Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   dl.exe und mehr LOg plz checken :( (https://www.trojaner-board.de/21922-dl-exe-mehr-log-plz-checken.html)

Elb 17.09.2005 22:20
dl.exe und mehr LOg plz checken :(
 
so kriege die dl.exe nicht weg

sie taucht im log nicht auf aber sie stört mein psychisches wohlempfinden !!


im abgesichertem modus ist ist auch gleich nach dem hochfahren in verwendung :(

also plz log checken und tipps zu der dl.exe wäre nicht schlecht

-------------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 23:18:44, on 17.09.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
C:\Programme\D-Tools\daemon.exe
C:\Programme\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\KASPER~1\KASPER~1\KASPER~3\OESpamTest.ExE
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Opera\Opera.exe
D:\hijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

O4 - HKLM\..\Run: [NVMixerTray] "C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVSCHED32] C:\Programme\AVPersonal\AVSched32.EXE /min
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Omnipage] C:\Programme\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Treiber\Creative\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [OESpamTest] C:\PROGRA~1\KASPER~1\KASPER~1\KASPER~3\OESpamTest.ExE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Hacker\KAVPF.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1109280188062
O23 - Service: AntiVir Service (AntiVirService) - Unknown owner - C:\Programme\AVPersonal\AVGUARD.EXE (file missing)
O23 - Service: AntiVir Update (AVWUpSrv) - Unknown owner - C:\Programme\AVPersonal\AVWUPSRV.EXE (file missing)
O23 - Service: COM+-Systemanwendung (COMSysApp) - Unknown owner - C:\WINDOWS\System32\dllhost.exe (file missing)
O23 - Service: Verwaltungsdienst für die Verwaltung logischer Datenträger (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)
O23 - Service: kavsvc - Kaspersky Lab - C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: MS Software Shadow Copy Provider (SwPrv) - Unknown owner - C:\WINDOWS\System32\dllhost.exe (file missing)

cacatoa 18.09.2005 11:05
Hi,
vielleicht erklären mich jetzt alle für blöd, aber:
Welche dl.exe? Ich sehe keine solche.
cacatoa

Elb 18.09.2005 17:13
die habe ich schon gefixt!!

die befindet sich im

C:\Dokumente und Einstellungen\Elb(user) dl.exe

Ordner, und diese Datei lässt in keine Zusatand löschen. Also keine Abgesicherter MOdus etc. Diese DL.exe hat die Funktion wenn sie ausgeführt wird das sie deine Inet Verbindung lahmlegt und du nix machen kannst. Also keine inet seiten ansteuern etc

cacatoa 18.09.2005 17:23
Also, entweder hast du sie gefixt und sie ist weg oder sie ist noch da, dann müßte ich sie irgendwo sehen.
Wenn sie weg ist, dann frag ich, ob Du noch ein Problem hast oder nicht.
cacatoa
edit: Mach doch mal im abgesicherten Modus einen eScan. Poste das Ergebnis.

Elb 19.09.2005 01:30
da gibts ein prob !

110 Viren und das log ist ewig lang :(

Auszug 1:

