Im Taskmanager wird iexplore.exe oft ausgeführt ! |
||
---|---|---|
#0
| ||
09.04.2008, 09:40
Ehrenmitglied
Beiträge: 29434 |
||
|
||
10.04.2008, 14:28
...neu hier
Themenstarter Beiträge: 9 |
#17
Avenger
////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Platform: Windows XP (build 2600, Service Pack 2) Wed Apr 09 07:48:39 2008 07:48:39: Error: Invalid script. A valid script must begin with a command directive. Aborting execution! ////////////////////////////////////////// ////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Platform: Windows XP (build 2600, Service Pack 2) Wed Apr 09 07:49:46 2008 07:49:46: Error: Invalid script. A valid script must begin with a command directive. Aborting execution! ////////////////////////////////////////// ////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Platform: Windows XP (build 2600, Service Pack 2) Wed Apr 09 07:50:51 2008 07:50:51: Error: Invalid script. A valid script must begin with a command directive. Aborting execution! ////////////////////////////////////////// ////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Platform: Windows XP (build 2600, Service Pack 2) Wed Apr 09 07:51:55 2008 07:51:55: Error: Invalid script. A valid script must begin with a command directive. Aborting execution! ////////////////////////////////////////// ////////////////////////////////////////// Avenger Pre-Processor log ////////////////////////////////////////// Platform: Windows XP (build 2600, Service Pack 2) Wed Apr 09 08:12:29 2008 08:12:29: Error: Invalid script. A valid script must begin with a command directive. Aborting execution! ////////////////////////////////////////// Logfile of The Avenger Version 2.0, (c) by Swandog46 http://swandog46.geekstogo.com Platform: Windows XP ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! Registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINDOWS_IPSEC_MONITOR\0000" deleted successfully. Registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Windows IPSEC Monitor" deleted successfully. Registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINDOWS_IPSEC_MONITOR\0000" deleted successfully. Registry key "HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Windows IPSEC Monitor" deleted successfully. Error: registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINDOWS_IPSEC_MONITOR\0000" not found! Deletion of registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINDOWS_IPSEC_MONITOR\0000" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows IPSEC Monitor" not found! Deletion of registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows IPSEC Monitor" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist File "C:\WINDOWS\uninst.exe" deleted successfully. File "C:\WINDOWS\system32\msipm_1.dll" deleted successfully. File "C:\smaq.exe" deleted successfully. File "C:\ovvbu.exe" deleted successfully. File "C:\WINDOWS\system32\test12.exe" deleted successfully. File "C:\opteax.exe" deleted successfully. Error: registry key "HKEY_LOCAL_MACHINE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\Antispywar_B95596C82495334D92E4A7C6DDCCEF6AA6E672E4" not found! Deletion of registry key "HKEY_LOCAL_MACHINE\Microsoft\Windows\CurrentVersion\DIFx\DriverStore\Antispywar_B95596C82495334D92E4A7C6DDCCEF6AA6E672E4" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Completed script processing. ******************* Finished! Terminate. Kaspersky Scan ---- Scanned: 1272 Detected: 48 Untreated: 0 Start time: 09.04.2008 15:32:21 Duration: 00:01:26 Finish time: 09.04.2008 15:33:47 Detected -------- Status Object ------ ------ will be deleted when the computer is restarted: virus Virus.Win32.Parite.b File: C:\WINDOWS\TEMP\aoa1.tmp//UPX deleted: virus Virus.Win32.Parite.b File: c:\programme\microsoft office\office12\msaccess.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\adobe\acrobat 8.0\acrobat\acrobat.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\microsoft office\office12\excel.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\microsoft office\office12\groove.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\windows nt\hypertrm.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\adobe\adobe utilities\extendscript toolkit 2\extendscript toolkit 2.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\microsoft office\office12\mstore.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\adobe\adobe photoshop cs3\photoshop.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\microsoft office\office12\powerpnt.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\microsoft office\office12\winword.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\gemeinsame dateien\microsoft shared\office12\msoxmled.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\adobe\adobe dreamweaver cs3\dreamweaver.