mein logfile! was nun?

tostamistica · 03.10.2005, 16:17

--------------------------------------------------
-------------------- INFECTED --------------------
--------------------------------------------------

1: Mon Oct 03 16:57:48 2005 => System found infected with edonkey2000 Spyware/Adware ({320154bb-d666-48f6-990e-172b32954620})! Action taken: No Action Taken.
2: Mon Oct 03 16:57:48 2005 => System found infected with bearshare Spyware/Adware ({558ec983-bedb-9168-b2de-31dbf0ee543e})! Action taken: No Action Taken.
3: Mon Oct 03 16:57:48 2005 => System found infected with stylexp Spyware/Adware ({c333cf63-767f-4831-94ac-e683d962c63c})! Action taken: No Action Taken.
4: Mon Oct 03 16:57:52 2005 => Offending file found: C:\DOKUME~1\TOSTAM~1\LOKALE~1\Temp\insthelp.dll
5: Mon Oct 03 16:57:52 2005 => System found infected with redv Spyware/Adware (insthelp.dll)! Action taken: No Action Taken.
6: Mon Oct 03 16:57:55 2005 => Offending file found: C:\Dokumente und Einstellungen\tostamistica\Eigene Dateien\downloads\lame\index.html
7: Mon Oct 03 16:57:55 2005 => System found infected with easysearch Spyware/Adware (index.html)! Action taken: No Action Taken.
8: Mon Oct 03 16:58:09 2005 => Offending file found: C:\Dokumente und Einstellungen\tostamistica\Lokale Einstellungen\temp\insthelp.dll
9: Mon Oct 03 16:58:09 2005 => System found infected with redv Spyware/Adware (insthelp.dll)! Action taken: No Action Taken.
10: Mon Oct 03 16:58:09 2005 => Offending file found: C:\Dokumente und Einstellungen\tostamistica\Lokale Einstellungen\temp\temporary internet files\content.ie5\2o497fu1\common[1].js
11: Mon Oct 03 16:58:09 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken.
12: Mon Oct 03 16:58:09 2005 => Offending file found: C:\Dokumente und Einstellungen\tostamistica\Lokale Einstellungen\temp\temporary internet files\content.ie5\5v5rhldz\common[1].js
13: Mon Oct 03 16:58:09 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken.
14: Mon Oct 03 16:58:09 2005 => Offending file found: C:\Dokumente und Einstellungen\tostamistica\Lokale Einstellungen\temp\temporary internet files\content.ie5\aum9yr5q\common[1].js
15: Mon Oct 03 16:58:09 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken.
16: Mon Oct 03 16:58:10 2005 => Offending file found: C:\Dokumente und Einstellungen\tostamistica\Lokale Einstellungen\temp\temporary internet files\content.ie5\vj9if48w\common[1].js
17: Mon Oct 03 16:58:10 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken.
18: Mon Oct 03 16:58:10 2005 => Offending file found: C:\Dokumente und Einstellungen\tostamistica\Lokale Einstellungen\temporary internet files\content.ie5\9yexszcm\common[1].js
19: Mon Oct 03 16:58:10 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken.
20: Mon Oct 03 16:58:10 2005 => Offending file found: C:\Dokumente und Einstellungen\tostamistica\Lokale Einstellungen\temporary internet files\content.ie5\o1a161or\common[1].js
21: Mon Oct 03 16:58:10 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken.
22: Mon Oct 03 16:58:10 2005 => Offending file found: C:\Dokumente und Einstellungen\tostamistica\Lokale Einstellungen\temporary internet files\content.ie5\ulc98fmn\common[1].js
23: Mon Oct 03 16:58:10 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken.
24: Mon Oct 03 16:58:10 2005 => Offending file found: C:\Dokumente und Einstellungen\tostamistica\Lokale Einstellungen\Temporary Internet Files\content.ie5\9yexszcm\common[1].js
25: Mon Oct 03 16:58:10 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken.
26: Mon Oct 03 16:58:10 2005 => Offending file found: C:\Dokumente und Einstellungen\tostamistica\Lokale Einstellungen\Temporary Internet Files\content.ie5\o1a161or\common[1].js
27: Mon Oct 03 16:58:10 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken.
28: Mon Oct 03 16:58:10 2005 => Offending file found: C:\Dokumente und Einstellungen\tostamistica\Lokale Einstellungen\Temporary Internet Files\content.ie5\ulc98fmn\common[1].js
29: Mon Oct 03 16:58:10 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken.
30: Mon Oct 03 16:58:11 2005 => Offending file found: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\cyberlink\powerdvd\ipower\index.html
31: Mon Oct 03 16:58:11 2005 => System found infected with easysearch Spyware/Adware (index.html)! Action taken: No Action Taken.
32: Mon Oct 03 16:58:12 2005 => Offending file found: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\spybot - search & destroy\backups\wbemess.lo_
33: Mon Oct 03 16:58:12 2005 => System found infected with hotbar Spyware/Adware (wbemess.lo_)! Action taken: No Action Taken.