--------------------------------------------------------------------------
Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken.
Object "Limewire Spyware/Adware" found in File System! Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\pxwma.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\DOKUME~1\Elb\LOKALE~1\Temp\_ISTMP1.DIR\_ISTMP0.DIR\FileGrp\Msvcrt10.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\DIMM.DLL". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\system32\cddvdint.dll". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\american-flag.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\arrow.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\asian-flag.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\auto-service.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\auto.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_center.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_left.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_ll.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_lower.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_lr.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_right.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_ul.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_upper.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_ur.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\balloon_x.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\bang.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\bars.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\building.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\closedFolder.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\closedNetworkFolder.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\coffee_house_16.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\crosshair.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\dining.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\dining_16.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\dot.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\drawCircle.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\drawLine.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\drawPolygon.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\drawPolyLine.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\fast-food.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\four-dollars.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\french-flag.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\hand.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\highway_16.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\high_res_places.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\italian-flag.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\large_traffic_count_16.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\loading.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\metacarta.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\metacartahl.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\mexican-flag.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\misc-dining.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\mysavedplaces_closed.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\mysavedplaces_open.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\note.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\notfound.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\one-dollar.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\openFolder.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\openNetworkFolder.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\overlay.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\palette-2.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\palette-3.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\palette-4.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\palette-5.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\parks.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\premium_lock.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\premium_locked.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\premium_star.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\query.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\recreation.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\school_16.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\search.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\streamed_layer.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\streamed_layers.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\terrain_16.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\three-dollars.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\transportation.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\two-dollars.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Google\Google Earth Plus\res\webcam_16.png". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Anti-Spam Personal\Update der Datenbanken von Kaspersky Anti-Spam Personal.lnk". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Anti-Spam Personal\ReadMe-Datei.lnk". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Anti-Spam Personal\Lizenzschlüssel installieren.lnk". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.arc". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.cat". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.dat". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.dcs". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.gsg". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.idn". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.idx". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.key". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.mde". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.men". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.mes". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.mfr". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.mph". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.mru". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.ldb". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\CFData\main0000.pdb". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Anti-Spam Personal\Hilfe für Kaspersky Anti-Spam Personal (SMTP,POP3) .lnk". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Anti-Spam Personal\Kaspersky Anti-Spam Personal deinstallieren.lnk". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Anti-Spam Personal\Kaspersky-Lab-Webseite.url". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Kaspersky Anti-Spam Personal\Hilfe für Kaspersky Anti-Spam Personal (MS Outlook).lnk". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\cmmgr32.exe" refers to invalid object "C:\WINDOWS\System32\cmmgr32.exe". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ScanSoft OmniPage SE\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office Tools\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PrintMe Internet Printing\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\bin\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\resource\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\Grey\Resource\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\Grey\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\Grey\Friends\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\Grey\Public\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\Grey\steam\games\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\Grey\steam\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\Grey\servers\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\skins\Grey\steam\cached\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\SteamApps\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Spiele\HL2\Public\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\Vader\Startmenü\Programme\Valve\Steam\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\Vader\Startmenü\Programme\Valve\". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "C:\Dokumente und Einstellungen\Vader\Startmenü\Programme\Valve\Half-Life 2\". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".cue". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".mir". Action Taken: No Action Taken.
Entry "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts" refers to invalid object ".saving". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "CTDVDAudio Plugin". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "ieupdate". Action Taken: No Action Taken.

Elb 19.09.2005 01:31
Teil 2 :

