streamed_layer.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\streamed_layers.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\terrain_16.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\three-dollars.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\transportation.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\two-dollars.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\webcam_16.png". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Anti-Spam Personal\Update der Datenbanken von Kaspersky Anti-Spam Personal.lnk". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Anti-Spam Personal\ReadMe-Datei.lnk". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Anti-Spam Personal\Lizenzschlüssel installieren.lnk". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.arc". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.cat". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.dat". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.dcs". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.gsg". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.idn". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.idx". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.key". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.mde". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.men". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.mes". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.mfr". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.mph". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.mru". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.ldb". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.pdb". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Anti-Spam Personal\Hilfe für Kaspersky Anti-Spam Personal (SMTP,POP3) .lnk". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Anti-Spam Personal\Kaspersky Anti-Spam Personal deinstallieren.lnk". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Anti-Spam Personal\Kaspersky-Lab-Webseite.url". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Anti-Spam Personal\Hilfe für Kaspersky Anti-Spam Personal (MS Outlook).lnk". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe" refers to invalid object "C:\WINDOWS\System32\cmmgr32.exe". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ScanSoft OmniPage SE\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office Tools\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PrintMe Internet Printing\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\bin\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\resource\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\Grey\Resource\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\Grey\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\Grey\Friends\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\Grey\Public\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\Grey\steam\games\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\Grey\steam\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\Grey\servers\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\Grey\steam\cached\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\SteamApps\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\Public\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\Vader\Startmenü\Programme\Valve\Steam\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\Vader\Startmenü\Programme\Valve\". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\Vader\Startmenü\Programme\Valve\Half-Life 2\". Action Taken: No Action Taken. Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cue". Action Taken: No Action Taken. Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".mir". Action Taken: No Action Taken. Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".saving". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "CTDVDAudio Plugin". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "ieupdate". Action Taken: No Action Taken. |
|
19.09.2005, 01:31
| #6 |
| | dl.exe und mehr LOg plz checken :( Teil 2 : -------------------------------------------------------------------------- Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "InstallShield_{AC056D10-E6C0-4085-BAD6-EEBB5EC76D66}". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB821557". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB823559". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB823980". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB824105". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB824146". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB828741". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB833987". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB835732". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB840987". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB841356". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB841533". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB842773". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB867282-IE6SP1-20050127.163319". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB871250". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB873376". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB891711". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q328310". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q329048". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q329115". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q329170". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q329390". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q329834". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q331953". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q810577". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q810833". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q811493". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q815021". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q817606". Action Taken: No Action Taken. Entry "HKCR\CLSID\{2524A5A2-6DE6-433B-A067-33AAA8CF1587}" refers to invalid object "C:\PROGRA~2\INTERA~1\INTERA~1\iPlayer.exe". Action Taken: No Action Taken. Entry "HKCR\CLSID\{2BE893C7-08C0-4871-9F7F-DBC325EED545}" refers to invalid object "C:\Spiele\Fifa Online\EASO04Patcher.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{43918f8f-f3be-4760-b4bb-6c89d9d91487}" refers to invalid object "C:\Programme\Winamp\Plugins\cddbcontrolwinamp.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{44b09a5f-5dee-4539-8001-d4b2d45c2876}" refers to invalid object "C:\Programme\Winamp\Plugins\cddbcontrolwinamp.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{513959B7-0759-4740-B398-653E65E40DD2}" refers to invalid object "C:\Spiele\Fifa Online\ATLJabber.exe". Action Taken: No Action Taken. Entry "HKCR\CLSID\{63E6BE14-A742-4EEA-8AF3-0EC39F10F850}" refers to invalid object "C:\PROGRA~1\Google\GOOGLE~1\GOOGLE~1.EXE". Action Taken: No Action Taken. Entry "HKCR\CLSID\{6767bce6-dab4-4236-86c6-7fa8c9d0af24}" refers to invalid object "C:\Spiele\Fifa Online\BrowserEngine2.