--------------------------------------------------
--------------------- ERRORS ---------------------
--------------------------------------------------

1: Mon Oct 03 16:57:21 2005 => ERROR!!! Invalid Entry \??\C:\WINDOWS\system32\drivers\chcAcpi.sys in SYSTEM\CurrentControlSet\Services\chcAcpi_driver...
2: Mon Oct 03 16:57:21 2005 => ERROR!!! Invalid Entry \??\C:\WINDOWS\system32\drivers\chcNT.sys in SYSTEM\CurrentControlSet\Services\chcNT_driver...
3: Mon Oct 03 16:57:27 2005 => ERROR!!! Invalid Entry C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe in SYSTEM\CurrentControlSet\Services\mcupdmgr.exe...
4: Mon Oct 03 16:57:29 2005 => ERROR!!! Invalid Entry \??\C:\WINDOWS\system32\NSNDIS5.SYS in SYSTEM\CurrentControlSet\Services\NSNDIS5...
5: Mon Oct 03 16:57:37 2005 => ERROR!!! Invalid Entry system32\DRIVERS\VClone.sys in SYSTEM\CurrentControlSet\Services\VClone...
6: Mon Oct 03 16:58:18 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Jasc Software Inc\Paint Shop Pro 8\Cache\". Action Taken: No Action Taken.
7: Mon Oct 03 16:58:18 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Jasc Software Inc\Paint Shop Pro 8\". Action Taken: No Action Taken.
8: Mon Oct 03 16:58:18 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\Besitzer\Anwendungsdaten\Jasc Software Inc\". Action Taken: No Action Taken.
9: Mon Oct 03 16:58:18 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\My PSP8 Files\Skripts (eingeschränkt)\". Action Taken: No Action Taken.
10: Mon Oct 03 16:58:18 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\Besitzer\Eigene Dateien\My PSP8 Files\". Action Taken: No Action Taken.
11: Mon Oct 03 16:58:18 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\". Action Taken: No Action Taken.
12: Mon Oct 03 16:58:18 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Alcohol Soft\Alcohol 120\". Action Taken: No Action Taken.
13: Mon Oct 03 16:58:18 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Alcohol Soft\". Action Taken: No Action Taken.
14: Mon Oct 03 16:58:20 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Genius DTV\". Action Taken: No Action Taken.
15: Mon Oct 03 16:58:20 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Programme\Genius DTV\ini\". Action Taken: No Action Taken.
16: Mon Oct 03 16:58:20 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Documents\My Pictures\Image Editor\Default archive\". Action Taken: No Action Taken.
17: Mon Oct 03 16:58:20 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Documents\My Pictures\Image Editor\". Action Taken: No Action Taken.
18: Mon Oct 03 16:58:20 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Documents\My Pictures\". Action Taken: No Action Taken.
19: Mon Oct 03 16:58:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ccd". Action Taken: No Action Taken.
20: Mon Oct 03 16:58:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".image". Action Taken: No Action Taken.
21: Mon Oct 03 16:58:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".ldif". Action Taken: No Action Taken.
22: Mon Oct 03 16:58:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".MRK". Action Taken: No Action Taken.
23: Mon Oct 03 16:58:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".tmp". Action Taken: No Action Taken.
24: Mon Oct 03 16:58:21 2005 => Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".vdj". Action Taken: No Action Taken.
25: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "AC3Filter". Action Taken: No Action Taken.
26: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Ad-aware 6 Personal". Action Taken: No Action Taken.
27: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Cubes". Action Taken: No Action Taken.