--------------------------------------------------------------------------

Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "InstallShield_{AC056D10-E6C0-4085-BAD6-EEBB5EC76D66}". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB821557". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB823559". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB823980". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB824105". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB824146". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB828741". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB833987". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB835732". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB840987". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB841356". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB841533". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB842773". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB867282-IE6SP1-20050127.163319". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB871250". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB873376". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "KB891711". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q328310". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q329048". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q329115". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q329170". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q329390". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q329834". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q331953". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q810577". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q810833". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q811493". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q815021". Action Taken: No Action Taken.
Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache" refers to invalid object "Q817606". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2524A5A2-6DE6-433B-A067-33AAA8CF1587}" refers to invalid object "C:\PROGRA~2\INTERA~1\INTERA~1\iPlayer.exe". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{2BE893C7-08C0-4871-9F7F-DBC325EED545}" refers to invalid object "C:\Spiele\Fifa Online\EASO04Patcher.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{43918f8f-f3be-4760-b4bb-6c89d9d91487}" refers to invalid object "C:\Programme\Winamp\Plugins\cddbcontrolwinamp.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{44b09a5f-5dee-4539-8001-d4b2d45c2876}" refers to invalid object "C:\Programme\Winamp\Plugins\cddbcontrolwinamp.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{513959B7-0759-4740-B398-653E65E40DD2}" refers to invalid object "C:\Spiele\Fifa Online\ATLJabber.exe". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{63E6BE14-A742-4EEA-8AF3-0EC39F10F850}" refers to invalid object "C:\PROGRA~1\Google\GOOGLE~1\GOOGLE~1.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{6767bce6-dab4-4236-86c6-7fa8c9d0af24}" refers to invalid object "C:\Spiele\Fifa Online\BrowserEngine2.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{83D4679F-B6D7-11D2-BF36-00C04FB90A03}" refers to invalid object "C:\Programme\Messenger\rtcimsp.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{96632d1e-f3eb-4f54-ba79-9969692db659}" refers to invalid object "C:\Programme\Winamp\Plugins\cddbuiwinamp.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{A2D4475B-C9AA-48E2-A029-1DB829DACF7B}" refers to invalid object "C:\PROGRA~1\Google\GOOGLE~1\GOOGLE~1.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{a7cda720-84ee-11d0-b5c0-00001b3ca278}" refers to invalid object "C:\Programme\AVPersonal\AVShlExt.DLL". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{AFD07A5E-3E20-4D77-825C-2F6D1A50BE5B}" refers to invalid object "C:\PROGRA~1\Google\GOOGLE~1\GOOGLE~1.EXE". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{d4387178-98ca-4929-b8e3-a11cd2f333a6}" refers to invalid object "C:\Programme\Winamp\Plugins\cddbcontrolwinamp.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{d9dbd8a3-a822-43b1-aa0a-d8974f1d192a}" refers to invalid object "C:\Spiele\Fifa Online\SportsWrapper.exe". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{DF35A8F1-4391-4EB2-831D-01BA6C8326D4}" refers to invalid object "C:\Spiele\Fifa Online\2004Utils.dll". Action Taken: No Action Taken.
Entry "HKCR\CLSID\{fba38bcf-e23d-4979-811e-1326bbadb8c8}" refers to invalid object "C:\Programme\Winamp\Plugins\cddbcontrolwinamp.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{16099B99-EC14-4BBB-807E-C06552824C4D}" refers to invalid object "C:\Spiele\Fifa Online\BrowserEngine2.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{3476FAB2-687F-4EA6-9AC2-88D72DC7D7FC}" refers to invalid object "C:\Programme\Google\Google Earth Plus\GoogleEarth.exe". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{38621105-225E-4716-964C-A9AC8804F989}" refers to invalid object "C:\Programme\Gemeinsame Dateien\InterVideo\DVD6\InterActual\IAManager.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{38E346CF-01B3-4A99-9B0B-324E9CD975ED}" refers to invalid object "C:\Program Files\InterActual\InterActual Player\IAKey.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{392BD5CD-D8B6-4C7F-9AA8-F88A97F5D24E}" refers to invalid object "C:\Spiele\Fifa Online\EASO04Patcher.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{54CB0D09-E60F-41B1-B8AF-C7F6652621EC}" refers to invalid object "C:\Spiele\Fifa\fifa2005.exe". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{6370625C-0C07-4F35-9CFF-498B3F70AB5C}" refers to invalid object "C:\DOKUME~1\Elb\LOKALE~1\Temp\VBE\MSForms.exd". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{68F112E5-EA5B-42DD-BB8A-7BBB11302C01}" refers to invalid object "C:\DOKUME~1\Elb\LOKALE~1\Temp\VBE\RefEdit.exd". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{A779AB8D-92BC-433C-A72D-D2A4B7CC80A3}" refers to invalid object "C:\Spiele\Fifa Online\ATLJabber.exe". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{C7D2DAA1-5797-49AD-B0EB-D96E761D8DE1}" refers to invalid object "C:\Spiele\Fifa Online\2004Utils.dll". Action Taken: No Action Taken.
Entry "HKCR\TypeLib\{E1759E98-2E3C-4D2F-A23F-9C42AAAD1A81}" refers to invalid object "C:\Spiele\Fifa Online\SportsWrapper.exe". Action Taken: No Action Taken.
Entry "HKCR\.iti" refers to invalid object "ITIClient.Document". Action Taken: No Action Taken.
Entry "HKCR\.sll" refers to invalid object "SSLFile". Action Taken: No Action Taken.
Entry "HKCR\AcroIEHelper.AcroIEHlprObj" refers to invalid object "{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}". Action Taken: No Action Taken.
Entry "HKCR\AcroIEHelper.AcroIEHlprObj.1" refers to invalid object "{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}". Action Taken: No Action Taken.
