Irgendein "GAIN Zeugs" auf'm Rechner - Brauche Hilfe

#0
25.06.2005, 00:41
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#16 also, im log ist nichts zu sehen, ....wahrscheinlich gibt es nur Reste in der Registry, die der Reg-Cleaner geloescht hat.

wenn du magst...scanne mit escan
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
26.06.2005, 18:06
...neu hier

Beiträge: 8
#17 Also ich habe dabei ein Problem! ich nutze xp und muss in den abgesicherten modus.
Das Problem ist, dass das irgendwie nicht geht...
Seitenanfang Seitenende
26.06.2005, 23:10
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#18 siehst du einen blinkenden kursor ?
Dann warte einfach eine weile , bis alles geladen ist, dann wird es schon gehen ;)
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
27.06.2005, 20:38
...neu hier

Beiträge: 8
#19 Also der hat schon Viren gefunden:




--------------------------------------------------
-------------------- INFECTED --------------------
--------------------------------------------------

1: Mon Jun 27 14:15:11 2005 => System found infected with Gator Spyware/Adware ({21FFB6C0-0DA1-11D5-A9D5-00500413153C})! Action taken: No Action Taken.
2: Mon Jun 27 14:15:12 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
3: Mon Jun 27 14:16:00 2005 => File C:\WINDOWS\hta1.hta infected by "Trojan.VBS.LowZones.a" Virus! Action Taken: No Action Taken.
4: Mon Jun 27 14:16:00 2005 => File C:\WINDOWS\hta2.hta infected by "Trojan.VBS.LowZones.a" Virus! Action Taken: No Action Taken.
5: Mon Jun 27 14:16:00 2005 => File C:\WINDOWS\hta3.hta infected by "Trojan.VBS.LowZones.a" Virus! Action Taken: No Action Taken.
6: Mon Jun 27 14:16:00 2005 => File C:\WINDOWS\hta6.hta infected by "Trojan.VBS.LowZones.a" Virus! Action Taken: No Action Taken.
7: Mon Jun 27 14:48:05 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP39\A0008123.exe infected by "Trojan.Win32.Chantal" Virus! Action Taken: No Action Taken.
8: Mon Jun 27 14:48:05 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP39\A0008129.exe infected by "Trojan.Win32.VB.ao" Virus! Action Taken: No Action Taken.
9: Mon Jun 27 14:50:06 2005 => File C:\WINDOWS\hta1.hta infected by "Trojan.VBS.LowZones.a" Virus! Action Taken: No Action Taken.
10: Mon Jun 27 14:50:06 2005 => File C:\WINDOWS\hta2.hta infected by "Trojan.VBS.LowZones.a" Virus! Action Taken: No Action Taken.
11: Mon Jun 27 14:50:06 2005 => File C:\WINDOWS\hta3.hta infected by "Trojan.VBS.LowZones.a" Virus! Action Taken: No Action Taken.
12: Mon Jun 27 14:50:06 2005 => File C:\WINDOWS\hta6.hta infected by "Trojan.VBS.LowZones.a" Virus! Action Taken: No Action Taken.

--------------------------------------------------
--------------------- TAGGED ---------------------
--------------------------------------------------