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{83D4679F-B6D7-11D2-BF36-00C04FB90A03}" refers to invalid object "C:\Programme\Messenger\rtcimsp.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{96632d1e-f3eb-4f54-ba79-9969692db659}" refers to invalid object "C:\Programme\Winamp\Plugins\cddbuiwinamp.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{A2D4475B-C9AA-48E2-A029-1DB829DACF7B}" refers to invalid object "C:\PROGRA~1\Google\GOOGLE~1\GOOGLE~1.EXE". Action Taken: No Action Taken. Entry "HKCR\CLSID\{a7cda720-84ee-11d0-b5c0-00001b3ca278}" refers to invalid object "C:\Programme\AVPersonal\AVShlExt.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{AFD07A5E-3E20-4D77-825C-2F6D1A50BE5B}" refers to invalid object "C:\PROGRA~1\Google\GOOGLE~1\GOOGLE~1.EXE". Action Taken: No Action Taken. Entry "HKCR\CLSID\{d4387178-98ca-4929-b8e3-a11cd2f333a6}" refers to invalid object "C:\Programme\Winamp\Plugins\cddbcontrolwinamp.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{d9dbd8a3-a822-43b1-aa0a-d8974f1d192a}" refers to invalid object "C:\Spiele\Fifa Online\SportsWrapper.exe". Action Taken: No Action Taken. Entry "HKCR\CLSID\{DF35A8F1-4391-4EB2-831D-01BA6C8326D4}" refers to invalid object "C:\Spiele\Fifa Online\2004Utils.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{fba38bcf-e23d-4979-811e-1326bbadb8c8}" refers to invalid object "C:\Programme\Winamp\Plugins\cddbcontrolwinamp.dll". Action Taken: No Action Taken. Entry "HKCR\TypeLib\{16099B99-EC14-4BBB-807E-C06552824C4D}" refers to invalid object "C:\Spiele\Fifa Online\BrowserEngine2.dll". Action Taken: No Action Taken. Entry "HKCR\TypeLib\{3476FAB2-687F-4EA6-9AC2-88D72DC7D7FC}" refers to invalid object "C:\Programme\Google\Google Earth Plus\GoogleEarth.exe". Action Taken: No Action Taken. Entry "HKCR\TypeLib\{38621105-225E-4716-964C-A9AC8804F989}" refers to invalid object "C:\Programme\Gemeinsame Dateien\InterVideo\DVD6\InterActual\IAManager.dll". Action Taken: No Action Taken. Entry "HKCR\TypeLib\{38E346CF-01B3-4A99-9B0B-324E9CD975ED}" refers to invalid object "C:\Program Files\InterActual\InterActual Player\IAKey.dll". Action Taken: No Action Taken. Entry "HKCR\TypeLib\{392BD5CD-D8B6-4C7F-9AA8-F88A97F5D24E}" refers to invalid object "C:\Spiele\Fifa Online\EASO04Patcher.dll". Action Taken: No Action Taken. Entry "HKCR\TypeLib\{54CB0D09-E60F-41B1-B8AF-C7F6652621EC}" refers to invalid object "C:\Spiele\Fifa\fifa2005.exe". Action Taken: No Action Taken. Entry "HKCR\TypeLib\{6370625C-0C07-4F35-9CFF-498B3F70AB5C}" refers to invalid object "C:\DOKUME~1\Elb\LOKALE~1\Temp\VBE\MSForms.exd". Action Taken: No Action Taken. Entry "HKCR\TypeLib\{68F112E5-EA5B-42DD-BB8A-7BBB11302C01}" refers to invalid object "C:\DOKUME~1\Elb\LOKALE~1\Temp\VBE\RefEdit.exd". Action Taken: No Action Taken. Entry "HKCR\TypeLib\{A779AB8D-92BC-433C-A72D-D2A4B7CC80A3}" refers to invalid object "C:\Spiele\Fifa Online\ATLJabber.exe". Action Taken: No Action Taken. Entry "HKCR\TypeLib\{C7D2DAA1-5797-49AD-B0EB-D96E761D8DE1}" refers to invalid object "C:\Spiele\Fifa Online\2004Utils.dll". Action Taken: No Action Taken. Entry "HKCR\TypeLib\{E1759E98-2E3C-4D2F-A23F-9C42AAAD1A81}" refers to invalid object "C:\Spiele\Fifa Online\SportsWrapper.exe". Action Taken: No Action Taken. Entry "HKCR\.iti" refers to invalid object "ITIClient.Document". Action Taken: No Action Taken. Entry "HKCR\.sll" refers to invalid object "SSLFile". Action Taken: No Action Taken. Entry "HKCR\AcroIEHelper.AcroIEHlprObj" refers to invalid object "{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}". Action Taken: No Action Taken. Entry "HKCR\AcroIEHelper.AcroIEHlprObj.1" refers to invalid object "{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}". Action Taken: No Action Taken. Entry "HKCR\Alg.AlgSetup" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}". Action Taken: No Action Taken. Entry "HKCR\Alg.AlgSetup.1" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}". Action Taken: No Action Taken. Entry "HKCR\avi_auto_file\shell\open\command" refers to invalid object ""C:\Dokumente und Einstellungen\Vader\Desktop\mplayerc.exe" "%1"". Action Taken: No Action Taken. Entry "HKCR\Connection Manager Profile\shell\open\command" refers to invalid object "C:\WINDOWS\System32\CMMGR32.EXE "%1"". Action Taken: No Action Taken. Entry "HKCR\Google Earth.etafile\shell\open\command" refers to invalid object "C:\Programme\Google\Google Earth Plus\googleearth.exe "%1"". Action Taken: No Action Taken. Entry "HKCR\Google Earth.kmlfile\shell\open\command" refers to invalid object "C:\Programme\Google\Google Earth Plus\googleearth.exe "%1"". Action Taken: No Action Taken. Entry "HKCR\Google Earth.kmzfile\shell\open\command" refers to invalid object "C:\Programme\Google\Google Earth Plus\googleearth.exe "%1"". Action Taken: No Action Taken. Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken. Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken. Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken. Entry "HKCR\Plenoptic.Plenoptic" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken. Entry "HKCR\Plenoptic.Plenoptic.1" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken. Entry "HKCR\ppifile\shell\open\command" refers to invalid object "%SystemRoot%\System32\msppcnfg.exe /Config %1". Action Taken: No Action Taken. Entry "HKCR\RTCCore.RTCClient" refers to invalid object "{7a42ea29-a2b7-40c4-b091-f6f024aa89be}". Action Taken: No Action Taken. Entry "HKCR\RTCCore.RTCClient.1" refers to invalid object "{7a42ea29-a2b7-40c4-b091-f6f024aa89be}". Action Taken: No Action Taken. Entry "HKCR\steam\shell\open\command" refers to invalid object ""C:\Spiele\HL2\steam.exe" "%1"". Action Taken: No Action Taken. Entry "HKCR\Valve.Source\shell\open\command" refers to invalid object ""c:\spiele\hl2\steamapps\elb\counter-strike source\hl2.exe" "%1"". Action Taken: No Action Taken. Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken. Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr.1" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken. Entry "HKCR\WMPShell.HWEventHandler" refers to invalid object "{9B186A8F-F520-4eeb-B553-118304AC46C5}". Action Taken: No Action Taken. Entry "HKCR\WMPShell.HWEventHandler.1" refers to invalid object "{9B186A8F-F520-4eeb-B553-118304AC46C5}". Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Elb\Desktop\32.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. File D:\Download\mirc616.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. File D:\mIRC\backup\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. File D:\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009876.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009877.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009878.EXE infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009879.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009880.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009881.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009882.