Entry "HKCR\Alg.AlgSetup" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}". Action Taken: No Action Taken.
Entry "HKCR\Alg.AlgSetup.1" refers to invalid object "{27D0BCCC-344D-4287-AF37-0C72C161C14C}". Action Taken: No Action Taken.
Entry "HKCR\avi_auto_file\shell\open\command" refers to invalid object ""C:\Dokumente und Einstellungen\Vader\Desktop\mplayerc.exe" "%1"". Action Taken: No Action Taken.
Entry "HKCR\Connection Manager Profile\shell\open\command" refers to invalid object "C:\WINDOWS\System32\CMMGR32.EXE "%1"". Action Taken: No Action Taken.
Entry "HKCR\Google Earth.etafile\shell\open\command" refers to invalid object "C:\Programme\Google\Google Earth Plus\googleearth.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\Google Earth.kmlfile\shell\open\command" refers to invalid object "C:\Programme\Google\Google Earth Plus\googleearth.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\Google Earth.kmzfile\shell\open\command" refers to invalid object "C:\Programme\Google\Google Earth Plus\googleearth.exe "%1"". Action Taken: No Action Taken.
Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken.
Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
Entry "HKCR\Plenoptic.Plenoptic" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken.
Entry "HKCR\Plenoptic.Plenoptic.1" refers to invalid object "{607C27E9-AB27-11d3-A116-A0EA50C10801}". Action Taken: No Action Taken.
Entry "HKCR\ppifile\shell\open\command" refers to invalid object "%SystemRoot%\System32\msppcnfg.exe /Config %1". Action Taken: No Action Taken.
Entry "HKCR\RTCCore.RTCClient" refers to invalid object "{7a42ea29-a2b7-40c4-b091-f6f024aa89be}". Action Taken: No Action Taken.
Entry "HKCR\RTCCore.RTCClient.1" refers to invalid object "{7a42ea29-a2b7-40c4-b091-f6f024aa89be}". Action Taken: No Action Taken.
Entry "HKCR\steam\shell\open\command" refers to invalid object ""C:\Spiele\HL2\steam.exe" "%1"". Action Taken: No Action Taken.
Entry "HKCR\Valve.Source\shell\open\command" refers to invalid object ""c:\spiele\hl2\steamapps\elb\counter-strike source\hl2.exe" "%1"". Action Taken: No Action Taken.
Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken.
Entry "HKCR\WMPPublsihCntr.WMPPublsihCntr.1" refers to invalid object "{939438A9-CF0F-44d8-9140-599736F0D3A2}". Action Taken: No Action Taken.
Entry "HKCR\WMPShell.HWEventHandler" refers to invalid object "{9B186A8F-F520-4eeb-B553-118304AC46C5}". Action Taken: No Action Taken.
Entry "HKCR\WMPShell.HWEventHandler.1" refers to invalid object "{9B186A8F-F520-4eeb-B553-118304AC46C5}". Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Elb\Desktop\32.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
File D:\Download\mirc616.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
File D:\mIRC\backup\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
File D:\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009876.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009877.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009878.EXE infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009879.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009880.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009881.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009882.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009883.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009884.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012579.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012580.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012581.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012582.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012583.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012584.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012585.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012586.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012587.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012588.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012589.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012590.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012591.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012592.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012593.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012594.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012595.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012596.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012597.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012598.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012599.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012600.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012601.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012602.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012603.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012604.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012605.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012606.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012607.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012608.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012609.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012610.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012611.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012612.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012613.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012614.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012615.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012616.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012617.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012618.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012619.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012620.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012621.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012622.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015259.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015263.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015446.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015447.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016635.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016636.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016637.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016638.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP48\A0017251.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020099.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{DB9DF835-2AE1-4302-AA12-981BB73D282D}\RP1\A0000022.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File D:\System Volume Information\_restore{DB9DF835-2AE1-4302-AA12-981BB73D282D}\RP1\A0000023.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.