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\adobe\acrobat 8.0\acrobat\acrotray.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\quicktime\qttask.exe deleted: virus Virus.Win32.Parite.b File: C:\WINDOWS\microsoft.net\framework\v2.0.50727\aspnet_state.exe deleted: virus Virus.Win32.Parite.b File: c:\windows\system32\ati2sgag.exe deleted: virus Virus.Win32.Parite.b File: C:\WINDOWS\system32\atmsrvc.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\bonjour\mdnsresponder.exe deleted: virus Virus.Win32.Parite.b File: c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe deleted: Trojan program Trojan.Win32.Small.aau File: c:\windows\system32\drivers\diag69xp.sys deleted: virus Virus.Win32.Parite.b File: c:\programme\google\common\google updater\googleupdaterservice.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\microsoft office\office12\grooveauditservice.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\gemeinsame dateien\microsoft shared\office12\odserv.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\gemeinsame dateien\microsoft shared\source engine\ose.exe deleted: virus Virus.Win32.Parite.b File: c:\windows\system32\drivers\install.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\adobe\acrobat 8.0\acrobat\acrobatinfo.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\adobe\acrobat 8.0\acrobat\acrodist.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\adobe type manager\atmfm.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\adobe\adobe bridge cs3\bridge.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\corel\coreldraw graphics suite x4\programs\capture.exe deleted: virus Virus.Win32.Parite.b File: c:\dokumente und einstellungen\boss\desktop\combofix.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\corel\coreldraw graphics suite x4\programs\coreldrw.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\corel\coreldraw graphics suite x4\programs\corelpp.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\trend micro\hijackthis\hijackthis.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\microsoft office\office12\infopath.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\itunes\itunes.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\mobackup\mobackup.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\messenger\msmsgs.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\microsoft office\office12\mspub.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\microsoft office\office12\ois.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\microsoft office\office12\onenote.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\microsoft office\office12\outlook.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\quicktime\pictureviewer.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\quicktime\quicktimeplayer.exe deleted: virus Virus.Win32.Parite.b File: c:\program files\real\realplayer\realplay.exe deleted: virus Virus.Win32.Parite.b File: c:\programme\gemeinsame dateien\real\update_ob\rnxproc.exe deleted: virus Virus.Win32.Parite.b File: c:\windows\downloaded program files\fp_ax_cab_installer.exe Events ------ Time Name Status Reason ---- ---- ------ ------ Statistics ---------- Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted ------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ --------- Settings -------- Parameter Value --------- ----- Security Level Recommended Action Prompt for action when the scan is complete Run mode Manually File types Scan all files Scan only new and changed files No Scan archives All Scan embedded OLE objects All Skip if object is larger than No Skip if scan takes longer than No Parse email formats No Scan password-protected archives No Enable iChecker technology No Enable iSwift technology No Show detected threats on "Detected" tab Yes Quarantine ---------- Status Object Size Added ------ ------ ---- ----- Backup ------ Status Object Size ------ ------ ---- |
|
|
||
10.04.2008, 15:54
Ehrenmitglied
Beiträge: 29434 |
#18
Hallo,
na wunderbar ! Hat ja gut geklappt ! « starte den Rechner neu, damit der kaspersky den parite löschen kann. -------------------------------------------------------------------- «« http://virus-protect.org/artikel/tools/regsearch.html und doppelklicken, um zu starten. in: "Enter search strings" (reinschreiben oder reinkopieren) Diag69xp in edit und klicke "Ok". Notepad wird sich öffnen -- kopiere den Text ab und poste ihn. ------------------------------------------------------------------- « scanne mit bitdefender + poste den report http://virus-protect.org/onlinescan.html + ein neues Log von HijackTHis + Combofix __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
Zitat
__________
MfG Sabina
rund um die PC-Sicherheit