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009883.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009884.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012579.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012580.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012581.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012582.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012583.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012584.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012585.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012586.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012587.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012588.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012589.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012590.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012591.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012592.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012593.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012594.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012595.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012596.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012597.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012598.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012599.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012600.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012601.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012602.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012603.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012604.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012605.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012606.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012607.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012608.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012609.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012610.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012611.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012612.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012613.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012614.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012615.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012616.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012617.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012618.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012619.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012620.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012621.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012622.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015259.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015263.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015446.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015447.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016635.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016636.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016637.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016638.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP48\A0017251.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020099.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{DB9DF835-2AE1-4302-AA12-981BB73D282D}\RP1\A0000022.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File D:\System Volume Information\_restore{DB9DF835-2AE1-4302-AA12-981BB73D282D}\RP1\A0000023.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. |
|
19.09.2005, 01:38
| #7 |
| | dl.exe und mehr LOg plz checken :( Teil 3 von 3: File M:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012797.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012802.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{8149E158-7633-4A30-B202-81CDA61895DF}\RP14\A0005032.exe infected by "Trojan-Dropper.Win32.Agent.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{8149E158-7633-4A30-B202-81CDA61895DF}\RP14\A0005033.exe tagged as "not-a-virus:Porn-Dialer.Win32.Star". Action Taken: No Action Taken. File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP83\A0017253.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP83\A0017254.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP84\A0018704.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP84\A0018707.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015310.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015311.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015312.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015355.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP46\A0016491.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP46\A0016492.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019086.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019087.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019088.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019089.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019090.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019600.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019602.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019623.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019628.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019630.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019631.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019632.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019633.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019634.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019640.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019645.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019663.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019668.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019670.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019671.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019672.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019673.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019674.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020013.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020043.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. ----------------------------------------------------------------------- den kompleten log werde ich dann uploaden !! |
|
19.09.2005, 10:13
| #8 |
| | dl.exe und mehr LOg plz checken :( Also, um Übersicht zu gewinnen: 1. Systemwiederherstellung ausschalten. Rechner ausschalten. Rechner anschalten. Systemwiederherstellung wieder an. 2. Mit clearprog 1.4.1 final alle temporären files löschen (clicke an: "alles löschen") 3. Kaspersky Quarantäne/Backup leeren 4. Mit RegSeeker die Registry säubern. 5. Neu scannen 6. Neues Ergebnis von eScan und HJT-Logfile posten. cacatoa 
__________________ Der Mensch sollte eine Hundeseele haben |
|
19.09.2005, 13:47