Elb 19.09.2005 01:38
Teil 3 von 3:



File M:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012797.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012802.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{8149E158-7633-4A30-B202-81CDA61895DF}\RP14\A0005032.exe infected by "Trojan-Dropper.Win32.Agent.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{8149E158-7633-4A30-B202-81CDA61895DF}\RP14\A0005033.exe tagged as "not-a-virus:Porn-Dialer.Win32.Star". Action Taken: No Action Taken.
File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP83\A0017253.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP83\A0017254.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP84\A0018704.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP84\A0018707.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015310.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015311.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015312.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015355.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP46\A0016491.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP46\A0016492.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019086.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019087.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019088.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019089.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019090.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019600.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019602.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019623.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019628.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019630.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019631.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019632.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019633.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019634.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019640.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019645.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019663.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019668.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019670.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019671.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019672.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019673.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019674.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020013.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020043.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.


-----------------------------------------------------------------------

den kompleten log werde ich dann uploaden !!

cacatoa 19.09.2005 10:13
Also, um Übersicht zu gewinnen:
1. Systemwiederherstellung ausschalten. Rechner ausschalten. Rechner anschalten. Systemwiederherstellung wieder an.
2. Mit clearprog 1.4.1 final alle temporären files löschen (clicke an: "alles löschen")
3. Kaspersky Quarantäne/Backup leeren
4. Mit RegSeeker die Registry säubern.
5. Neu scannen
6. Neues Ergebnis von eScan und HJT-Logfile posten.
cacatoa http://www.smiley-channel.de/grafike...technik016.gif

Elb 19.09.2005 13:47
vielen dank cacatoa für die immer schnelle und exakte hilfe ! :daumenhoc :daumenhoc :daumenhoc

mache mich an die arbeit!

werde hier die Logs dann reinposten

Elb 19.09.2005 16:09
So hier das jack LOG

mit escan gibts ein Prob noch immer zu groß!!!
Grund: habe 3 HDs somit eine menge an Dateien deswegen ist dieser MavLog ewig lang!


_________________________________________________________________
Logfile of HijackThis v1.99.1
Scan saved at 17:07:27, on 19.09.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Programme\D-Tools\daemon.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\KASPER~1\KASPER~1\KASPER~3\OESpamTest.ExE
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\NOTEPAD.EXE
D:\hijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [NVMixerTray] "C:\Programme\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programme\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Omnipage] C:\Programme\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Treiber\Creative\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\kav.exe" /minimize
O4 - HKLM\..\Run: [OESpamTest] C:\PROGRA~1\KASPER~1\KASPER~1\KASPER~3\OESpamTest.ExE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Hacker\KAVPF.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_04\bin\npjpi150_04.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

http://v5.windowsupdate.microsoft.co...?1109280188062
O23 - Service: kavsvc - Kaspersky Lab - C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\kavsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

_________________________________________________________________

zu der DL.EXE

also sie exestiert noch immer und ich kann sie nicht Löschen weil dauernd eine Fehlermeldung komtm das sie grad ausgeführt wird bzw. sie ein andrer User verwendet!

cacatoa 19.09.2005 19:18
Hi,
ich will die Mwavlog gar nicht sehen. Du sollst nur die Funde posten. Die findest Du mit der "find.bat". Steht alles in der eScan-Anleitung.
Das Log an sich ist sauber.
Kannst du die DL.exe nicht über den Task-Manager beenden und dann löschen?
cacatoa

Elb 19.09.2005 20:21
Ach

immer besser zu ende lesen ! :)


nochmal zu dl.exe

also sie ist nicht im Task Manager zu sehen und nicht im Security Task Manager

es kommt beim Löschvorgang dauernd die Fehlermeldung dass sie von einem andren Program bzw. einer andren Person benutzt wird.

