ad aware findet alexa bitte mal mein HijackThis logfile überprüfen

#0
02.07.2006, 11:51
Member

Beiträge: 43
#1 hallo sabina,
ad aware findet alexa, wirfst du mal bitte ein blick auf meine logs und sagst mir was ich wenn nötig unternehmen muss?


mein adaware log:

ArchiveData(alexa.bckp)
Referencefile : SE1R47 24.05.2005
======================================================

ALEXA
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[0]=Regkey : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
obj[1]=RegValue : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} "MenuStatusBar"
obj[2]=RegValue : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} "Script"
obj[3]=RegValue : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} "clsid"
obj[4]=RegValue : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} "Icon"
obj[5]=RegValue : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} "HotIcon"
obj[6]=RegValue : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} "ButtonText"
obj[7]=RegValue : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
obj[8]=RegValue : S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
obj[9]=RegValue : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\internet explorer\extensions\cmdmapping "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"

und hier mein HijackThis logfile :

Logfile of HijackThis v1.99.1
Scan saved at 12:33:47, on 02.07.2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\AntiVirenKit\AVKService.exe
C:\Programme\AntiVirenKit\AVKWCtl.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
C:\Programme\AntiVirenKit\AVKPOP.EXE
C:\Programme\QuickTime\qttask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programme\AOL 9.0\aoltray.exe
C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
C:\WINDOWS\system32\ntvdm.exe
C:\OPLIMIT\ocrawr32.exe
C:\WINDOWS\wanmpsvc.exe
C:\Programme\AOL 9.0\waol.exe
C:\Programme\AOL 9.0\shellmon.exe
C:\Programme\Gemeinsame Dateien\Aol\aoltpspd.exe
C:\Dokumente und Einstellungen\Alte Hexe\Lokale Einstellungen\Temp\Temporäres Verzeichnis 1 für hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [AVK Mail Checker] "C:\Programme\AntiVirenKit\AVKPOP.EXE"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: OCRAWARE.lnk = C:\OPLIMIT\OCRAWARE.EXE
O4 - Global Startup: AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AOL Instant Messenger (TM) - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Programme\AIM95\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{112CE3AC-D968-4CDD-A8E3-C01C7AC0E0CA}: NameServer = 205.188.146.145
O17 - HKLM\System\CS1\Services\Tcpip\..\{112CE3AC-D968-4CDD-A8E3-C01C7AC0E0CA}: NameServer = 205.188.146.145
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
O23 - Service: AVK Service (AVKService) - Unknown owner - C:\Programme\AntiVirenKit\AVKService.exe
O23 - Service: AVK Wächter (AVKWCtl) - Unknown owner - C:\Programme\AntiVirenKit\AVKWCtl.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

danke dir im voraus
melaberlin
Seitenanfang Seitenende
02.07.2006, 13:31
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#2 1.
fixe mit dem hijackThis:

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

2.
PC neustarten

3.
lasse AdAware noch einmal scannen ;)
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
02.07.2006, 15:22
Member

Themenstarter

Beiträge: 43
#3 hallo sabina,

leider wird er immernoch fündig ;)(

log vom ad aware scan:

Ad-Aware SE Build 1.06r1
Logfile Created on:Sonntag, 2. Juli 2006 16:10:02
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R113 28.06.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Alexa(TAC index:5):3 total references
MRU List(TAC index:0):25 total references
Tracking Cookie(TAC index:3):11 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


02.07.2006 16:10:02 - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 376
ThreadCreationTime : 02.07.2006 13:58:08
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 440
ThreadCreationTime : 02.07.2006 13:58:10
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 472
ThreadCreationTime : 02.07.2006 13:58:16
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 516
ThreadCreationTime : 02.07.2006 13:58:16
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Anwendung für Dienste und Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 528
ThreadCreationTime : 02.07.2006 13:58:16
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 684
ThreadCreationTime : 02.07.2006 13:58:17
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 708
ThreadCreationTime : 02.07.2006 13:58:17
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 824
ThreadCreationTime : 02.07.2006 13:58:18
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 852
ThreadCreationTime : 02.07.2006 13:58:18
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1040
ThreadCreationTime : 02.07.2006 13:58:20
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:11 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1048
ThreadCreationTime : 02.07.2006 13:58:20
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : EXPLORER.EXE

#:12 [aolacsd.exe]
FilePath : C:\Programme\Gemeinsame Dateien\AOL\ACS\
ProcessID : 1180
ThreadCreationTime : 02.07.2006 13:58:21
BasePriority : Normal


#:13 [zlclient.exe]
FilePath : C:\PROGRA~1\ZONELA~1\ZONEAL~1\
ProcessID : 1332
ThreadCreationTime : 02.07.2006 13:58:24
BasePriority : Normal
FileVersion : 4.5.532.000
ProductVersion : 4.5.532.000
ProductName : Zone Labs Client
CompanyName : Zone Labs Inc.
FileDescription : Zone Labs Client
InternalName : zlclient
LegalCopyright : Copyright © 1998-2003, Zone Labs Inc.
OriginalFilename : zlclient.exe

#:14 [avkservice.exe]
FilePath : C:\Programme\AntiVirenKit\
ProcessID : 1340
ThreadCreationTime : 02.07.2006 13:58:24
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : AVKService Module
FileDescription : AVKService Module
InternalName : AVKService
LegalCopyright : Copyright 2001
OriginalFilename : AVKService.EXE

#:15 [avkwctl.exe]
FilePath : C:\Programme\AntiVirenKit\
ProcessID : 1356
ThreadCreationTime : 02.07.2006 13:58:25
BasePriority : Normal
FileVersion : 2, 0, 0, 0
ProductVersion : 10, 0, 0, 0
ProductName : AVK
FileDescription : AVKWCtl Monitor Service
InternalName : AVKWCtl
OriginalFilename : AVKWCtl.EXE

#:16 [aoldial.exe]
FilePath : C:\Programme\Gemeinsame Dateien\AOL\ACS\
ProcessID : 1392
ThreadCreationTime : 02.07.2006 13:58:25
BasePriority : Normal
FileVersion : 2.6.6.3.DE.55
ProductVersion : 2.6.6.3.DE.55
ProductName : AOL Connectivity Service
CompanyName : America Online, Inc
FileDescription : AOL Connectivity Service Dialer
LegalCopyright : Copyright © 2003 America Online, Inc.
OriginalFilename : AOLDial.exe

#:17 [avkpop.exe]
FilePath : C:\Programme\AntiVirenKit\
ProcessID : 1432
ThreadCreationTime : 02.07.2006 13:58:25
BasePriority : Normal
FileVersion : 1, 0, 2, 0
ProductVersion : 1, 0, 2, 0
ProductName : AVK
CompanyName : G DATA Software AG
FileDescription : AVK POP3 Server
InternalName : AVKPOP
LegalCopyright : Copyright 2001
OriginalFilename : AVKPop.exe

#:18 [qttask.exe]
FilePath : C:\Programme\QuickTime\
ProcessID : 1484
ThreadCreationTime : 02.07.2006 13:58:26
BasePriority : Normal
FileVersion : 6.5
ProductVersion : QuickTime 6.5
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:19 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1540
ThreadCreationTime : 02.07.2006 13:58:26
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:20 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1584
ThreadCreationTime : 02.07.2006 13:58:26
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:21 [vsmon.exe]
FilePath : C:\WINDOWS\system32\ZoneLabs\
ProcessID : 1608
ThreadCreationTime : 02.07.2006 13:58:26
BasePriority : Normal
FileVersion : 4.5.532.000
ProductVersion : 4.5.532.000
ProductName : TrueVector Service
CompanyName : Zone Labs Inc.
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2003, Zone Labs Inc.
OriginalFilename : vsmon.exe

#:22 [aoltray.exe]
FilePath : C:\Programme\AOL 9.0\
ProcessID : 1720
ThreadCreationTime : 02.07.2006 13:58:29
BasePriority : Normal
FileVersion : 9.00.001
ProductVersion : 9.00.001
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : AOL Tray Icon
InternalName : AolTray
LegalCopyright : Copyright (C) America Online, Inc. 1999 - 2004

#:23 [calcheck.exe]
FilePath : C:\Programme\Ulead Systems\Ulead Photo Express 2 SE\
ProcessID : 1740
ThreadCreationTime : 02.07.2006 13:58:31
BasePriority : Normal
FileVersion : 2, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Calendar Checker Application
CompanyName : Ulead Systems, Inc.
FileDescription : Photo Express -- Calendar Checker
InternalName : CalCheck
LegalCopyright : Copyright (C) 1992-1998.Ulead Systems, Inc.
LegalTrademarks : Ulead Systems, MediaStudio, PhotoImpact and Photo Express are registered trademarks of Ulead Systems, Inc.
OriginalFilename : CalCheck.EXE

#:24 [ntvdm.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1748
ThreadCreationTime : 02.07.2006 13:58:32
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : NTVDM.EXE
InternalName : NTVDM.EXE
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : NTVDM.EXE

#:25 [wanmpsvc.exe]
FilePath : C:\WINDOWS\
ProcessID : 1796
ThreadCreationTime : 02.07.2006 13:58:37
BasePriority : Normal
FileVersion : 7, 0, 0, 2
ProductVersion : 7, 0, 0, 2
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : Wan Miniport (ATW) Service
InternalName : WanMPSvc
LegalCopyright : Copyright © 2001 America Online, Inc.
OriginalFilename : WanMPSvc.exe

#:26 [ocrawr32.exe]
FilePath : C:\OPLIMIT\
ProcessID : 1864
ThreadCreationTime : 02.07.2006 13:58:40
BasePriority : Normal
FileVersion : 5, 0, 0, 1
ProductVersion : 5, 0, 0, 1
ProductName : OmniPage Limited Edition
CompanyName : Caere Corporation
FileDescription : Ocraware32
InternalName : Ocraware32
LegalCopyright : Copyright © 1995 Caere Corporation
OriginalFilename : Ocrawr32.exe

#:27 [wmiprvse.exe]
FilePath : C:\WINDOWS\System32\wbem\
ProcessID : 2028
ThreadCreationTime : 02.07.2006 13:58:50
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:28 [waol.exe]
FilePath : C:\Programme\AOL 9.0\
ProcessID : 1220
ThreadCreationTime : 02.07.2006 14:03:04
BasePriority : Normal


#:29 [shellmon.exe]
FilePath : C:\Programme\AOL 9.0\
ProcessID : 568
ThreadCreationTime : 02.07.2006 14:03:14
BasePriority : Normal


#:30 [aoltpspd.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Aol\
ProcessID : 884
ThreadCreationTime : 02.07.2006 14:03:14
BasePriority : Normal
FileVersion : 1, 1, 1, 0
ProductVersion : [v1_r1.1-2] On Mon 11/29/2004 19:54:26.07
ProductName : AOL TopSpeed(TM)
CompanyName : America Online Inc
FileDescription : AOL TopSpeed(TM)
InternalName : AOL TopSpeed(TM)
LegalCopyright : Copyright © America Online 2003
LegalTrademarks : AOL TopSpeed(TM)
OriginalFilename : aoltpspd.exe

#:31 [ad-aware.exe]
FilePath : C:\Programme\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2396
ThreadCreationTime : 02.07.2006 14:09:40
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 3
Objects found so far: 3


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 3


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : alte hexe@partners.webmasterplan[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:alte hexe@partners.webmasterplan.com/
Expires : 27.08.2015
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : alte hexe@as1.falkag[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:120
Value : Cookie:alte hexe@as1.falkag.de/
Expires : 31.08.2006 10:07:18
LastSync : Hits:120
UseCount : 0
Hits : 120

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : alte hexe@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:110
Value : Cookie:alte hexe@doubleclick.net/
Expires : 24.08.2008 20:54:30
LastSync : Hits:110
UseCount : 0
Hits : 110

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : alte hexe@tradedoubler[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:22
Value : Cookie:alte hexe@tradedoubler.com/
Expires : 03.02.2025 23:20:42
LastSync : Hits:22
UseCount : 0
Hits : 22

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : alte hexe@serving-sys[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:alte hexe@serving-sys.com/
Expires : 01.01.2038
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : alte hexe@adbutler[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:alte hexe@adbutler.de/
Expires : 28.12.2005 15:39:12
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : alte hexe@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:215
Value : Cookie:alte hexe@2o7.net/
Expires : 10.09.2010 19:17:34
LastSync : Hits:215
UseCount : 0
Hits : 215

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : alte hexe@kelkoo[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:alte hexe@kelkoo.de/
Expires : 23.08.2007 23:08:02
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : alte hexe@advertising[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:348
Value : Cookie:alte hexe@advertising.com/
Expires : 16.06.2011 22:44:40
LastSync : Hits:348
UseCount : 0
Hits : 348

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : alte hexe@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:53
Value : Cookie:alte hexe@mediaplex.com/
Expires : 22.06.2009 02:00:00
LastSync : Hits:53
UseCount : 0
Hits : 53

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : alte hexe@adtech[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:866
Value : Cookie:alte hexe@adtech.de/
Expires : 02.01.2016 23:59:10
LastSync : Hits:866
UseCount : 0
Hits : 866

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 11
Objects found so far: 14



Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 14

Disk Scan Result for C:\WINDOWS\System32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 14

Disk Scan Result for C:\DOKUME~1\ALTEHE~1\LOKALE~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 14


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 14



MRU List Object Recognized!
Location: : C:\Dokumente und Einstellungen\Alte Hexe\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : .DEFAULT\software\ahead\nero - burning rom\recent file list
Description : list of recently used files in nero burning rom


MRU List Object Recognized!
Location: : S-1-5-18\software\ahead\nero - burning rom\recent file list
Description : list of recently used files in nero burning rom


MRU List Object Recognized!
Location: : S-1-5-19\software\ahead\nero - burning rom\recent file list
Description : list of recently used files in nero burning rom


MRU List Object Recognized!
Location: : S-1-5-20\software\ahead\nero - burning rom\recent file list
Description : list of recently used files in nero burning rom


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro


MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console


MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint


MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor


MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-725345543-1682526488-854245398-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk



Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 39

16:12:00 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:01:57.999
Objects scanned:74795
Objects identified:14
Objects ignored:0
New critical objects:14


hm immernoch 14 infizierte objekte heul ;)(

melaberlin mal wieder ratlos ist ;o)
Dieser Beitrag wurde am 02.07.2006 um 19:25 Uhr von melaberlin editiert.
Seitenanfang Seitenende
02.07.2006, 19:27
Member

Themenstarter

Beiträge: 43
#4 habe gerade noch mal gescannt ad aware findet das (oder viell. auch was anderes) leider immerwieder ;) auf jeden fall sagt er nicht alles in ordnung alles schön so kann es bleiben ;)(
Seitenanfang Seitenende
03.07.2006, 13:17
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#5 scanne mit spybot und berichte
http://www.safer-networking.org/en/download/index.html
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: