Home » Spyware & Browser Hijacker Support Forum » Irgendein "GAIN Zeugs" auf'm Rechner - Brauche Hilfe » Themenansicht
Irgendein "GAIN Zeugs" auf'm Rechner - Brauche Hilfe |
||
|---|---|---|
| #0
| ||
|
25.06.2005, 00:41
Ehrenmitglied
 Beiträge: 29434 |
||
 
|
|
|
|
26.06.2005, 18:06
...neu hier
Beiträge: 8 |
#17
Also ich habe dabei ein Problem! ich nutze xp und muss in den abgesicherten modus.
Das Problem ist, dass das irgendwie nicht geht... |
|
|
|
|
|
|
26.06.2005, 23:10
Ehrenmitglied
Beiträge: 29434 |
#18
siehst du einen blinkenden kursor ?
Dann warte einfach eine weile , bis alles geladen ist, dann wird es schon gehen  __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
27.06.2005, 20:38
...neu hier
Beiträge: 8 |
#19
Also der hat schon Viren gefunden:
-------------------------------------------------- -------------------- INFECTED -------------------- -------------------------------------------------- 1: Mon Jun 27 14:15:11 2005 => System found infected with Gator Spyware/Adware ({21FFB6C0-0DA1-11D5-A9D5-00500413153C})! Action taken: No Action Taken. 2: Mon Jun 27 14:15:12 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken. 3: Mon Jun 27 14:16:00 2005 => File C:\WINDOWS\hta1.hta infected by "Trojan.VBS.LowZones.a" Virus! Action Taken: No Action Taken. 4: Mon Jun 27 14:16:00 2005 => File C:\WINDOWS\hta2.hta infected by "Trojan.VBS.LowZones.a" Virus! Action Taken: No Action Taken. 5: Mon Jun 27 14:16:00 2005 => File C:\WINDOWS\hta3.hta infected by "Trojan.VBS.LowZones.a" Virus! Action Taken: No Action Taken. 6: Mon Jun 27 14:16:00 2005 => File C:\WINDOWS\hta6.hta infected by "Trojan.VBS.LowZones.a" Virus! Action Taken: No Action Taken. 7: Mon Jun 27 14:48:05 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP39\A0008123.exe infected by "Trojan.Win32.Chantal" Virus! Action Taken: No Action Taken. 8: Mon Jun 27 14:48:05 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP39\A0008129.exe infected by "Trojan.Win32.VB.ao" Virus! Action Taken: No Action Taken. 9: Mon Jun 27 14:50:06 2005 => File C:\WINDOWS\hta1.hta infected by "Trojan.VBS.LowZones.a" Virus! Action Taken: No Action Taken. 10: Mon Jun 27 14:50:06 2005 => File C:\WINDOWS\hta2.hta infected by "Trojan.VBS.LowZones.a" Virus! Action Taken: No Action Taken. 11: Mon Jun 27 14:50:06 2005 => File C:\WINDOWS\hta3.hta infected by "Trojan.VBS.LowZones.a" Virus! Action Taken: No Action Taken. 12: Mon Jun 27 14:50:06 2005 => File C:\WINDOWS\hta6.hta infected by "Trojan.VBS.LowZones.a" Virus! Action Taken: No Action Taken. -------------------------------------------------- --------------------- TAGGED --------------------- -------------------------------------------------- 1: Mon Jun 27 14:15:59 2005 => File C:\WINDOWS\100087.exe tagged as "not-a-virus  ialer.Win32.PlayGames". Action Taken: No Action Taken.2: Mon Jun 27 14:15:59 2005 => File C:\WINDOWS\100088.exe tagged as "not-a-virus ialer.Win32.PlayGames". Action Taken: No Action Taken.3: Mon Jun 27 14:15:59 2005 => File C:\WINDOWS\100089.exe tagged as "not-a-virus ialer.Win32.PlayGames". Action Taken: No Action Taken.4: Mon Jun 27 14:24:21 2005 => File C:\Dokumente und Einstellungen\Mama\Lokale Einstellungen\Temporary Internet Files\Content.IE5\664P3DEB\hdplugin_1101_bundle43v5d52[1].cab tagged as "not-a-virus:AdWare.Gator.1101". Action Taken: No Action Taken. 5: Mon Jun 27 14:48:21 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008423.exe tagged as "not-a-virus:AdWare.Gator.3010". Action Taken: No Action Taken. 6: Mon Jun 27 14:48:21 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008426.exe tagged as "not-a-virus:AdWare.ToolBar.DashBar.a". Action Taken: No Action Taken. 7: Mon Jun 27 14:48:22 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008429.dll tagged as "not-a-virus:AdWare.Gator.5115". Action Taken: No Action Taken. 8: Mon Jun 27 14:48:22 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008430.exe tagged as "not-a-virus:AdWare.Gator.6034". Action Taken: No Action Taken. 9: Mon Jun 27 14:48:22 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008433.dll tagged as "not-a-virus:AdWare.Gator.3124". Action Taken: No Action Taken. 10: Mon Jun 27 14:48:22 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008434.dll tagged as "not-a-virus:AdWare.Gator.6041". Action Taken: No Action Taken. 11: Mon Jun 27 14:48:22 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008435.dll tagged as "not-a-virus:AdWare.Gator.6041". Action Taken: No Action Taken. 12: Mon Jun 27 14:48:22 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008436.dll tagged as "not-a-virus:AdWare.Gator.6051". Action Taken: No Action Taken. 13: Mon Jun 27 14:48:22 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008438.dll tagged as "not-a-virus:AdWare.Gator.6051". Action Taken: No Action Taken. 