1: Mon Jun 27 14:15:59 2005 => File C:\WINDOWS\100087.exe tagged as "not-a-virus;)ialer.Win32.PlayGames". Action Taken: No Action Taken.
2: Mon Jun 27 14:15:59 2005 => File C:\WINDOWS\100088.exe tagged as "not-a-virus;)ialer.Win32.PlayGames". Action Taken: No Action Taken.
3: Mon Jun 27 14:15:59 2005 => File C:\WINDOWS\100089.exe tagged as "not-a-virus;)ialer.Win32.PlayGames". Action Taken: No Action Taken.
4: Mon Jun 27 14:24:21 2005 => File C:\Dokumente und Einstellungen\Mama\Lokale Einstellungen\Temporary Internet Files\Content.IE5\664P3DEB\hdplugin_1101_bundle43v5d52[1].cab tagged as "not-a-virus:AdWare.Gator.1101". Action Taken: No Action Taken.
5: Mon Jun 27 14:48:21 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008423.exe tagged as "not-a-virus:AdWare.Gator.3010". Action Taken: No Action Taken.
6: Mon Jun 27 14:48:21 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008426.exe tagged as "not-a-virus:AdWare.ToolBar.DashBar.a". Action Taken: No Action Taken.
7: Mon Jun 27 14:48:22 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008429.dll tagged as "not-a-virus:AdWare.Gator.5115". Action Taken: No Action Taken.
8: Mon Jun 27 14:48:22 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008430.exe tagged as "not-a-virus:AdWare.Gator.6034". Action Taken: No Action Taken.
9: Mon Jun 27 14:48:22 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008433.dll tagged as "not-a-virus:AdWare.Gator.3124". Action Taken: No Action Taken.
10: Mon Jun 27 14:48:22 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008434.dll tagged as "not-a-virus:AdWare.Gator.6041". Action Taken: No Action Taken.
11: Mon Jun 27 14:48:22 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008435.dll tagged as "not-a-virus:AdWare.Gator.6041". Action Taken: No Action Taken.
12: Mon Jun 27 14:48:22 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008436.dll tagged as "not-a-virus:AdWare.Gator.6051". Action Taken: No Action Taken.
13: Mon Jun 27 14:48:22 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008438.dll tagged as "not-a-virus:AdWare.Gator.6051". Action Taken: No Action Taken.
14: Mon Jun 27 14:48:22 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008439.dll tagged as "not-a-virus:AdWare.Gator.6051". Action Taken: No Action Taken.
15: Mon Jun 27 14:48:23 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008468.dll tagged as "not-a-virus:AdWare.Gator.5017". Action Taken: No Action Taken.
16: Mon Jun 27 14:48:23 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008469.dll tagged as "not-a-virus:AdWare.Gator.6041". Action Taken: No Action Taken.
17: Mon Jun 27 14:48:23 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008470.exe tagged as "not-a-virus:AdWare.Gator.5112". Action Taken: No Action Taken.
18: Mon Jun 27 14:48:24 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008472.exe tagged as "not-a-virus:AdWare.Gator.7106". Action Taken: No Action Taken.
19: Mon Jun 27 14:48:24 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008474.exe tagged as "not-a-virus:AdWare.Gator.f". Action Taken: No Action Taken.
20: Mon Jun 27 14:48:24 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008475.exe tagged as "not-a-virus:AdWare.Gator.a". Action Taken: No Action Taken.
21: Mon Jun 27 14:48:24 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008476.exe tagged as "not-a-virus:AdWare.Gator.a". Action Taken: No Action Taken.
22: Mon Jun 27 14:48:50 2005 => File C:\WINDOWS\100087.exe tagged as "not-a-virus;)ialer.Win32.PlayGames". Action Taken: No Action Taken.
23: Mon Jun 27 14:48:50 2005 => File C:\WINDOWS\100088.exe tagged as "not-a-virus;)ialer.Win32.PlayGames". Action Taken: No Action Taken.
24: Mon Jun 27 14:48:50 2005 => File C:\WINDOWS\100089.exe tagged as "not-a-virus;)ialer.Win32.PlayGames". Action Taken: No Action Taken.
25: Mon Jun 27 14:48:54 2005 => File C:\WINDOWS\Downloaded Program Files\HDPlugin1101.dll tagged as "not-a-virus:AdWare.Gator.1101". Action Taken: No Action Taken.

--------------------------------------------------
--------------------- ERRORS ---------------------
--------------------------------------------------