das regt mich ja so auf weil sie in keinem Manager zu sehen ist !!!! :schmoll: :schmoll: :headbang: :headbang: :headbang:



hier das log!
Teil 1 (infected):
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Sun Sep 18 19:39:06 2005 => Total Disinfected Files: 0
Sun Sep 18 19:40:45 2005 => Total Disinfected Files: 0
Sun Sep 18 19:42:36 2005 => Total Disinfected Files: 0
Mon Sep 19 01:40:18 2005 => Scanning File C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\Infected.wav
Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009876.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009877.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009878.EXE infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009879.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009880.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009881.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009882.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009883.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:06 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009884.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012579.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012580.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012581.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012582.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012583.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012584.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012585.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012586.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012587.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012588.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012589.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:07 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012590.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012591.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012592.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012593.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012594.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012595.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012596.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012597.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012598.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012599.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012600.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012601.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012602.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012603.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:08 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012604.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012605.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012606.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012607.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012608.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012609.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012610.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012611.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012612.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012613.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012614.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:09 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012615.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:10 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012616.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:10 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012617.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:10 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012618.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:10 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012619.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:10 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012620.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:10 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012621.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:08:10 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012622.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:11:06 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015259.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:11:10 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015263.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:11:14 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015446.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:11:14 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015447.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:11:15 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016635.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:11:15 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016636.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:11:15 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016637.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:11:15 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016638.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:11:16 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP48\A0017251.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:11:17 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020099.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:11:32 2005 => File D:\System Volume Information\_restore{DB9DF835-2AE1-4302-AA12-981BB73D282D}\RP1\A0000022.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:11:32 2005 => File D:\System Volume Information\_restore{DB9DF835-2AE1-4302-AA12-981BB73D282D}\RP1\A0000023.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:15:56 2005 => File M:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012797.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:15:56 2005 => File M:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012802.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:15:57 2005 => File M:\System Volume Information\_restore{8149E158-7633-4A30-B202-81CDA61895DF}\RP14\A0005032.exe infected by "Trojan-Dropper.Win32.Agent.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:15:58 2005 => File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP83\A0017253.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:15:58 2005 => File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP83\A0017254.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:15:58 2005 => File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP84\A0018704.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:15:58 2005 => File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP84\A0018707.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:16:33 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015310.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:16:33 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015311.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:16:33 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015312.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:16:34 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015355.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:16:35 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP46\A0016491.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:16:35 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP46\A0016492.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:16:36 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019086.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:16:36 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019087.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:16:36 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019088.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:16:36 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019089.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:16:36 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019090.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019600.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019602.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:05 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019623.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:06 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019628.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:06 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019630.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:06 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019631.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:06 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019632.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:06 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019633.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:06 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019634.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:07 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019640.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:07 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019645.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:08 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019663.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:09 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019668.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:09 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019670.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:09 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019671.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:09 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019672.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:09 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019673.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:09 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019674.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:10 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020013.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:17:10 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020043.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 02:19:24 2005 => Total Disinfected Files: 0
Mon Sep 19 15:04:49 2005 => Total Disinfected Files: 0