14: Mon Jun 27 14:48:22 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008439.dll tagged as "not-a-virus:AdWare.Gator.6051". Action Taken: No Action Taken. 15: Mon Jun 27 14:48:23 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008468.dll tagged as "not-a-virus:AdWare.Gator.5017". Action Taken: No Action Taken. 16: Mon Jun 27 14:48:23 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008469.dll tagged as "not-a-virus:AdWare.Gator.6041". Action Taken: No Action Taken. 17: Mon Jun 27 14:48:23 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008470.exe tagged as "not-a-virus:AdWare.Gator.5112". Action Taken: No Action Taken. 18: Mon Jun 27 14:48:24 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008472.exe tagged as "not-a-virus:AdWare.Gator.7106". Action Taken: No Action Taken. 19: Mon Jun 27 14:48:24 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008474.exe tagged as "not-a-virus:AdWare.Gator.f". Action Taken: No Action Taken. 20: Mon Jun 27 14:48:24 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008475.exe tagged as "not-a-virus:AdWare.Gator.a". Action Taken: No Action Taken. 21: Mon Jun 27 14:48:24 2005 => File C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP43\A0008476.exe tagged as "not-a-virus:AdWare.Gator.a". Action Taken: No Action Taken. 22: Mon Jun 27 14:48:50 2005 => File C:\WINDOWS\100087.exe tagged as "not-a-virus ialer.Win32.PlayGames". Action Taken: No Action Taken.23: Mon Jun 27 14:48:50 2005 => File C:\WINDOWS\100088.exe tagged as "not-a-virus ialer.Win32.PlayGames". Action Taken: No Action Taken.24: Mon Jun 27 14:48:50 2005 => File C:\WINDOWS\100089.exe tagged as "not-a-virus ialer.Win32.PlayGames". Action Taken: No Action Taken.25: Mon Jun 27 14:48:54 2005 => File C:\WINDOWS\Downloaded Program Files\HDPlugin1101.dll tagged as "not-a-virus:AdWare.Gator.1101". Action Taken: No Action Taken. -------------------------------------------------- --------------------- ERRORS --------------------- -------------------------------------------------- 1: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\naviagent.exe". Action Taken: No Action Taken. 2: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\naviservice.dll". Action Taken: No Action Taken. 3: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\xcode_2_0_1.dll". Action Taken: No Action Taken. 4: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\naviservice.dll". Action Taken: No Action Taken. 5: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\naviagent.exe". Action Taken: No Action Taken. 6: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\naviclient.exe". Action Taken: No Action Taken. 7: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\vrsncom_1_0_2.dll". Action Taken: No Action Taken. 8: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\xcode_2_0_1.dll". Action Taken: No Action Taken. 9: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\i-nav_4_2_1.dll". Action Taken: No Action Taken. 10: Mon Jun 27 14:15:42 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\System32\pxsfs.dll". Action Taken: No Action Taken. 11: Mon Jun 27 14:15:43 2005 => Entry "HKCR\CLSID\{1EFD6A40-3999-11CF-9150-00AA0059F70D}" refers to invalid object "D:\PROGRAM\32\mci32.ocx". Action Taken: No Action Taken. 12: Mon Jun 27 14:15:44 2005 => Entry "HKCR\CLSID\{3775D2E0-7C5D-11CF-899E-00AA00688B10}" refers to invalid object "D:\PROGRAM\32\mci32.ocx". Action Taken: No Action Taken. 13: Mon Jun 27 14:15:45 2005 => Entry "HKCR\CLSID\{88E729D6-BDC1-11D1-BD2A-00C04FB9603F}" refers to invalid object "fde.dll". Action Taken: No Action Taken. 14: Mon Jun 27 14:15:46 2005 => Entry "HKCR\CLSID\{C1A8AF25-1257-101B-8FB0-0020AF039CA3}" refers to invalid object "D:\PROGRAM\32\mci32.ocx". Action Taken: No Action Taken. 15: Mon Jun 27 14:32:13 2005 => ERROR!!! FindFirstFile For C:\Dokumente und Einstellungen\Papa\Eigene Dateien\EKOL Yurtdisi Egitim Danismanligi - Iletisim-Dateien\*.* Failed!!! Reason is Das System kann den angegebenen Pfad nicht finden. (0x3) 16: Mon Jun 27 14:32:13 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\Papa\Eigene Dateien\EKOL Yurtdisi Egitim Danismanligi - Iletisim.htm: Scanning Failure!!! 17: Mon Jun 27 14:32:13 2005 => ERROR!!! ScanFile fails for C:\Dokumente und Einstellungen\Papa\Eigene Dateien\EKOL Yurtdisi Egitim Danismanligi - Iletisim.htm 18: Mon Jun 27 14:40:46 2005 => Result: ERROR!!! File C:\Dokumente und Einstellungen\Papa\Recent\EKOL Yurtdisi Egitim Danismanligi - Iletisim.lnk: Scanning Failure!!! 19: Mon Jun 27 14:40:46 2005 => ERROR!!! ScanFile fails for C:\Dokumente und Einstellungen\Papa\Recent\EKOL Yurtdisi Egitim Danismanligi - Iletisim.lnk -------------------------------------------------- -------- DATEIEN ZUM LÖSCHEN HINZUGEFÜGT --------- -------------------------------------------------- 1: C:\WINDOWS\hta1.hta => Trojan.VBS.LowZones.a 2: C:\WINDOWS\hta2.hta => Trojan.VBS.LowZones.a 3: C:\WINDOWS\hta3.hta => Trojan.VBS.LowZones.a 4: C:\WINDOWS\hta6.hta => Trojan.VBS.LowZones.a 5: C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP39\A0008123.exe => Trojan.Win32.Chantal 6: C:\System Volume Information\_restore{F40F4AE1-39BD-4940-8194-DFEA1FBC76BE}\RP39\A0008129.exe => Trojan.Win32.VB.ao -------------------------------------------------- -------------------- Statistik ------------------- -------------------------------------------------- Mon Jun 27 14:54:02 2005 => Total Objects Scanned: 82908 Mon Jun 27 14:54:02 2005 => Total Virus(es) Found: 41 Mon Jun 27 14:54:02 2005 => Total Errors: 17 Mon Jun 27 14:54:02 2005 => Virus Database Date: 2005/06/27 Mon Jun 27 14:54:02 2005 => Virus Database Count: 136658 |
|
|
|
|
|
|
27.06.2005, 23:46
Ehrenmitglied
Beiträge: 29434 |
#20
Hallo@Donerman
•KillBox http://bilder.informationsarchiv.net/Nikitas_Tools/KillBox.zip Anleitung: (bebildert) http://virus-protect.org/killbox.html •Delete File on Reboot <--anhaken und klicke auf das rote Kreuz, wenn gefragt wird, ob "Do you want to reboot? "----> klicke auf "no",und kopiere das naechste rein, erst beim letzten auf "yes" ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- C:\WINDOWS\Downloaded Program Files\HDPlugin1101.dll C:\WINDOWS\hta1.hta C:\WINDOWS\hta2.hta C:\WINDOWS\hta3.hta C:\WINDOWS\hta6.hta C:\WINDOWS\100087.exe C:\WINDOWS\100088.exe C:\WINDOWS\100089.exe C:\Dokumente und Einstellungen\Mama\Lokale Einstellungen\Temporary Internet Files\Content.IE5\664P3DEB\hdplugin_1101_bundle43v5d52[1].cab PC neustarten Deaktivieren Wiederherstellung «XP Arbeitsplatz-->rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren. dann aktiviere sie wieder CCleaner--> loesche alle *temp-Datein http://virus-protect.org/temp.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
29.06.2005, 23:57
...neu hier
Beiträge: 8 |
#21
Gut! Wenn ich im letzten Schritt nur ganz normal bei IE-Extras-Internetoptionen den Verlauf, COokies und Dateien löschen musste habe ichs
 .Ist jetzt alles in Ordnung? ^^ |
|
|
|
|
|
|
30.06.2005, 00:18
Ehrenmitglied
Beiträge: 29434 |
#22
Hallo@
•Ad-aware SE Personal http://virus-protect.org/antispywaretools.html Laden--> Updaten-->Konfigurieren http://virus-protect.org/adaware.html #VOR jedem Scanvorgang das Programm Updaten! waehrend des Scanvorganges müssen ALLE sonstige Anwendungen beendet werden und alle Browserfenster müssen geschlossen sein! scannen-->PC neustarten--> noch mal scannen--> poste das Log vom Scann wenn du ganz sicher gehen willst, scanne noch mal mit escan + mache einen Onlinescan mit panda http://virus-protect.org/onlinescan.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
30.06.2005, 17:16
...neu hier
Beiträge: 8 |
#23
Also das ist derAd-Ware-Log:
Ad-Aware SE Build 1.06r1 Logfile Created on onnerstag, 30. Juni 2005 16:07:50Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R51 21.06.2005 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Alexa(TAC index:5):10 total references Claria(TAC index:7):13 total references MRU List(TAC index:0):33 total references Tracking Cookie(TAC index:3):44 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Definition File: ========================= Definitions File Loaded: Reference Number : SE1R51 21.06.2005 Internal build : 59 File location : C:\Programme\Lavasoft\Ad-Aware SE Personal\defs.ref File size : 483435 Bytes Total size : 1461660 Bytes Signature data size : 1429955 Bytes Reference data size : 31193 Bytes Signatures total : 40756 CSI Fingerprints total : 906 CSI data size : 31253 Bytes Target categories : 15 Target families : 694 Memory + processor status: ========================== Number of processors : 1 Processor architecture : Intel Pentium IV Memory available:39 % Total physical memory:261620 kb Available physical memory:100720 kb Total page file size:633492 kb Available on page file:493100 kb Total virtual memory:2097024 kb Available virtual memory:2047864 kb OS:Microsoft Windows XP Home Edition Service Pack 1 (Build 2600) Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan within archives Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 30.06.2005 16:07:50 - Scan started. (Custom mode) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 420 ThreadCreationTime : 30.06.2005 14:06:16 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 468 ThreadCreationTime : 30.06.2005 14:06:17 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 492 ThreadCreationTime : 30.06.2005 14:06:17 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 536 ThreadCreationTime : 30.06.2005 14:06:18 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Anwendung für Dienste und Controller InternalName : services.exe LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 548 ThreadCreationTime : 30.06.2005 14:06:18 