| #9 |
| | dl.exe und mehr LOg plz checken :( vielen dank cacatoa für die immer schnelle und exakte hilfe !  mache mich an die arbeit! werde hier die Logs dann reinposten Geändert von Elb (19.09.2005 um 13:54 Uhr) |
|
19.09.2005, 16:09
| #10 |
| | dl.exe und mehr LOg plz checken :( So hier das jack LOG mit escan gibts ein Prob noch immer zu groß!!! Grund: habe 3 HDs somit eine menge an Dateien deswegen ist dieser MavLog ewig lang! _________________________________________________________________ Logfile of HijackThis v1.99.1 Scan saved at 17:07:27, on 19.09.2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Programme\D-Tools\daemon.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Programme\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\KASPER~1\KASPER~1\KASPER~3\OESpamTest.ExE C:\WINDOWS\system32\ctfmon.exe C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\NOTEPAD.EXE D:\hijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O4 - HKLM\..\Run: [NVMixerTray] "C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Omnipage] C:\Programme\ScanSoft\OmniPageSE\opware32.exe O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] C:\Treiber\Creative\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\kav.exe" /minimize O4 - HKLM\..\Run: [OESpamTest] C:\PROGRA~1\KASPER~1\KASPER~1\KASPER~3\OESpamTest.ExE O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Hacker\KAVPF.exe O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1109280188062 O23 - Service: kavsvc - Kaspersky Lab - C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\kavsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe _________________________________________________________________ zu der DL.EXE also sie exestiert noch immer und ich kann sie nicht Löschen weil dauernd eine Fehlermeldung komtm das sie grad ausgeführt wird bzw. sie ein andrer User verwendet! |
|
19.09.2005, 19:18
| #11 |
| | dl.exe und mehr LOg plz checken :( Hi, ich will die Mwavlog gar nicht sehen. Du sollst nur die Funde posten. Die findest Du mit der "find.bat". Steht alles in der eScan-Anleitung. Das Log an sich ist sauber. Kannst du die DL.exe nicht über den Task-Manager beenden und dann löschen? cacatoa
__________________ Der Mensch sollte eine Hundeseele haben |
|
19.09.2005, 20:21
| #12 |
| | dl.exe und mehr LOg plz checken :( Ach immer besser zu ende lesen !  nochmal zu dl.exe also sie ist nicht im Task Manager zu sehen und nicht im Security Task Manager es kommt beim Löschvorgang dauernd die Fehlermeldung dass sie von einem andren Program bzw. einer andren Person benutzt wird. das regt mich ja so auf weil sie in keinem Manager zu sehen ist !!!!   hier das log! Teil 1 (infected): ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~ Funde für "infected" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~ Sun Sep 18 19:39:06 2005 => Total Disinfected Files: 0 Sun Sep 18 19:40:45 2005 => Total Disinfected Files: 0 Sun Sep 18 19:42:36 2005 => Total Disinfected Files: 0 Mon Sep 19 01:40:18 2005 => Scanning File C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\Infected.wav Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009876.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009877.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009878.EXE infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009879.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009880.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009881.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009882.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009883.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009884.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012579.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012580.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012581.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012582.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012583.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012584.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012585.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012586.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012587.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012588.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012589.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012590.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012591.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012592.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012593.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012594.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012595.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012596.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012597.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012598.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012599.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012600.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012601.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012602.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012603.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012604.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012605.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012606.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012607.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012608.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012609.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012610.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012611.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012612.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012613.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012614.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012615.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:10 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012616.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:10 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012617.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:10 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012618.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:10 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012619.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:10 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012620.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:10 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012621.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:08:10 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012622.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:11:06 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015259.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken. Mon Sep 19 02:11:10 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015263.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken. Mon Sep 19 02:11:14 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015446.