Elb 19.09.2005 20:23
Teil 2 von 3
Mon Sep 19 15:37:51 2005 => Scanning File C:\Programme\Kaspersky\Kaspersky Security Suite\Kaspersky Anti-Virus Personal\Infected.wav
Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009876.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009877.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009878.EXE infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009879.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009880.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009881.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009882.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009883.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:45 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP2\A0009884.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012579.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012580.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012581.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012582.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012583.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012584.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012585.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012586.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012587.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012588.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012589.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012590.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012591.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012592.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012593.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:46 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012594.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012595.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012596.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012597.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012598.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012599.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012600.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012601.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012602.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012603.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012604.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012605.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012606.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012607.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012608.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012609.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:47 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012610.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012611.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012612.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012613.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012614.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012615.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012616.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012617.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012618.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012619.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:48 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012620.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:49 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012621.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:06:49 2005 => File D:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012622.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:09:48 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015259.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:09:52 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015263.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:09:56 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015446.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:09:56 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015447.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:09:58 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016635.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:09:58 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016636.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:09:58 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016637.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:09:58 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP47\A0016638.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:09:58 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP48\A0017251.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:10:00 2005 => File D:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020099.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:10:16 2005 => File D:\System Volume Information\_restore{DB9DF835-2AE1-4302-AA12-981BB73D282D}\RP1\A0000022.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:10:16 2005 => File D:\System Volume Information\_restore{DB9DF835-2AE1-4302-AA12-981BB73D282D}\RP1\A0000023.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:14:47 2005 => File M:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012797.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:14:47 2005 => File M:\System Volume Information\_restore{57714A2A-F829-4A9B-A099-2EC5F89EB0A5}\RP3\A0012802.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:14:48 2005 => File M:\System Volume Information\_restore{8149E158-7633-4A30-B202-81CDA61895DF}\RP14\A0005032.exe infected by "Trojan-Dropper.Win32.Agent.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:14:52 2005 => File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP83\A0017253.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:14:52 2005 => File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP83\A0017254.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:14:52 2005 => File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP84\A0018704.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:14:52 2005 => File M:\System Volume Information\_restore{9F5226C5-A62E-4265-8EA3-A6C12145C4CB}\RP84\A0018707.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:15:30 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015310.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:15:31 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015311.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:15:31 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP26\A0015312.exe infected by "Virus.Win32.HLLP.Hantaner.a" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:15:32 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP27\A0015355.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:15:33 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP46\A0016491.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:15:33 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP46\A0016492.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:15:34 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019086.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:15:34 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019087.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:15:34 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019088.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:15:34 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019089.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:15:34 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP54\A0019090.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:02 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019600.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:02 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019602.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019623.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019628.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019630.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019631.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019632.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019633.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:04 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019634.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:05 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019640.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:05 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019645.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:06 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019663.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:07 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019668.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:07 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019670.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:07 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019671.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:07 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019672.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:07 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019673.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:07 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP55\A0019674.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:08 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020013.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:16:08 2005 => File M:\System Volume Information\_restore{CB5531D7-AB0A-42CF-BBED-CF52B30576CF}\RP56\A0020043.exe infected by "Virus.Win32.Parite.b" Virus! Action Taken: No Action Taken.
Mon Sep 19 16:18:14 2005 => Total Disinfected Files: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Mon Sep 19 01:25:34 2005 => File C:\Dokumente und Einstellungen\Elb\Desktop\32.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Sep 19 02:05:14 2005 => File D:\Download\mirc616.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Sep 19 02:06:37 2005 => File D:\mIRC\backup\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Sep 19 02:06:49 2005 => File D:\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Sep 19 02:15:57 2005 => File M:\System Volume Information\_restore{8149E158-7633-4A30-B202-81CDA61895DF}\RP14\A0005033.exe tagged as "not-a-virus:Porn-Dialer.Win32.Star". Action Taken: No Action Taken.
Mon Sep 19 15:03:50 2005 => File C:\Dokumente und Einstellungen\Elb\Desktop\32.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Sep 19 15:23:20 2005 => File C:\Dokumente und Einstellungen\Elb\Desktop\32.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Sep 19 15:44:49 2005 => File C:\System Volume Information\_restore{97DEF2D4-D32F-4D96-80D7-D38DD7E8735F}\RP1\A0000147.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Sep 19 16:03:40 2005 => File D:\Download\mirc616.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Sep 19 16:05:10 2005 => File D:\mIRC\backup\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Sep 19 16:05:22 2005 => File D:\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Sep 19 16:07:49 2005 => File D:\System Volume Information\_restore{97DEF2D4-D32F-4D96-80D7-D38DD7E8735F}\RP1\A0000149.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Mon Sep 19 16:14:48 2005 => File M:\System Volume Information\_restore{8149E158-7633-4A30-B202-81CDA61895DF}\RP14\A0005033.exe tagged as "not-a-virus:Porn-Dialer.Win32.Star". Action Taken: No Action Taken.
~

Elb 19.09.2005 20:23
Teil 3 von 3 !