1: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\naviagent.exe". Action Taken: No Action Taken.
2: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\naviservice.dll". Action Taken: No Action Taken.
3: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\xcode_2_0_1.dll". Action Taken: No Action Taken.
4: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\naviservice.dll". Action Taken: No Action Taken.
5: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\naviagent.exe". Action Taken: No Action Taken.
6: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\naviclient.exe". Action Taken: No Action Taken.
7: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\vrsncom_1_0_2.dll". Action Taken: No Action Taken.
8: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\xcode_2_0_1.dll". Action Taken: No Action Taken.
9: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\i-nav_4_2_1.dll". Action Taken: No Action Taken.
10: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\pxsfs.dll". Action Taken: No Action Taken.
11: Mon Jun 27 14:15:43 2005 => Entry "HKCR\CLSID\{1EFD6A40-3999-11CF-9150-00AA0059F70D}" refers to invalid object "D:\PROGRAM\32\mci32.ocx". Action Taken: No Action Taken.
12: Mon Jun 27 14:15:44 2005 => Entry "HKCR\CLSID\{3775D2E0-7C5D-11CF-899E-00AA00688B10}" refers to invalid object "D:\PROGRAM\32\mci32.ocx". Action Taken: No Action Taken.
13: Mon Jun 27 14:15:45 2005 => Entry "HKCR\CLSID\{88E729D6-BDC1-11D1-BD2A-00C04FB9603F}" refers to invalid object "fde.dll". Action Taken: No Action Taken.
14: Mon Jun 27 14:15:46 2005 => Entry "HKCR\CLSID\{C1A8AF25-1257-101B-8FB0-0020AF039CA3}" refers to invalid object "D:\PROGRAM\32\mci32.ocx". Action Taken: No Action Taken.
15: Mon Jun 27 14:32:13 2005 => ERROR!!! FindFirstFile For C:\Dokumente und Einstellungen\Papa\Eigene Dateien\EKOL Yurtdisi Egitim Danismanligi - Iletisim-Dateien\*.* Failed!!! Reason is Das System kann den angegebenen Pfad nicht finden. (0x3)
16: Mon Jun 27 14:32:13 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\Papa\Eigene Dateien\EKOL Yurtdisi Egitim Danismanligi - Iletisim.htm: Scanning Failure!!!
17: Mon Jun 27 14:32:13 2005 => ERROR!!! ScanFile fails for C:\Dokumente und Einstellungen\Papa\Eigene Dateien\EKOL Yurtdisi Egitim Danismanligi - Iletisim.htm
18: Mon Jun 27 14:40:46 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\Papa\Recent\EKOL Yurtdisi Egitim Danismanligi - Iletisim.lnk: Scanning Failure!!!
19: Mon Jun 27 14:40:46 2005 => ERROR!!! ScanFile fails for C:\Dokumente und Einstellungen\Papa\Recent\EKOL Yurtdisi Egitim Danismanligi - Iletisim.lnk

--------------------------------------------------
-------- DATEIEN ZUM LÖSCHEN HINZUGEFÜGT ---------
--------------------------------------------------

1: C:\WINDOWS\hta1.hta => Trojan.VBS.LowZones.a
2: C:\WINDOWS\hta2.hta => Trojan.VBS.LowZones.a
3: C:\WINDOWS\hta3.hta => Trojan.VBS.LowZones.a
4: C:\WINDOWS\hta6.hta => Trojan.VBS.LowZones.a
5: C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP39\A0008123.exe => Trojan.Win32.Chantal
6: C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP39\A0008129.exe => Trojan.Win32.VB.ao

--------------------------------------------------
-------------------- Statistik -------------------
--------------------------------------------------

Mon Jun 27 14:54:02 2005 => Total Objects Scanned: 82908
Mon Jun 27 14:54:02 2005 => Total Virus(es) Found: 41
Mon Jun 27 14:54:02 2005 => Total Errors: 17
Mon Jun 27 14:54:02 2005 => Virus Database Date: 2005/06/27
Mon Jun 27 14:54:02 2005 => Virus Database Count: 136658
Seitenanfang Seitenende
27.06.2005, 23:46
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#20 Hallo@Donerman

•KillBox
http://bilder.informationsarchiv.net/Nikitas_Tools/KillBox.zip
Anleitung: (bebildert)
http://virus-protect.org/killbox.html

•Delete File on Reboot <--anhaken

und klicke auf das rote Kreuz,
wenn gefragt wird, ob "Do you want to reboot? "----> klicke auf "no",und kopiere das naechste rein, erst beim letzten auf "yes"
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
C:\WINDOWS\Downloaded Program Files\HDPlugin1101.dll
C:\WINDOWS\hta1.hta
C:\WINDOWS\hta2.hta
C:\WINDOWS\hta3.hta
C:\WINDOWS\hta6.hta
C:\WINDOWS\100087.exe
C:\WINDOWS\100088.exe
C:\WINDOWS\100089.exe
C:\Dokumente und Einstellungen\Mama\Lokale Einstellungen\Temporary Internet Files\Content.IE5\664P3DEB\hdplugin_1101_bundle43v5d52[1].cab