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:11:14 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015447.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:11:15 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016635.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:11:15 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016636.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:11:15 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016637.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:11:15 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016638.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:11:16 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP48\A0017251.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:11:17 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020099.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:11:32 2005 => File D:\System Volume Information\_restore{DB9DF835-2AE1-4302-AA12-981BB73D282D}\RP1\A0000022.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:11:32 2005 => File D:\System Volume Information\_restore{DB9DF835-2AE1-4302-AA12-981BB73D282D}\RP1\A0000023.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:15:56 2005 => File M:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012797.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:15:56 2005 => File M:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012802.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:15:57 2005 => File M:\System Volume Information\_restore{8149E158-7633-4A30-B202-81CDA61895DF}\RP14\A0005032.exe infected by "Trojan-Dropper.Win32.Agent.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:15:58 2005 => File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP83\A0017253.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:15:58 2005 => File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP83\A0017254.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:15:58 2005 => File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP84\A0018704.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:15:58 2005 => File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP84\A0018707.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:16:33 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015310.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken. Mon Sep 19 02:16:33 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015311.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken. Mon Sep 19 02:16:33 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015312.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken. Mon Sep 19 02:16:34 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015355.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:16:35 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP46\A0016491.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:16:35 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP46\A0016492.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:16:36 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019086.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:16:36 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019087.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:16:36 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019088.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:16:36 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019089.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:16:36 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019090.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019600.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019602.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:05 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019623.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:06 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019628.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:06 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019630.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:06 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019631.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:06 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019632.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:06 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019633.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:06 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019634.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:07 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019640.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:07 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019645.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:08 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019663.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:09 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019668.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:09 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019670.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:09 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019671.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:09 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019672.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:09 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019673.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:09 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019674.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:10 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020013.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:17:10 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020043.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 02:19:24 2005 => Total Disinfected Files: 0 Mon Sep 19 15:04:49 2005 => Total Disinfected Files: 0 |
|
19.09.2005, 20:23
| #13 |
| | dl.exe und mehr LOg plz checken :( Teil 2 von 3 Mon Sep 19 15:37:51 2005 => Scanning File C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\Infected.wav Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009876.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009877.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009878.EXE infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009879.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009880.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009881.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009882.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009883.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009884.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012579.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012580.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012581.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012582.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012583.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012584.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012585.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012586.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012587.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012588.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012589.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012590.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012591.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012592.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012593.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012594.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012595.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012596.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012597.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012598.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012599.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012600.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012601.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012602.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012603.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012604.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012605.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012606.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012607.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012608.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012609.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012610.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012611.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012612.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012613.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012614.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012615.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012616.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012617.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012618.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012619.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012620.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:49 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012621.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:06:49 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012622.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:09:48 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015259.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken. Mon Sep 19 16:09:52 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015263.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken. Mon Sep 19 16:09:56 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015446.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:09:56 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015447.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:09:58 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016635.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:09:58 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016636.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:09:58 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016637.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:09:58 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016638.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:09:58 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP48\A0017251.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:10:00 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020099.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:10:16 2005 => File D:\System Volume Information\_restore{DB9DF835-2AE1-4302-AA12-981BB73D282D}\RP1\A0000022.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:10:16 2005 => File D:\System Volume Information\_restore{DB9DF835-2AE1-4302-AA12-981BB73D282D}\RP1\A0000023.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:14:47 2005 => File M:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012797.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:14:47 2005 => File M:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012802.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:14:48 2005 => File M:\System Volume Information\_restore{8149E158-7633-4A30-B202-81CDA61895DF}\RP14\A0005032.exe infected by "Trojan-Dropper.Win32.Agent.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:14:52 2005 => File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP83\A0017253.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:14:52 2005 => File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP83\A0017254.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:14:52 2005 => File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP84\A0018704.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:14:52 2005 => File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP84\A0018707.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:15:30 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015310.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken. Mon Sep 19 16:15:31 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015311.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken. Mon Sep 19 16:15:31 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015312.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken. Mon Sep 19 16:15:32 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015355.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:15:33 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP46\A0016491.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:15:33 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP46\A0016492.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:15:34 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019086.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:15:34 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019087.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:15:34 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019088.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:15:34 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019089.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:15:34 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019090.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:02 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019600.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:02 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019602.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019623.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019628.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019630.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019631.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019632.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019633.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019634.