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Sun Sep 18 19:21:15 2005 => Offending Folder found: C:\PROGRA~1\limewire
Sun Sep 18 19:39:06 2005 => Total Virus(es) Found: 2
Sun Sep 18 19:40:45 2005 => Total Virus(es) Found: 0
Sun Sep 18 19:41:49 2005 => Offending Folder found: C:\PROGRA~1\limewire
Sun Sep 18 19:42:36 2005 => Total Virus(es) Found: 2
Mon Sep 19 01:18:01 2005 => Offending Folder found: C:\PROGRA~1\limewire
Mon Sep 19 02:19:24 2005 => Total Virus(es) Found: 110
Mon Sep 19 14:58:07 2005 => Offending Folder found: C:\PROGRA~1\limewire
Mon Sep 19 15:04:49 2005 => Total Virus(es) Found: 3
Mon Sep 19 15:17:54 2005 => Offending Folder found: C:\PROGRA~1\limewire
Mon Sep 19 16:18:14 2005 => Total Virus(es) Found: 112
Sun Sep 18 19:39:06 2005 => Total Errors: 214
Sun Sep 18 19:40:45 2005 => Total Errors: 2
Sun Sep 18 19:42:36 2005 => Total Errors: 213
Mon Sep 19 02:19:24 2005 => Total Errors: 226
Mon Sep 19 15:04:49 2005 => Total Errors: 216
Mon Sep 19 16:18:14 2005 => Total Errors: 18
Sun Sep 18 19:39:06 2005 => Time Elapsed: 00:19:12
Sun Sep 18 19:40:45 2005 => Time Elapsed: 00:00:44
Sun Sep 18 19:42:36 2005 => Time Elapsed: 00:01:43
Mon Sep 19 02:19:24 2005 => Time Elapsed: 01:02:03
Mon Sep 19 15:04:49 2005 => Time Elapsed: 00:07:12
Mon Sep 19 16:18:14 2005 => Time Elapsed: 01:00:54
Sun Sep 18 19:39:06 2005 => Total Objects Scanned: 41503
Sun Sep 18 19:40:45 2005 => Total Objects Scanned: 599
Sun Sep 18 19:42:36 2005 => Total Objects Scanned: 21201
Mon Sep 19 02:19:24 2005 => Total Objects Scanned: 73122
Mon Sep 19 15:04:49 2005 => Total Objects Scanned: 27401
Mon Sep 19 16:18:14 2005 => Total Objects Scanned: 70318
Sun Sep 18 19:19:14 2005 => Virus Database Date: 2005/09/09
Sun Sep 18 19:39:06 2005 => Virus Database Date: 2005/09/09
Sun Sep 18 19:39:08 2005 => Virus Database Date: 2005/09/09
Sun Sep 18 19:39:42 2005 => Virus Database Date: 2005/09/09
Sun Sep 18 19:40:45 2005 => Virus Database Date: 2005/09/09
Sun Sep 18 19:42:36 2005 => Virus Database Date: 2005/09/09
Sun Sep 18 19:42:39 2005 => Virus Database Date: 2005/09/09
Mon Sep 19 01:12:28 2005 => Virus Database Date: 2005/09/09
Mon Sep 19 01:16:59 2005 => Virus Database Date: 2005/09/09
Mon Sep 19 02:19:24 2005 => Virus Database Date: 2005/09/09
Mon Sep 19 02:25:47 2005 => Virus Database Date: 2005/09/09
Mon Sep 19 14:57:03 2005 => Virus Database Date: 2005/09/09
Mon Sep 19 15:04:49 2005 => Virus Database Date: 2005/09/09
Mon Sep 19 15:04:52 2005 => Virus Database Date: 2005/09/09
Mon Sep 19 15:17:05 2005 => Virus Database Date: 2005/09/09
Mon Sep 19 16:18:14 2005 => Virus Database Date: 2005/09/09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
~~~~~~~ © Haui ;-) ~~~~~~~
~~~~~~~ Dank an Cidre ~~~~~~

cacatoa 19.09.2005 20:29
Also,
die Einträge aus dem Log sollten weg sein, wenn du wie beschrieben die Systemwiederherstellung auf allen Laufwerken deaktivierst, dann Rechner aus. Dann Rechner an. Dann wieder aktivieren. Damit sind dann alle Wiederherstellungspunkte (File D:\System Volume Information\_restore) weg.
Da allerdings Parite ein residenter virus ist, kann es sein, daß er im Hintergrund läuft und nicht wegzubringen ist.
Deshalb bitte das hier (ohne die Anleitungen für netsky) mal abarbeiten.
cacatoa


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:51 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129