PC neustarten

Deaktivieren Wiederherstellung
«XP
Arbeitsplatz-->rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren.

dann aktiviere sie wieder ;)

CCleaner--> loesche alle *temp-Datein
http://virus-protect.org/temp.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
29.06.2005, 23:57
...neu hier

Beiträge: 8
#21 Gut! Wenn ich im letzten Schritt nur ganz normal bei IE-Extras-Internetoptionen den Verlauf, COokies und Dateien löschen musste habe ichs ;).
Ist jetzt alles in Ordnung? ^^
Seitenanfang Seitenende
30.06.2005, 00:18
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#22 Hallo@

•Ad-aware SE Personal

http://virus-protect.org/antispywaretools.html
Laden--> Updaten-->Konfigurieren
http://virus-protect.org/adaware.html
#VOR jedem Scanvorgang das Programm Updaten!
waehrend des Scanvorganges müssen ALLE sonstige
Anwendungen beendet werden und alle Browserfenster müssen
geschlossen sein!
scannen-->PC neustarten--> noch mal scannen--> poste das Log vom Scann

wenn du ganz sicher gehen willst, scanne noch mal mit escan + mache einen Onlinescan mit panda ;)
http://virus-protect.org/onlinescan.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
30.06.2005, 17:16
...neu hier

Beiträge: 8
#23 Also das ist derAd-Ware-Log:


Ad-Aware SE Build 1.06r1
Logfile Created on;)onnerstag, 30. Juni 2005 16:07:50
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R51 21.06.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Alexa(TAC index:5):10 total references
Claria(TAC index:7):13 total references
MRU List(TAC index:0):33 total references
Tracking Cookie(TAC index:3):44 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R51 21.06.2005
Internal build : 59
File location : C:\Programme\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 483435 Bytes
Total size : 1461660 Bytes
Signature data size : 1429955 Bytes
Reference data size : 31193 Bytes
Signatures total : 40756
CSI Fingerprints total : 906
CSI data size : 31253 Bytes
Target categories : 15
Target families : 694


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:39 %
Total physical memory:261620 kb
Available physical memory:100720 kb
Total page file size:633492 kb
Available on page file:493100 kb
Total virtual memory:2097024 kb
Available virtual memory:2047864 kb
OS:Microsoft Windows XP Home Edition Service Pack 1 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


30.06.2005 16:07:50 - Scan started. (Custom mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 420
ThreadCreationTime : 30.06.2005 14:06:16
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 468
ThreadCreationTime : 30.06.2005 14:06:17
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 492
ThreadCreationTime : 30.06.2005 14:06:17
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 536
ThreadCreationTime : 30.06.2005 14:06:18
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Anwendung für Dienste und Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 548
ThreadCreationTime : 30.06.2005 14:06:18
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 728
ThreadCreationTime : 30.06.2005 14:06:18
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 780
ThreadCreationTime : 30.06.2005 14:06:18
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 896
ThreadCreationTime : 30.06.2005 14:06:19
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 964
ThreadCreationTime : 30.06.2005 14:06:19
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1076
ThreadCreationTime : 30.06.2005 14:06:20
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:11 [naviagent.exe]
FilePath : C:\Programme\VeriSign\NAVI\
ProcessID : 1216
ThreadCreationTime : 30.06.2005 14:06:28
BasePriority : Normal
FileVersion : 2.0.0.14
ProductVersion : 2.0.0.14
ProductName : NAVI Agent
CompanyName : VeriSign, Inc.
FileDescription : VeriSign Software Update Agent
InternalName : naviagent.exe
LegalCopyright : Copyright © VeriSign, Inc. 2002-2004
OriginalFilename : naviagent.exe

#:12 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1592
ThreadCreationTime : 30.06.2005 14:06:38
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : EXPLORER.EXE

#:13 [navicl~1.exe]
FilePath : C:\PROGRA~1\VeriSign\NAVI\
ProcessID : 1660
ThreadCreationTime : 30.06.2005 14:06:38
BasePriority : Normal
FileVersion : 2.0.1.0
ProductVersion : 2.0.1.0
ProductName : NAVI Client
CompanyName : VeriSign, Inc.
FileDescription : VeriSign Software Update Client
InternalName : naviclient.exe
LegalCopyright : Copyright © VeriSign, Inc. 2002-2004
OriginalFilename : naviclient.exe

