TR/Krepper.Y und W32.Netsky |
||
---|---|---|
#0
| ||
28.12.2004, 19:24
Ehrenmitglied
Beiträge: 29434 |
||
|
||
28.12.2004, 19:31
Member
Beiträge: 19 |
#32
löschen des ordners c:/bases?
|
|
|
||
28.12.2004, 19:32
Ehrenmitglied
Beiträge: 29434 |
#33
ja, alles loeschen und dann neu erstellen und die neue mwav.exe reinkopieren und alles wie zuvor ausfuehren
Nur, dass diese EScan-Version loescht und nicht nur anzeigt Ich hatte sie dir nicht vorher gegeben, wegen der newdotnet6_38.dll, denn wenn die so einfach geloescht wird (ohne Lsp.fix) , kann es passieren. dass der WinsockVirus die Internetverbindung lahmlegt. __________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 28.12.2004 um 19:35 Uhr von Sabina editiert.
|
|
|
||
28.12.2004, 19:34
Member
Beiträge: 19 |
#34
vorher auch hier die systemwiederherst.löschen?
|
|
|
||
28.12.2004, 19:34
Ehrenmitglied
Beiträge: 29434 |
#35
na, die lass mal, die war ja schon deaktiviert.
__________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 28.12.2004 um 19:35 Uhr von Sabina editiert.
|
|
|
||
28.12.2004, 19:36
Member
Beiträge: 19 |
#36
sorry - ich meine deaktivieren ... mir schwirrt schon der kopf ..lach*
|
|
|
||
28.12.2004, 19:40
Ehrenmitglied
Beiträge: 29434 |
#37
nein, nun lass mal alles, wie es ist......
scanne mit mwav.exe im abgesicherten Modus und wenn das fertig ist, laedst und scannst du noch mit diesem Tool #Ad-aware SE Personal 1.05 Updated http://fileforum.betanews.com/detail/965718306/1 und postest mir das Logfile , sowie, was, eScan geloescht hat. + das neue Log vom HijackThis...dann ist wahrscheinlich alles o.k. __________ MfG Sabina rund um die PC-Sicherheit |
|
|
||
28.12.2004, 19:48
Member
Beiträge: 19 |
#38
Gut - Dein Wort in Gottes Ohr - :-)))
ich mache das jetzt in blindem Vertrauen, denn ich muß in den nächsten Tagen unbedingt ins Internet... aber erst mal einen Kaffee zur Beruhigung ! ich melde mich dann auf jeden Fall - wenn nicht, bin ich abgestürzt. Grüße anegada |
|
|
||
28.12.2004, 23:15
Member
Beiträge: 19 |
#39
Hallo Sabina,
mein pc und ich leben also noch ...na ja, ich wollte es ja so ..lach* Nachfolgend die gewünschten Logfiles - ganz schön umfangreich 1. HijackThis: Logfile of HijackThis v1.99.0 Scan saved at 23:02:23, on 28.12.2004 Platform: Windows ME (Win9x 4.90.3000) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\WINDOWS\EXPLORER.EXE C:\Programme\1&1 Programme\cFos\CFOSDW.EXE C:\PROGRAMME\1&1 PROGRAMME\CFOS\CFNDIS.EXE C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\LOADQM.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\UNZIPPED\HIJACKTHIS199_BETA\HIJACKTHIS.EXE R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.de/ F1 - win.ini: run=C:\PROGRA~1\1&1PRO~1\CFOS\cfosdw.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMME\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar1.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [D066UUtility] C:\WINDOWS\TWAIN_32\D66U\D066UUTY.EXE O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime O4 - HKLM\..\Run: [AVGCtrl] C:\PROGRAMME\AVPERSONAL\AVGCTRL.EXE /min O4 - HKLM\..\Run: [T-DSL SpeedMgr] "C:\PROGRAMME\T-DSL SPEEDMANAGER\SPEEDMGR.EXE" O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: GMX Clicktionary 2.8.lnk = C:\Programme\Clicktionary\Cleverlearn Clicktionary.exe O8 - Extra context menu item: &Google Search - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.html O8 - Extra context menu item: Im Cache gespeicherte Seite - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.html O8 - Extra context menu item: Ähnliche Seiten - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR1.DLL/cmsimilar.html O8 - Extra context menu item: Verweisseiten - res://C:\PROGRAMME\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.html O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com 2. von EScan ( wobei ich nicht weiß, ob und was gelöscht wurde ) Tue Dec 28 21:27:51 2004 => File C:\_RESTORE\ARCHIVE\FS13.CAB tagged as not-a-virus:AdWare.NewDotNet. No Action Taken. Tue Dec 28 21:27:51 2004 => File C:\_RESTORE\ARCHIVE\FS12.CAB tagged as not-a-virus:AdWare.NewDotNet. No Action Taken. Tue Dec 28 21:28:16 2004 => File C:\TEMP\Schaaaaf[1].exe tagged as not-a-virus:Simulator.Win16.Sheep. No Action Taken. Tue Dec 28 21:31:58 2004 => File C:\unzipped\setup_postpaket_2_3\setup_postpaket_2_3.