28: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "dlatray.exe". Action Taken: No Action Taken.
29: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "eMule". Action Taken: No Action Taken.
30: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Hard Drive Inspector". Action Taken: No Action Taken.
31: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "kazaalite202_is1". Action Taken: No Action Taken.
32: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB873339". Action Taken: No Action Taken.
33: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB885835". Action Taken: No Action Taken.
34: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB888310". Action Taken: No Action Taken.
35: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB890175". Action Taken: No Action Taken.
36: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB892627". Action Taken: No Action Taken.
37: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB893056". Action Taken: No Action Taken.
38: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "McAfee Personal Firewall Plus". Action Taken: No Action Taken.
39: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "McAfee SpamKiller". Action Taken: No Action Taken.
40: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Mozilla Firefox (1.0.3)". Action Taken: No Action Taken.
41: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Mozilla Firefox (1.0.6)". Action Taken: No Action Taken.
42: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "PartitionExpert". Action Taken: No Action Taken.
43: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Supreme Auction - DeskStart_is1". Action Taken: No Action Taken.
44: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "VirusScan Online". Action Taken: No Action Taken.
45: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "xp-AntiSpy". Action Taken: No Action Taken.
46: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}". Action Taken: No Action Taken.
47: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{7585478E9D9B42108671C12F8714CEFE}". Action Taken: No Action Taken.
48: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{7B63B2922B174135AFC0E1377DD81EC2}". Action Taken: No Action Taken.
49: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{8ADFC4160D694100B5B8A22DE9DCABD9}". Action Taken: No Action Taken.
50: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{AC76BA86-0000-0000-0000-6028747ADE01}". Action Taken: No Action Taken.
51: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{AC76BA86-7AD7-1031-7B44-A00000000001}". Action Taken: No Action Taken.
52: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}". Action Taken: No Action Taken.
53: Mon Oct 03 16:58:21 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "{E9F81423-211E-46B6-9AE0-38568BC5CF6F}". Action Taken: No Action Taken.
54: Mon Oct 03 16:58:27 2005 => Entry "HKCR\img_auto_file\shell\open\command" refers to invalid object ""C:\Programme\Adobe\Acrobat 6.0\Reader\AcroRd32.exe" "%1"". Action Taken: No Action Taken.

--------------------------------------------------
-------------------- Statistik -------------------
--------------------------------------------------

Mon Oct 03 16:58:30 2005 => Total Objects Scanned: 21509
Mon Oct 03 16:58:30 2005 => Total Virus(es) Found: 25
Mon Oct 03 16:58:30 2005 => Total Errors: 54
Mon Oct 03 16:58:30 2005 => Virus Database Date: 2005/10/03
Mon Oct 03 16:58:30 2005 => Virus Database Count: 152199
Mon Oct 03 16:58:38 2005 => Virus Database Date: 2005/10/03
Mon Oct 03 16:58:38 2005 => Virus Database Count: 152199

mein logfile! was nun?

Log-Analyse und Auswertung: mein logfile! was nun?

mein logfile! was nun?

Ähnliche Themen: mein logfile! was nun?