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 728 ThreadCreationTime : 30.06.2005 14:06:18 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 780 ThreadCreationTime : 30.06.2005 14:06:18 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 896 ThreadCreationTime : 30.06.2005 14:06:19 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 964 ThreadCreationTime : 30.06.2005 14:06:19 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1076 ThreadCreationTime : 30.06.2005 14:06:20 BasePriority : Normal FileVersion : 5.1.2600.0 (XPClient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:11 [naviagent.exe] FilePath : C:\Programme\VeriSign\NAVI\ ProcessID : 1216 ThreadCreationTime : 30.06.2005 14:06:28 BasePriority : Normal FileVersion : 2.0.0.14 ProductVersion : 2.0.0.14 ProductName : NAVI Agent CompanyName : VeriSign, Inc. FileDescription : VeriSign Software Update Agent InternalName : naviagent.exe LegalCopyright : Copyright © VeriSign, Inc. 2002-2004 OriginalFilename : naviagent.exe #:12 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 1592 ThreadCreationTime : 30.06.2005 14:06:38 BasePriority : Normal FileVersion : 6.00.2800.1106 (xpsp1.020828-1920) ProductVersion : 6.00.2800.1106 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : EXPLORER.EXE #:13 [navicl~1.exe] FilePath : C:\PROGRA~1\VeriSign\NAVI\ ProcessID : 1660 ThreadCreationTime : 30.06.2005 14:06:38 BasePriority : Normal FileVersion : 2.0.1.0 ProductVersion : 2.0.1.0 ProductName : NAVI Client CompanyName : VeriSign, Inc. FileDescription : VeriSign Software Update Client InternalName : naviclient.exe LegalCopyright : Copyright © VeriSign, Inc. 2002-2004 OriginalFilename : naviclient.exe #:14 [soundman.exe] FilePath : C:\WINDOWS\ ProcessID : 1748 ThreadCreationTime : 30.06.2005 14:06:38 BasePriority : Normal FileVersion : 5.0.05 ProductVersion : 5.0.05 ProductName : Avance Sound Manager CompanyName : Avance Logic, Inc. FileDescription : Avance Sound Manager InternalName : ALSMTray LegalCopyright : Copyright (c) 2001-2002 Avance Logic, Inc. OriginalFilename : ALSMTray.exe Comments : Avance AC97 Audio Sound Manager #:15 [icqlite.exe] FilePath : C:\Programme\ICQLite\ ProcessID : 1772 ThreadCreationTime : 30.06.2005 14:06:38 BasePriority : Normal FileVersion : 20, 32, 2415, 0 ProductVersion : 20, 32, 2415, 0 ProductName : ICQLite CompanyName : ICQ Ltd. FileDescription : ICQLite InternalName : ICQ Lite LegalCopyright : Copyright (C) 2002 OriginalFilename : ICQLite.exe #:16 [mm_tray.exe] FilePath : C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\ ProcessID : 1780 ThreadCreationTime : 30.06.2005 14:06:38 BasePriority : Normal FileVersion : 7.10.1070 ProductVersion : 7.10.1070 ProductName : MUSICMATCH JUKEBOX CompanyName : MUSICMATCH, Inc. FileDescription : mm_tray InternalName : mm_tray LegalCopyright : Copyright (c) MUSICMATCH 1998-2001 LegalTrademarks : OriginalFilename : mm_tray.exe #:17 [realsched.exe] FilePath : C:\Programme\Gemeinsame Dateien\Real\Update_OB\ ProcessID : 1788 ThreadCreationTime : 30.06.2005 14:06:38 BasePriority : Normal FileVersion : 0.1.0.3275 ProductVersion : 0.1.0.3275 ProductName : RealPlayer (32-bit) CompanyName : RealNetworks, Inc. FileDescription : RealNetworks Scheduler InternalName : schedapp LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004 LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc. OriginalFilename : realsched.exe #:18 [msmsgs.exe] FilePath : C:\Programme\Messenger\ ProcessID : 1796 ThreadCreationTime : 30.06.2005 14:06:38 BasePriority : Normal FileVersion : 4.7.0041 ProductVersion : Version 4.7 ProductName : Messenger CompanyName : Microsoft Corporation FileDescription : Messenger InternalName : msmsgs LegalCopyright : Copyright (c) Microsoft Corporation 1997-2001 LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries. OriginalFilename : msmsgs.exe #:19 [reader_sl.exe] FilePath : C:\Programme\Adobe\Acrobat 7.0\Reader\ ProcessID : 1808 ThreadCreationTime : 30.06.2005 14:06:38 BasePriority : Normal FileVersion : 7.0.0.0 ProductVersion : 7.0.0.0 ProductName : Adobe Acrobat CompanyName : Adobe Systems Incorporated FileDescription : Adobe Acrobat SpeedLauncher LegalCopyright : Copyright Adobe Systems Incorporated 2004 OriginalFilename : AcroSpeedLaunch.exe #:20 [wuauclt.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1008 ThreadCreationTime : 30.06.2005 14:07:16 BasePriority : Normal FileVersion : 5.8.0.2469 built by: lab01_n(wmbla) ProductVersion : 5.8.0.2469 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Automatische Updates InternalName : wuauclt.exe LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : wuauclt.exe #:21 [wmiprvse.exe] FilePath : C:\WINDOWS\System32\wbem\ ProcessID : 1116 ThreadCreationTime : 30.06.2005 14:07:17 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : WMI InternalName : Wmiprvse.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : Wmiprvse.exe #:22 [ad-aware.exe] FilePath : C:\Programme\Lavasoft\Ad-Aware SE Personal\ ProcessID : 1268 ThreadCreationTime : 30.06.2005 14:07:23 BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved #:23 [wuauclt.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1284 ThreadCreationTime : 30.06.2005 14:07:31 BasePriority : Normal FileVersion : 5.8.0.2469 built by: lab01_n(wmbla) ProductVersion : 5.8.0.2469 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Automatische Updates InternalName : wuauclt.exe LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : wuauclt.exe Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Claria Object Recognized! Type : Regkey Data : TAC Rating : 7 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} Claria Object Recognized! Type : RegValue Data : TAC Rating : 7 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} Value : GEF Claria Object Recognized! Type : RegValue Data : TAC Rating : 7 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} Value : uets Claria Object Recognized! Type : RegValue Data : TAC Rating : 7 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} Value : GMI128 Claria Object Recognized! Type : RegValue Data : TAC Rating : 7 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} Value : GMI Claria Object Recognized! Type : RegValue Data : TAC Rating : 7 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} Value : LastInstall Claria Object Recognized! Type : RegValue Data : TAC Rating : 7 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} Value : PAK Claria Object Recognized! Type : RegValue Data : TAC Rating : 7 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} Value : GMI64 Claria Object Recognized! Type : RegValue Data : TAC Rating : 7 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} Value : SSeq Claria Object Recognized! Type : RegValue Data : TAC Rating : 7 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c} Value : SEvt Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : MenuStatusBar Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : Script Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : clsid Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : Icon Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : HotIcon Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : ButtonText Claria Object Recognized! Type : Regkey Data : TAC Rating : 7 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\gator.com Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}" Rootkey : HKEY_USERS Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a} Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}" Rootkey : HKEY_USERS Object : S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a} Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}" Rootkey : HKEY_USERS Object : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\internet explorer\extensions\cmdmapping Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a} Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 21 Objects found so far: 21 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 21 MRU List Object Recognized! Location: : C:\Dokumente und Einstellungen\Pablo\recent Description : list of recently opened documents MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\internet explorer\main Description : last save directory used in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\internet explorer\typedurls Description : list of recently entered addresses in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\mediaplayer\player\recentfilelist Description : list of recently used files in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\mediaplayer\player\settings Description : last open directory used in jasc paint shop pro MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\microsoft management console\recent file list Description : list of recent snap-ins used in the microsoft management console MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\office\11.0\powerpoint\recent file list Description : list of recent files used by microsoft powerpoint MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\office\11.0\powerpoint\recent typeface list Description : list of recently used typefaces in microsoft powerpoint MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\office\11.0\word\recent templates Description : list of recent templates used by microsoft word MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\search assistant\acmru Description : list of recent search terms used with the search assistant MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\windows\currentversion\applets\paint\recent file list Description : list of files recently opened using microsoft paint MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\windows\currentversion\applets\regedit Description : last key accessed using the microsoft registry editor MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\windows\currentversion\applets\wordpad\recent file list Description : list of recent files opened using wordpad MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : software\musicmatch Description : download location of the musicmatch installer MRU List Object Recognized! Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv Description : file conversion location settings in musicmatch jukebox MRU List Object Recognized! Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio Description : information on the last station listened to using musicmatch radio MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\realnetworks\realplayer\6.0\preferences Description : list of recent skins in realplayer MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\realnetworks\realplayer\6.0\preferences Description : list of recent clips in realplayer MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\realnetworks\realplayer\6.0\preferences Description : last login time in realplayer MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-1275210071-790525478-682003330-1005\software\winrar\dialogedithistory\extrpath Description : winrar "extract-to" history Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : pablo@valueclick[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie  ablo@valueclick.com/Expires : 24.06.2030 12:01:42 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : pablo@mediaplex[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:2 Value : Cookie ablo@mediaplex.com/Expires : 22.06.2009 02:00:00 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : pablo@atdmt[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:3 Value : Cookie ablo@atdmt.com/Expires : 29.06.2010 02:00:00 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : pablo@doubleclick[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie ablo@doubleclick.net/Expires : 30.06.2005 15:47:14 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : pablo@as-eu.falkag[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:100 Value : Cookie ablo@as-eu.falkag.net/Expires : 30.06.2006 14:03:42 LastSync : Hits:100 UseCount : 0 Hits : 100 Tracking Cookie Object Recognized! Type : IECache Entry Data : pablo@servedby.netshelter[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:4 Value : Cookie ablo@servedby.netshelter.net/Expires : 07.07.2005 14:55:44 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : pablo@questionmarket[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie ablo@questionmarket.com/Expires : 21.08.2006 05:17:28 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : pablo@as1.falkag[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:3 Value : Cookie ablo@as1.falkag.de/Expires : 30.07.2005 14:03:26 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : pablo@adtech[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:3 Value : Cookie ablo@adtech.de/Expires : 28.06.2015 12:01:44 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : pablo@2o7[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:6 Value : Cookie ablo@2o7.net/Expires : 29.06.2010 13:11:02 LastSync : Hits:6 UseCount : 0 Hits : 6 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 10 Objects found so far: 64 Deep scanning and examining files (C »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : mama@as1.falkag[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Mama\Cookies\mama@as1.falkag[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : mama@cgi-bin[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Mama\Cookies\mama@cgi-bin[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : mama@doubleclick[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Mama\Cookies\mama@doubleclick[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : mama@mediaplex[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Mama\Cookies\mama@mediaplex[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : mama@overture[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Mama\Cookies\mama@overture[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : mama@realmedia[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Mama\Cookies\mama@realmedia[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : mama@tripod[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Mama\Cookies\mama@tripod[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@2o7[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@2o7[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@adtech[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@adtech[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@adverserve[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@adverserve[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@advertising[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@advertising[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@apmebf[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@apmebf[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@as-eu.falkag[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@as-eu.falkag[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@as1.falkag[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@as1.falkag[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@atdmt[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@atdmt[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@bravenet[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@bravenet[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@bs.serving-sys[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@bs.serving-sys[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@casalemedia[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@casalemedia[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@cgi-bin[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@cgi-bin[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@domainsponsor[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@domainsponsor[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@doubleclick[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@doubleclick[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@landing.domainsponsor[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@landing.domainsponsor[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@mediaplex[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@mediaplex[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@overture[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@overture[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@partners.webmasterplan[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@partners.webmasterplan[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@qksrv[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@qksrv[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@questionmarket[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@questionmarket[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@servedby.advertising[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@servedby.advertising[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@serving-sys[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@serving-sys[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@tradedoubler[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@tradedoubler[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@tribalfusion[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@tribalfusion[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@valueclick[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@valueclick[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@valuecommerce[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@valuecommerce[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : papa@zedo[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Dokumente und Einstellungen\Papa\Cookies\papa@zedo[1].txt Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 98 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 98 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Claria Object Recognized! Type : File Data : HDPlugin1101.dll TAC Rating : 7 Category : Data Miner Comment : Object : C:\WINDOWS\downloaded program files\ FileVersion : 1.1.0.1 ProductVersion : 1.1.0.1 ProductName : GAIN CompanyName : GAIN Publishing FileDescription : Claria HD plugin for Internet Explorer InternalName : HDPlugin.dll LegalCopyright : Copyright © 1999-2004 GAIN Publishing OriginalFilename : HDPlugin.dll Claria Object Recognized! Type : File Data : HDPlugin1101.inf TAC Rating : 7 Category : Data Miner Comment : Object : C:\WINDOWS\downloaded program files\ Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 2 Objects found so far: 100 16:13:03 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:05:12.453 Objects scanned:114685 Objects identified:67 Objects ignored:0 New critical objects:67 ... und ich hab mit panda gescannt. Hat 4 viren glaub ich gefunden, aber ja sowieso alle gelöscht
|
|
|
|
|
|
|
30.06.2005, 17:19
Ehrenmitglied
Beiträge: 29434 |
#24
dann ist ja alles in Ordnung
Alles Gute fuer dich + PC__________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
30.06.2005, 22:16
...neu hier
Beiträge: 8 |
#25
OK Dann danke ich dir vielmals
Super Hilfe, find´ich klasse, das es sowas gibt !tschüss und dankeschön donerman |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
wenn du magst...scanne mit escan
__________
MfG Sabina
rund um die PC-Sicherheit