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:05 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019640.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:05 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019645.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:06 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019663.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:07 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019668.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:07 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019670.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:07 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019671.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:07 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019672.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:07 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019673.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:07 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019674.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:08 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020013.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:16:08 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020043.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken. Mon Sep 19 16:18:14 2005 => Total Disinfected Files: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~ Funde für "tagged" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~ Mon Sep 19 01:25:34 2005 => File C:\Dokumente und Einstellungen\Elb\Desktop\32.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Sep 19 02:05:14 2005 => File D:\Download\mirc616.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Sep 19 02:06:37 2005 => File D:\mIRC\backup\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Sep 19 02:06:49 2005 => File D:\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Sep 19 02:15:57 2005 => File M:\System Volume Information\_restore{8149E158-7633-4A30-B202-81CDA61895DF}\RP14\A0005033.exe tagged as "not-a-virus:Porn-Dialer.Win32.Star". Action Taken: No Action Taken. Mon Sep 19 15:03:50 2005 => File C:\Dokumente und Einstellungen\Elb\Desktop\32.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Sep 19 15:23:20 2005 => File C:\Dokumente und Einstellungen\Elb\Desktop\32.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Sep 19 15:44:49 2005 => File C:\System Volume Information\_restore{97DEF2D4-D32F-4D96-80D7-D38DD7E8735F}\RP1\A0000147.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Sep 19 16:03:40 2005 => File D:\Download\mirc616.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Sep 19 16:05:10 2005 => File D:\mIRC\backup\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Sep 19 16:05:22 2005 => File D:\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Sep 19 16:07:49 2005 => File D:\System Volume Information\_restore{97DEF2D4-D32F-4D96-80D7-D38DD7E8735F}\RP1\A0000149.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken. Mon Sep 19 16:14:48 2005 => File M:\System Volume Information\_restore{8149E158-7633-4A30-B202-81CDA61895DF}\RP14\A0005033.exe tagged as "not-a-virus:Porn-Dialer.Win32.Star". Action Taken: No Action Taken. ~ |
|
19.09.2005, 20:23
| #14 |
| | dl.exe und mehr LOg plz checken :( Teil 3 von 3 ! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~ Statistiken: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~ Sun Sep 18 19:21:15 2005 => Offending Folder found: C:\PROGRA~1\limewire Sun Sep 18 19:39:06 2005 => Total Virus(es) Found: 2 Sun Sep 18 19:40:45 2005 => Total Virus(es) Found: 0 Sun Sep 18 19:41:49 2005 => Offending Folder found: C:\PROGRA~1\limewire Sun Sep 18 19:42:36 2005 => Total Virus(es) Found: 2 Mon Sep 19 01:18:01 2005 => Offending Folder found: C:\PROGRA~1\limewire Mon Sep 19 02:19:24 2005 => Total Virus(es) Found: 110 Mon Sep 19 14:58:07 2005 => Offending Folder found: C:\PROGRA~1\limewire Mon Sep 19 15:04:49 2005 => Total Virus(es) Found: 3 Mon Sep 19 15:17:54 2005 => Offending Folder found: C:\PROGRA~1\limewire Mon Sep 19 16:18:14 2005 => Total Virus(es) Found: 112 Sun Sep 18 19:39:06 2005 => Total Errors: 214 Sun Sep 18 19:40:45 2005 => Total Errors: 2 Sun Sep 18 19:42:36 2005 => Total Errors: 213 Mon Sep 19 02:19:24 2005 => Total Errors: 226 Mon Sep 19 15:04:49 2005 => Total Errors: 216 Mon Sep 19 16:18:14 2005 => Total Errors: 18 Sun Sep 18 19:39:06 2005 => Time Elapsed: 00:19:12 Sun Sep 18 19:40:45 2005 => Time Elapsed: 00:00:44 Sun Sep 18 19:42:36 2005 => Time Elapsed: 00:01:43 Mon Sep 19 02:19:24 2005 => Time Elapsed: 01:02:03 Mon Sep 19 15:04:49 2005 => Time Elapsed: 00:07:12 Mon Sep 19 16:18:14 2005 => Time Elapsed: 01:00:54 Sun Sep 18 19:39:06 2005 => Total Objects Scanned: 41503 Sun Sep 18 19:40:45 2005 => Total Objects Scanned: 599 Sun Sep 18 19:42:36 2005 => Total Objects Scanned: 21201 Mon Sep 19 02:19:24 2005 => Total Objects Scanned: 73122 Mon Sep 19 15:04:49 2005 => Total Objects Scanned: 27401 Mon Sep 19 16:18:14 2005 => Total Objects Scanned: 70318 Sun Sep 18 19:19:14 2005 => Virus Database Date: 2005/09/09 Sun Sep 18 19:39:06 2005 => Virus Database Date: 2005/09/09 Sun Sep 18 19:39:08 2005 => Virus Database Date: 2005/09/09 Sun Sep 18 19:39:42 2005 => Virus Database Date: 2005/09/09 Sun Sep 18 19:40:45 2005 => Virus Database Date: 2005/09/09 Sun Sep 18 19:42:36 2005 => Virus Database Date: 2005/09/09 Sun Sep 18 19:42:39 2005 => Virus Database Date: 2005/09/09 Mon Sep 19 01:12:28 2005 => Virus Database Date: 2005/09/09 Mon Sep 19 01:16:59 2005 => Virus Database Date: 2005/09/09 Mon Sep 19 02:19:24 2005 => Virus Database Date: 2005/09/09 Mon Sep 19 02:25:47 2005 => Virus Database Date: 2005/09/09 Mon Sep 19 14:57:03 2005 => Virus Database Date: 2005/09/09 Mon Sep 19 15:04:49 2005 => Virus Database Date: 2005/09/09 Mon Sep 19 15:04:52 2005 => Virus Database Date: 2005/09/09 Mon Sep 19 15:17:05 2005 => Virus Database Date: 2005/09/09 Mon Sep 19 16:18:14 2005 => Virus Database Date: 2005/09/09 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~ ~~~~~~~ © Haui ;-) ~~~~~~~ ~~~~~~~ Dank an Cidre ~~~~~~ |
|
19.09.2005, 20:29
| #15 |
| | dl.exe und mehr LOg plz checken :( Also, die Einträge aus dem Log sollten weg sein, wenn du wie beschrieben die Systemwiederherstellung auf allen Laufwerken deaktivierst, dann Rechner aus. Dann Rechner an. Dann wieder aktivieren. Damit sind dann alle Wiederherstellungspunkte (File D:\System Volume Information\_restore) weg. Da allerdings Parite ein residenter virus ist, kann es sein, daß er im Hintergrund läuft und nicht wegzubringen ist. Deshalb bitte das hier (ohne die Anleitungen für netsky) mal abarbeiten. cacatoa
__________________ Der Mensch sollte eine Hundeseele haben |
|
| Themen zu dl.exe und mehr LOg plz checken :( |
| antivir, avgnt.exe, checken, cyberlink, dateien, dll, dllhost.exe, excel, explorer, hijack, hijackthis, internet, internet explorer, kaspersky, log, microsoft, nvidia, office, opera, programme, rundll, security, security suite, software, system, system32, treiber, windows, windows xp |
Linear-Darstellung