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. Tue Dec 28 21:33:53 2004 => File D:\Eigene Dateien\Downloads\Schaaaaf[1].exe tagged as not-a-virus:Simulator.Win16.Sheep. No Action Taken. Tue Dec 28 21:38:17 2004 => ***** Scanning complete. ***** Tue Dec 28 21:38:17 2004 => Total Number of Files Scanned: 48250 Tue Dec 28 21:38:17 2004 => Total Number of Virus(es) Found: 5 Tue Dec 28 21:38:17 2004 => Total Number of Disinfected Files: 0 Tue Dec 28 21:38:17 2004 => Total Number of Files Renamed: 0 Tue Dec 28 21:38:17 2004 => Total Number of Deleted Files: 0 Tue Dec 28 21:38:17 2004 => Total Number of Errors: 17 Tue Dec 28 21:38:17 2004 => Time Elapsed: 00:46:53 Tue Dec 28 21:38:17 2004 => Virus Database Date: 2004/12/28 Tue Dec 28 21:38:17 2004 => Virus Database Count: 114094 Tue Dec 28 21:38:17 2004 => Scan Completed. 3. von Ad-Aware Ad-Aware SE Build 1.05 Logfile Created onienstag, 28. Dezember 2004 22:48:40 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R8 13.09.2004 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Alexa(TAC index:5):8 total references BrilliantDigital(TAC index:6):66 total references Cydoor(TAC index:7):63 total references DownloadWare(TAC index:8):7 total references MRU List(TAC index:0):29 total references NetworkEssentials(TAC index:7):4 total references Tracking Cookie(TAC index:3):13 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 28.12.2004 22:48:40 - Scan started. (Smart mode) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [KERNEL32.DLL] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4279180125 Threads : 4 Priority : High FileVersion : 4.90.3000 ProductVersion : 4.90.3000 ProductName : Betriebssystem Microsoft(R) Windows(R) Millennium CompanyName : Microsoft Corporation FileDescription : Kernkomponente des Win32-Kernel InternalName : KERNEL32 LegalCopyright : Copyright (C) Microsoft Corp. 1991-2000 OriginalFilename : KERNEL32.DLL #:2 [MSGSRV32.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294958525 Threads : 1 Priority : Normal FileVersion : 4.90.3000 ProductVersion : 4.90.3000 ProductName : Betriebssystem Microsoft(R) Windows(R) Millennium CompanyName : Microsoft Corporation FileDescription : Windows 32-Bit-VxD-Meldungsserver InternalName : MSGSRV32 LegalCopyright : Copyright (C) Microsoft Corp. 1992-1998 OriginalFilename : MSGSRV32.EXE #:3 [mmtask.tsk] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294950321 Threads : 1 Priority : Normal FileVersion : 4.90.3000 ProductVersion : 4.90.3000 ProductName : Microsoft Windows CompanyName : Microsoft Corporation FileDescription : Multimedia background task support module InternalName : mmtask.tsk LegalCopyright : Copyright © Microsoft Corp. 1991-2000 OriginalFilename : mmtask.tsk #:4 [MPREXE.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294948749 Threads : 1 Priority : Normal FileVersion : 4.90.3000 ProductVersion : 4.90.3000 ProductName : Microsoft(R) Windows(R) Millennium Operating System CompanyName : Microsoft Corporation FileDescription : WIN32 Network Interface Service Process InternalName : MPREXE LegalCopyright : Copyright (C) Microsoft Corp. 1993-2000 OriginalFilename : MPREXE.EXE #:5 [MSTASK.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294863073 Threads : 2 Priority : Normal FileVersion : 4.71.2721.1 ProductVersion : 4.71.2721.1 ProductName : Taskplaner für Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Taskplaner-Engine InternalName : TaskScheduler LegalCopyright : Copyright (C) Microsoft Corp. 1997 OriginalFilename : mstask.exe #:6 [STIMON.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294862637 Threads : 5 Priority : Normal FileVersion : 4.90.3000.1 ProductVersion : 4.90.3000.1 ProductName : Betriebssystem Microsoft(R) Windows(R) Millennium CompanyName : Microsoft Corporation FileDescription : Standbildgeräte-Monitor InternalName : STIMON LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000 OriginalFilename : STIMON.EXE #:7 [EXPLORER.EXE] FilePath : C:\WINDOWS\ ProcessID : 4294899909 Threads : 21 Priority : Normal FileVersion : 5.50.4134.100 ProductVersion : 5.50.4134.100 ProductName : Betriebssystem Microsoft(R) Windows (R) 2000 CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000 OriginalFilename : EXPLORER.EXE #:8 [CFOSDW.EXE] FilePath : C:\Programme\1&1 Programme\cFos\ ProcessID : 4294786125 Threads : 1 Priority : Normal #:9 [CFNDIS.EXE] FilePath : C:\PROGRAMME\1&1 PROGRAMME\CFOS\ ProcessID : 4294786873 Threads : 1 Priority : Normal #:10 [STMGR.EXE] FilePath : C:\WINDOWS\SYSTEM\RESTORE\ ProcessID : 4294829533 Threads : 5 Priority : Normal FileVersion : 4.90.0.2533 ProductVersion : 4.90.0.2533 ProductName : Microsoft (r) PCHealth CompanyName : Microsoft Corporation FileDescription : Microsoft (R) PC State Manager InternalName : StateMgr.exe LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000 OriginalFilename : StateMgr.exe #:11 [TASKMON.EXE] FilePath : C:\WINDOWS\ ProcessID : 4294724309 Threads : 1 Priority : Normal FileVersion : 4.90.3000 ProductVersion : 4.90.3000 ProductName : Microsoft(R) Windows(R) Millennium Operating System CompanyName : Microsoft Corporation FileDescription : Task Monitor InternalName : TaskMon LegalCopyright : Copyright (C) Microsoft Corp. 1998 OriginalFilename : TASKMON.EXE #:12 [SYSTRAY.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294723365 Threads : 2 Priority : Normal FileVersion : 4.90.3000 ProductVersion : 4.90.3000 ProductName : Betriebssystem Microsoft(R) Windows(R) Millennium CompanyName : Microsoft Corporation FileDescription : System Tray-Applet InternalName : SYSTRAY LegalCopyright : Copyright (C) Microsoft Corp. 1993-2000 OriginalFilename : SYSTRAY.EXE #:13 [LOADQM.EXE] FilePath : C:\WINDOWS\ ProcessID : 4294734489 Threads : 3 Priority : Normal FileVersion : 5.4.1103.3 ProductVersion : 5.4.1103.3 ProductName : QMgr Loader CompanyName : Microsoft Corporation FileDescription : Microsoft QMgr InternalName : LOADQM.EXE LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999 OriginalFilename : LOADQM.EXE #:14 [WMIEXE.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294653357 Threads : 3 Priority : Normal FileVersion : 4.90.2452.1 ProductVersion : 4.90.2452.1 ProductName : Microsoft(R) Windows(R) Millennium Operating System CompanyName : Microsoft Corporation FileDescription : WMI service exe housing InternalName : wmiexe LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999 OriginalFilename : wmiexe.exe #:15 [SPOOL32.EXE] FilePath : C:\WINDOWS\SYSTEM\ ProcessID : 4294701673 Threads : 2 Priority : Normal FileVersion : 4.90.3000 ProductVersion : 4.90.3000 ProductName : Microsoft(R) Windows(R) Millennium Operating System CompanyName : Microsoft Corporation FileDescription : Spooler Sub System Process InternalName : spool32 LegalCopyright : Copyright (C) Microsoft Corp. 1994 - 1998 OriginalFilename : spool32.exe #:16 [AD-AWARE.EXE] FilePath : C:\PROGRAMME\LAVASOFT\AD-AWARE SE PERSONAL\ ProcessID : 4294480613 Threads : 2 Priority : Normal FileVersion : 6.2.0.206 ProductVersion : VI.Second Edition ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Alexa Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : MenuText Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : MenuStatusBar Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : Script Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : clsid Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : Icon Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : HotIcon Alexa Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : ButtonText BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : .b3dini BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : .b3dini Value : BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : .b3ds BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : .b3ds Value : BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : b3dini_auto_file BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : b3dini_auto_file Value : BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : b3ds_auto_file BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : b3ds_auto_file Value : BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : b3d_auto_file BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : b3d_auto_file Value : BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : bdeplayer.bdeplayerctrl BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : bdeplayer.bdeplayerctrl Value : BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : bdeplayer.bdeplayerctrl.1 BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : bdeplayer.bdeplayerctrl.1 Value : BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : bdesmartinstaller25.bdesmartinstaller25 BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : bdesmartinstaller25.bdesmartinstaller25 Value : BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : bdesmartinstaller25.bdesmartinstaller25.1 BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : bdesmartinstaller25.bdesmartinstaller25.1 Value : BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{3eec42b5-fb94-40d3-a588-bb54b383a7cb} BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{3eec42b5-fb94-40d3-a588-bb54b383a7cb} Value : BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{51958169-d5e3-11d1-aa42-0000e842e40a} BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{51958169-d5e3-11d1-aa42-0000e842e40a} Value : BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{51958167-d5e3-11d1-aa42-0000e842e40a} BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{51958167-d5e3-11d1-aa42-0000e842e40a} Value : BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{51958168-d5e3-11d1-aa42-0000e842e40a} BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{51958168-d5e3-11d1-aa42-0000e842e40a} Value : BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{67925164-c4b6-11d2-b9c6-0000e84f59a6} BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{67925164-c4b6-11d2-b9c6-0000e84f59a6} Value : BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : s3d_auto_file BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : s3d_auto_file Value : BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : typelib\{51958166-d5e3-11d1-aa42-0000e842e40a} BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : typelib\{82fc7881-aacc-11d2-b9c6-0000e842e40a} BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\brilliant digital entertainment BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\brilliant digital entertainment BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\bdeplayer BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\bdeplayer Value : DisplayName BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\bdeplayer Value : UnInstallString Cydoor Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : UserCode Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : PrxyUrl Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : LastCMSConn Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : Vers Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : EnablePing Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : DHIS_2 Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : ShowChange Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : PrxyEnable Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : ProbeFsm Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : ProbeSec Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : General6 Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : General0 Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : DHIS_3 Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : DelHistDate Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : DHIS_0 Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : ConnType Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : DHIS_4 Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : HIS_5 Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : RHIS_5 Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : DHIS_5 Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : General5 Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : Desc2 Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : HIS_6 Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : RHIS_6 Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : DHIS_6 Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : HIS_7 Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : RHIS_7 Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor Value : DHIS_7 Cydoor Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\cydoor services Cydoor Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\cydoor Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\cydoor Value : AdwrCnt Cydoor Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\cydoor Value : C:\PROGRAMME\KAZAA\KAZAA.EXE DownloadWare Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\downloadware NetworkEssentials Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\webinstall NetworkEssentials Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\webinstall Value : Filename NetworkEssentials Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\webinstall Value : Version NetworkEssentials Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_USERS Object : .DEFAULT\software\webinstall Value : Guid Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 83 Objects found so far: 83 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 83 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : standard@as1.falkag[2].txt Category : Data Miner Comment : Hits:24 Value : Cookie:standard@as1.falkag.de/ Expires : 27.01.2005 20:41:10 LastSync : Hits:24 UseCount : 0 Hits : 24 Tracking Cookie Object Recognized! Type : IECache Entry Data : standard@hitbox[1].txt Category : Data Miner Comment : Hits:9 Value : Cookie:standard@hitbox.com/ Expires : 28.12.2005 19:24:02 LastSync : Hits:9 UseCount : 0 Hits : 9 Tracking Cookie Object Recognized! Type : IECache Entry Data : standard@advertising[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:standard@advertising.com/ Expires : 27.12.2009 19:21:20 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : standard@centrport[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:standard@centrport.net/ Expires : 01.01.2030 01:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : standard@servedby.netshelter[2].txt Category : Data Miner Comment : Hits:8 Value : Cookie:standard@servedby.netshelter.net/ Expires : 29.06.2021 14:48:54 LastSync : Hits:8 UseCount : 0 Hits : 8 Tracking Cookie Object Recognized! Type : IECache Entry Data : standard@doubleclick[1].txt Category : Data Miner Comment : Hits:17 Value : Cookie:standard@doubleclick.net/ Expires : 27.12.2007 22:33:32 LastSync : Hits:17 UseCount : 0 Hits : 17 Tracking Cookie Object Recognized! Type : IECache Entry Data : standard@servedby.advertising[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:standard@servedby.advertising.com/ Expires : 27.01.2005 19:21:20 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : standard@adtech[2].txt Category : Data Miner Comment : Hits:4 Value : Cookie:standard@adtech.de/ Expires : 26.12.2014 20:06:42 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : standard@ehg-idg.hitbox[2].txt Category : Data Miner Comment : Hits:4 Value : Cookie:standard@ehg-idg.hitbox.com/ Expires : 28.12.2005 19:24:02 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : standard@atdmt[2].txt Category : Data Miner Comment : Hits:8 Value : Cookie:standard@atdmt.com/ Expires : 26.12.2009 01:00:00 LastSync : Hits:8 UseCount : 0 Hits : 8 Tracking Cookie Object Recognized! Type : IECache Entry Data : standard@weborama[1].txt Category : Data Miner Comment : Hits:5 Value : Cookie:standard@weborama.fr/ Expires : 27.12.2006 22:32:56 LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : standard@mediaplex[1].txt Category : Data Miner Comment : Hits:3 Value : Cookie:standard@mediaplex.com/ Expires : 22.06.2009 01:00:00 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : standard@versiontracker[1].txt Category : Data Miner Comment : Hits:3 Value : Cookie:standard@versiontracker.com/ Expires : 28.12.2006 12:08:30 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 13 Objects found so far: 96 Deep scanning and examining files... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 96 BrilliantDigital Object Recognized! Type : File Data : bdedata2.dll Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\ FileVersion : 1, 0, 1, 9 ProductVersion : 1, 0, 0, 0 ProductName : BDEData Module CompanyName : Brilliant Digital Entertainment FileDescription : BDEData (Release) InternalName : BDEDATA LegalCopyright : Copyright 1999 OriginalFilename : BDEDATA2.DLL BrilliantDigital Object Recognized! Type : File Data : bdedownloader.dll Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\ FileVersion : 3, 0, 38, 0 ProductVersion : 3, 0, 38, 0 ProductName : Brilliant Digital Entertainment Inc. BDEDownloader CompanyName : Brilliant Digital Entertainment Inc. FileDescription : BDEDownloader InternalName : BDEDownloader LegalCopyright : Copyright © 2001 Brilliant Digital Entertainment Inc. OriginalFilename : BDEDownloader.dll BrilliantDigital Object Recognized! Type : File Data : bdefdi.dll Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\ FileVersion : 1, 0, 0, 7 ProductVersion : 1, 0, 0, 7 ProductName : Brilliant Digital Entertainment Inc. BDEFdiTest CompanyName : Brilliant Digital Entertainment Inc. FileDescription : BDEFdiTest InternalName : BDEFdiTest LegalCopyright : Copyright © 2000 OriginalFilename : BDEFdiTest.exe BrilliantDigital Object Recognized! Type : File Data : bdeload.dll Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\ FileVersion : 3, 0, 11, 0 ProductVersion : 3, 0, 11, 0 ProductName : Brilliant Digital Entertainment bdeload CompanyName : Brilliant Digital Entertainment FileDescription : bdeload InternalName : bdeload LegalCopyright : Copyright © 2000 OriginalFilename : bdeload.dll BrilliantDigital Object Recognized! Type : File Data : bderastmmx_30001.dll Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\ FileVersion : 3, 0, 22, 0 ProductVersion : 3, 0, 22, 0 ProductName : MMX16Rast CompanyName : Brilliant Digital FileDescription : MMX16Rast InternalName : MMX16Rast LegalCopyright : Copyright © 1999 - 2000 OriginalFilename : MMX16Rast.dll BrilliantDigital Object Recognized! Type : File Data : bderastdx6_30002.dll Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\ FileVersion : 3, 1, 2, 0 ProductVersion : 3, 1, 2, 0 ProductName : DX6Rast CompanyName : Brilliant Digital FileDescription : DX6Rast InternalName : DX6Rast LegalCopyright : Copyright © 1999 - 2000 OriginalFilename : DX6Rast.dll Disk Scan Result for C:\WINDOWS\SYSTEM »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 102 BrilliantDigital Object Recognized! Type : File Data : bdedata2.dll Category : Data Miner Comment : Object : C:\WINDOWS\TEMP\Brilliant\ FileVersion : 1, 0, 1, 9 ProductVersion : 1, 0, 0, 0 ProductName : BDEData Module CompanyName : Brilliant Digital Entertainment FileDescription : BDEData (Release) InternalName : BDEDATA LegalCopyright : Copyright 1999 OriginalFilename : BDEDATA2.DLL BrilliantDigital Object Recognized! Type : File Data : bdedownloader.dll Category : Data Miner Comment : Object : C:\WINDOWS\TEMP\Brilliant\ FileVersion : 3, 0, 38, 0 ProductVersion : 3, 0, 38, 0 ProductName : Brilliant Digital Entertainment Inc. BDEDownloader CompanyName : Brilliant Digital Entertainment Inc. FileDescription : BDEDownloader InternalName : BDEDownloader LegalCopyright : Copyright © 2001 Brilliant Digital Entertainment Inc. OriginalFilename : BDEDownloader.dll BrilliantDigital Object Recognized! Type : File Data : bdefdi.dll Category : Data Miner Comment : Object : C:\WINDOWS\TEMP\Brilliant\ FileVersion : 1, 0, 0, 7 ProductVersion : 1, 0, 0, 7 ProductName : Brilliant Digital Entertainment Inc. BDEFdiTest CompanyName : Brilliant Digital Entertainment Inc. FileDescription : BDEFdiTest InternalName : BDEFdiTest LegalCopyright : Copyright © 2000 OriginalFilename : BDEFdiTest.exe Disk Scan Result for C:\WINDOWS\TEMP\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 105 MRU List Object Recognized! Location: : .DEFAULT\software\nico mak computing\winzip\filemenu Description : winzip recently used archives MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows\currentversion\applets\wordpad\recent file list Description : list of recent files opened using wordpad MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows\currentversion\applets\paint\recent file list Description : list of files recently opened using microsoft paint MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\mediaplayer\player\recentfilelist Description : list of recently used files in microsoft windows media player MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\internet explorer\main Description : last save directory used in microsoft internet explorer MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : .DEFAULT\software\ahead\nero - burning rom\recent file list Description : list of recently used files in nero burning rom MRU List Object Recognized! Location: : .DEFAULT\software\google\navclient\1.1\history Description : list of recently used search terms in the google toolbar MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\mediaplayer\preferences Description : last cd record path used in microsoft windows media player MRU List Object Recognized! Location: : .DEFAULT\software\adobe\acrobat reader\5.0\avgeneral\crecentfiles Description : list of recently used files in adobe reader MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\mediaplayer\player\settings Description : last open directory used in jasc paint shop pro MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\mediaplayer\preferences Description : last playlist index loaded in microsoft windows media player MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows\currentversion\applets\regedit Description : last key accessed using the microsoft registry editor MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\mediaplayer\radio\mrulist Description : list of recently used stations in microsoft windows media player MRU List Object Recognized! Location: : .DEFAULT\software\macromedia\dreamweaver 4\recent file list Description : list of recently used files in macromedia dreamweaver MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\clipart gallery\2.0\mrudescription Description : most recently used description in microsoft clipart gallery MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\mediaplayer\player\recenturllist Description : list of recently used web addresses in microsoft windows media player MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\mediaplayer\preferences Description : last search path used in microsoft windows media player MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\mediaplayer\medialibraryui Description : last selected node in the microsoft windows media player media library MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general Description : windows media sdk Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : .b3d BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : .b3d Value : BrilliantDigital Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : .s3d BrilliantDigital Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : .s3d Value : BrilliantDigital Object Recognized! Type : Folder Category : Data Miner Comment : Object : C:\WINDOWS\TEMP\BDECache BrilliantDigital Object Recognized! Type : Folder Category : Data Miner Comment : Object : C:\WINDOWS\bde\b3dlogo BrilliantDigital Object Recognized! Type : File Data : setup.cab Category : Data Miner Comment : Object : C:\WINDOWS\bde\ BrilliantDigital Object Recognized! Type : File Data : bdeplayer2.dll Category : Data Miner Comment : Object : C:\WINDOWS\bde\ FileVersion : 3, 1, 15, 0 ProductVersion : 3, 1, 15, 0 ProductName : BDEPlayer CompanyName : Brilliant Digital FileDescription : BDEPlayer InternalName : BDEPlayer LegalCopyright : Copyright © 2000 OriginalFilename : BDEPlayer.dll BrilliantDigital Object Recognized! Type : File Data : BDEEngine2.dll Category : Data Miner Comment : Object : C:\WINDOWS\bde\ FileVersion : 3, 1, 11, 0 ProductVersion : 3, 1, 11, 0 ProductName : BDEEngine CompanyName : Brilliant Digital FileDescription : BDEEngine InternalName : BDEEngine LegalCopyright : Copyright © 2000 OriginalFilename : BDEEngine.dll BrilliantDigital Object Recognized! Type : File Data : bdeimage.dll Category : Data Miner Comment : Object : C:\WINDOWS\bde\ FileVersion : 3, 0, 18, 0 ProductVersion : 3, 0, 18, 0 ProductName : BDE BDEimage CompanyName : Brilliant Digital Entertainment FileDescription : BDEimage InternalName : BDEimage LegalCopyright : Copyright © 2001 OriginalFilename : BDEimage.dll BrilliantDigital Object Recognized! Type : File Data : npbdplay2.dll Category : Data Miner Comment : Object : C:\WINDOWS\bde\ FileVersion : 3, 0, 26, 0 ProductVersion : 3, 0, 26, 0 ProductName : Digital Projector v3.0.0.0 CompanyName : Brilliant Digital Entertainment FileDescription : ActiveX and Netscape Navigator Plug-in for Brilliant Digital Technology InternalName : npbdplay LegalCopyright : Copyright 2000 OriginalFilename : npbdplay.dll BrilliantDigital Object Recognized! Type : File Data : installb3d3105.cab Category : Data Miner Comment : Object : C:\WINDOWS\bde\cache\ BrilliantDigital Object Recognized! Type : File Data : installb3dviewer2.cab Category : Data Miner Comment : Object : C:\WINDOWS\bde\cache\ BrilliantDigital Object Recognized! Type : File Data : installb3dplayer3101.cab Category : Data Miner Comment : Object : C:\WINDOWS\bde\cache\ BrilliantDigital Object Recognized! Type : File Data : syscheckb3dplayer.cab Category : Data Miner Comment : Object : C:\WINDOWS\bde\cache\ BrilliantDigital Object Recognized! Type : File Data : installb3dcodecs.cab Category : Data Miner Comment : Object : C:\WINDOWS\bde\cache\ BrilliantDigital Object Recognized! Type : File Data : installb3drasts.cab Category : Data Miner Comment : Object : C:\WINDOWS\bde\cache\ BrilliantDigital Object Recognized! Type : File Data : b3dstats.cab Category : Data Miner Comment : Object : C:\WINDOWS\bde\cache\ BrilliantDigital Object Recognized! Type : File Data : b3d.b3d Category : Data Miner Comment : Object : C:\WINDOWS\bde\cache\ BrilliantDigital Object Recognized! Type : File Data : playb3d3200.cab Category : Data Miner Comment : Object : C:\WINDOWS\bde\cache\ Cydoor Object Recognized! Type : Folder Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\AdCache Cydoor Object Recognized! Type : File Data : $SptLght.tmp Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_597200.HTM Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_543400.HTM Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_547600.GIF Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_547700.GIF Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_505900.GIF Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_505901.GIF Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_505902.GIF Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_505903.GIF Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_505904.GIF Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_540300.GIF Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_546200.GIF Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_525400.GIF Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_539800.GIF Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_516300.GIF Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_510900.GIF Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_511000.GIF Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_532900.GIF Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_795400.HTM Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_564800.HTM Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_706200.HTM Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_706100.HTM Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_559600.HTM Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_524900.HTM Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_667800.HTM Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_525000.HTM Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_562400.HTM Category : Data Miner Comment : Object : C:\WINDOWS\SYSTEM\adcache\ Cydoor Object Recognized! Type : File Data : B_534100 |
|
|
||
28.12.2004, 23:30
Ehrenmitglied
Beiträge: 29434 |
#40
#ClaerProg..lade die neuste Version <1.4.0 Final
http://www.clearprog.de/downloads.php <und saeubere den Browser. Das Programm löscht die Surfspuren des Internet Explorers ab Version 5.0, des Netscape/Mozilla und des Opera: - Cookies - Verlauf - Temporäre Internetfiles (Cache) - die eingetragenen URLs - Autovervollständigen-Einträge in Web-Formularen des IE (bisher nur Win9x/ME) - Download-Listen des Netscape/Opera dann deaktiviere die Wiederherstellung, starte den PC neu und aktiviere sie wieder. Dann lade dieses Tool (wird wahrscheinlich das andere AdAware ersetzen und scanne) #AdAware (free) http://www.lavasoft.de/support/download/ VOR jedem Scanvorgang das Programm Updaten! waehrend des Scanvorganges müssen ALLE sonstige Anwendungen beendet werden und alle Browserfenster müssen geschlossen sein! #Search&Destroy http://www.safer-networking.org/de/download/index.html ------------------------------------------------------------------------------ Dann solltest du (nicht unbedingt heute ) mal in die Registry gehen Start<Ausfuehren <regedit (reinschreiben) Bearbeiten-->suchen -->cydoor und rechts in der Registry alles loeschen, was du findest dazu. zum Beispiel: HKEY_USERS\DEFAULT\software\cydoor das ist Spyware, die Software mitgebracht hat, die du mal geladen hast .(Digital Projector v3.0.0.0) die solltest du deinstallieren und dann alles in Windows und der Registry loeschen, was du findest (im AdAware-Log wird es ganz gut aufgelistet) Das muss aber nicht HEUTE sein __________ MfG Sabina rund um die PC-Sicherheit Dieser Beitrag wurde am 28.12.2004 um 23:31 Uhr von Sabina editiert.
|
|
|
||
28.12.2004, 23:43
Member
Beiträge: 19 |
#41
Hallo Sabina,
erst mal Danke:-) für die schnellen Rückmeldungen von Dir. Du mußt ja wohl auch ein gewaltiges Arbeitspensum täglich abarbeiten :-( Ja, heute mache ich nichts mehr - mir ist jedoch aufgefallen, dass von dem ursprünglichen Trojaner TR/Krepper.Y nichts mehr zu sehen ist. Oder sind die gemeldeten "Viren" und was sonst da so alles ist von diesem Trojaner? Habe jetzt 4 Jahre den PC und mir ist sowas noch nie passiert. Na ja, für heute erst mal Gute Nacht aus Berlin anegada |
|
|
||
29.12.2004, 21:40
Member
Beiträge: 19 |
#42
Hallo Sabina,
möchte mich anstandshalber nur kurz melden. Mache mit o.a. Arbeit in den nächstenTagen weiter- komme im Moment aber nicht dazu, da das bestimmt wieder Stunden in Anspruch nimmt. Habe aber heute den Firefox geladen und bin ganz zufrieden damit. Kleine Haker hat er, aber das werde ich schon hinkriegen oder aber in Kauf nehmen, wenn er mich tatsächlich vor diesen fürchterlichen Viren bewahrt. Herzliche Grüße anegada |
|
|
||
31.12.2004, 22:30
Member
Beiträge: 19 |
#43
nochmals herzlichen Dank für Deine Hilfe
und einen Guten Rutsch ins Neue Jahr für Dich und alle, die hier im Forum geduldig auf die vielen Fragen antworten |
|
|
||
deinstalliere die Version (erkennungs-eSCan)mwav.exe + alle zugehoerigen Dateien
und lade diese von meiner Site
Lade:mwav.exe
http://bilder.informationsarchiv.net/Nikitas_Tools/
#mwav.exe
lege diesen ordner c:\bases an
mache ein update, indem du die datei kavupd.exe startest (DOS-Modus)
noch nicht scannen.
gehe in den abgesicherten Modus und scanne.
Dann berichte, was geloescht wuede.
__________
MfG Sabina
rund um die PC-Sicherheit