#:14 [soundman.exe]
FilePath : C:\WINDOWS\
ProcessID : 1748
ThreadCreationTime : 30.06.2005 14:06:38
BasePriority : Normal
FileVersion : 5.0.05
ProductVersion : 5.0.05
ProductName : Avance Sound Manager
CompanyName : Avance Logic, Inc.
FileDescription : Avance Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright (c) 2001-2002 Avance Logic, Inc.
OriginalFilename : ALSMTray.exe
Comments : Avance AC97 Audio Sound Manager

#:15 [icqlite.exe]
FilePath : C:\Programme\ICQLite\
ProcessID : 1772
ThreadCreationTime : 30.06.2005 14:06:38
BasePriority : Normal
FileVersion : 20, 32, 2415, 0
ProductVersion : 20, 32, 2415, 0
ProductName : ICQLite
CompanyName : ICQ Ltd.
FileDescription : ICQLite
InternalName : ICQ Lite
LegalCopyright : Copyright (C) 2002
OriginalFilename : ICQLite.exe

#:16 [mm_tray.exe]
FilePath : C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 1780
ThreadCreationTime : 30.06.2005 14:06:38
BasePriority : Normal
FileVersion : 7.10.1070
ProductVersion : 7.10.1070
ProductName : MUSICMATCH JUKEBOX
CompanyName : MUSICMATCH, Inc.
FileDescription : mm_tray
InternalName : mm_tray
LegalCopyright : Copyright (c) MUSICMATCH 1998-2001
LegalTrademarks :
OriginalFilename : mm_tray.exe

#:17 [realsched.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Real\Update_OB\
ProcessID : 1788
ThreadCreationTime : 30.06.2005 14:06:38
BasePriority : Normal
FileVersion : 0.1.0.3275
ProductVersion : 0.1.0.3275
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:18 [msmsgs.exe]
FilePath : C:\Programme\Messenger\
ProcessID : 1796
ThreadCreationTime : 30.06.2005 14:06:38
BasePriority : Normal
FileVersion : 4.7.0041
ProductVersion : Version 4.7
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2001
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:19 [reader_sl.exe]
FilePath : C:\Programme\Adobe\Acrobat 7.0\Reader\
ProcessID : 1808
ThreadCreationTime : 30.06.2005 14:06:38
BasePriority : Normal
FileVersion : 7.0.0.0
ProductVersion : 7.0.0.0
ProductName : Adobe Acrobat
CompanyName : Adobe Systems Incorporated
FileDescription : Adobe Acrobat SpeedLauncher
LegalCopyright : Copyright Adobe Systems Incorporated 2004
OriginalFilename : AcroSpeedLaunch.exe

#:20 [wuauclt.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1008
ThreadCreationTime : 30.06.2005 14:07:16
BasePriority : Normal
FileVersion : 5.8.0.2469 built by: lab01_n(wmbla)
ProductVersion : 5.8.0.2469
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Automatische Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : wuauclt.exe

#:21 [wmiprvse.exe]
FilePath : C:\WINDOWS\System32\wbem\
ProcessID : 1116
ThreadCreationTime : 30.06.2005 14:07:17
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:22 [ad-aware.exe]
FilePath : C:\Programme\Lavasoft\Ad-Aware SE Personal\
ProcessID : 1268
ThreadCreationTime : 30.06.2005 14:07:23
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:23 [wuauclt.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1284
ThreadCreationTime : 30.06.2005 14:07:31
BasePriority : Normal
FileVersion : 5.8.0.2469 built by: lab01_n(wmbla)
ProductVersion : 5.8.0.2469
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Automatische Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : wuauclt.exe

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Claria Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GEF

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : uets

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GMI128

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GMI

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : LastInstall

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : PAK

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GMI64

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : SSeq

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : SEvt

Alexa Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuStatusBar

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Script

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : clsid

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Icon

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : HotIcon

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : ButtonText

Claria Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\gator.com

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 21
Objects found so far: 21


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21

MRU List Object Recognized!
Location: : C:\Dokumente und Einstellungen\Pablo\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\office\11.0\powerpoint\recent file list
Description : list of recent files used by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\office\11.0\powerpoint\recent typeface list
Description : list of recently used typefaces in microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\office\11.0\word\recent templates
Description : list of recent templates used by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : software\musicmatch
Description : download location of the musicmatch installer


MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv
Description : file conversion location settings in musicmatch jukebox


MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio
Description : information on the last station listened to using musicmatch radio


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history



Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : pablo@valueclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:pablo@valueclick.com/
Expires : 24.06.2030 12:01:42
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : pablo@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:pablo@mediaplex.com/
Expires : 22.06.2009 02:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : pablo@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:pablo@atdmt.com/
Expires : 29.06.2010 02:00:00
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : pablo@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:pablo@doubleclick.net/
Expires : 30.06.2005 15:47:14
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : pablo@as-eu.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:100
Value : Cookie:pablo@as-eu.falkag.net/
Expires : 30.06.2006 14:03:42
LastSync : Hits:100
UseCount : 0
Hits : 100

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : pablo@servedby.netshelter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:pablo@servedby.netshelter.net/
Expires : 07.07.2005 14:55:44
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : pablo@questionmarket[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:pablo@questionmarket.com/
Expires : 21.08.2006 05:17:28
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : pablo@as1.falkag[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:pablo@as1.falkag.de/
Expires : 30.07.2005 14:03:26
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : pablo@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:pablo@adtech.de/
Expires : 28.06.2015 12:01:44
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : pablo@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:pablo@2o7.net/
Expires : 29.06.2010 13:11:02
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 10
Objects found so far: 64



Deep scanning and examining files (C;)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mama@as1.falkag[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Mama\Cookies\mama@as1.falkag[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mama@cgi-bin[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Mama\Cookies\mama@cgi-bin[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mama@doubleclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Mama\Cookies\mama@doubleclick[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mama@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Mama\Cookies\mama@mediaplex[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mama@overture[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Mama\Cookies\mama@overture[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mama@realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Mama\Cookies\mama@realmedia[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mama@tripod[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Mama\Cookies\mama@tripod[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@2o7[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@2o7[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@adtech[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@adverserve[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@adverserve[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@advertising[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@advertising[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@apmebf[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@apmebf[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@as-eu.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@as-eu.falkag[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@as1.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@as1.falkag[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@atdmt[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@bravenet[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@bravenet[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@bs.serving-sys[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@bs.serving-sys[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@casalemedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@casalemedia[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@cgi-bin[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@cgi-bin[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@domainsponsor[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@domainsponsor[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@landing.domainsponsor[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@landing.domainsponsor[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@mediaplex[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@overture[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@overture[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@partners.webmasterplan[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@partners.webmasterplan[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@qksrv[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@qksrv[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@questionmarket[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@questionmarket[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@servedby.advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@servedby.advertising[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@serving-sys[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@tradedoubler[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@tradedoubler[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@tribalfusion[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@tribalfusion[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@valueclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@valueclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@valuecommerce[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@valuecommerce[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : papa@zedo[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@zedo[1].txt

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 98


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 98




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Claria Object Recognized!
Type : File
Data : HDPlugin1101.dll
TAC Rating : 7
Category : Data Miner
Comment :
Object : C:\WINDOWS\downloaded program files\
FileVersion : 1.1.0.1
ProductVersion : 1.1.0.1
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : Claria HD plugin for Internet Explorer
InternalName : HDPlugin.dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : HDPlugin.dll


Claria Object Recognized!
Type : File
Data : HDPlugin1101.inf
TAC Rating : 7
Category : Data Miner
Comment :
Object : C:\WINDOWS\downloaded program files\



Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 100

16:13:03 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:05:12.453
Objects scanned:114685
Objects identified:67
Objects ignored:0
New critical objects:67

...


und ich hab mit panda gescannt. Hat 4 viren glaub ich gefunden, aber ja sowieso alle gelöscht ;)
Seitenanfang Seitenende
30.06.2005, 17:19
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#24 dann ist ja alles in Ordnung ;) Alles Gute fuer dich + PC
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
30.06.2005, 22:16
...neu hier

Beiträge: 8
#25 OK Dann danke ich dir vielmals ;)

Super Hilfe, find´ich klasse, das es sowas gibt ;)!

tschüss und dankeschön


donerman
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: