Informationsarchiv.net > Foren-Übersicht > Computerprobleme > Online- und PC-Sicherheit
Warum kostenlos registrieren?

Nur als registriertes Mitglied hast Du vollen Zugriff auf alle Funktionen unserer Website. So kannst Du eigene Fragen stellen und hast die volle Übersicht über neue interessante Themen im Forum.
Jetzt kostenlos registrieren.

Login


C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL

Warnungen vor Sicherheitslücken und Hilfe beim Enfernen von Viren, Würmern und Trojanern.
Thema gesperrt

hallo zusammen

Beitragvon daysi am 02.02.2005, 22:51

bin seit wochen nicht mehr in´s i-net gekommen, habe also von nem anderen rechner (firmen-pc) einiges hier erfahren und klären können, habe aber nicht so recht die ahnung und möchte deshalb mal hijack logfile posten.
ich hoffe, ihr könnt mir helfen :)

Logfile of HijackThis v1.99.0
Scan saved at 20:51:56, on 02.02.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\PackethSvc.exe
C:\Programme\0190 Warner\w0svc.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Programme\SM Electronic\cm20.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Programme\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\0190WA~1\WARN0190.EXE
D:\AOL 8.0\aoltray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Dokumente und Einstellungen\Microstar\Eigene Dateien\download virenschutz\HijackThis199.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://de.docs.yahoo.com/info/ie6.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?p=%s
R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL (file missing)
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Messenger\ycomp5_3_12_0.dll
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Messenger\ycomp5_3_12_0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Start RF Wireless Mouse] C:\Programme\SM Electronic\cm20.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [CloneCDTray] C:\Programme\Elaborate Bytes\CloneCD\CloneCDTray.exe
O4 - HKLM\..\Run: [ElbyCheckElbyCDFL] "C:\Programme\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [0190 Warner] C:\PROGRA~1\0190WA~1\WARN0190.EXE
O4 - HKCU\..\Run: [YAW Autostart] "C:\Programme\YAW\yaw.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - Global Startup: AOL Tray-Symbol.lnk = D:\AOL 8.0\aoltray.exe
O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE
O12 - Plugin for .au: C:\Programme\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .mid: C:\Programme\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: Yahoo! Blackjack - http://download.games.yahoo.com/games/c ... /jt0_x.cab
O16 - DPF: Yahoo! Literati - http://download.games.yahoo.com/games/c ... /tt1_x.cab
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/c ... /pt1_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/c ... potc_x.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Companion) - http://us.dl1.yimg.com/download.compani ... 3_12_0.cab
O23 - Service: 0190/0900 Warner Überwachungsdienst - Mirko Böer - C:\Programme\0190 Warner\w0svc.exe
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: LexBce Server - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Virtual NIC Service - America Online, Inc. - C:\WINDOWS\System32\PackethSvc.exe
O23 - Service: WAN Miniport (ATW) Service - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
daysi
 
Beiträge: 87
Registriert: 06.01.2005, 11:45
Wohnort: Sondershausen
Nach oben

Beitragvon Nikita am 03.02.2005, 18:42

#öffne das HijackThis-->> Button "scan" -->> Häkchen setzen -->> Button "Fix checked" -->> PC neustarten

R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL (file missing)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL

PC neustarten--> in den abgesicherten Modus:

(Euniverse.Incredifind)
<C:\Program Files\perfectnav\bho
<perfectnav150.dll
<perfectnavbho.dll
<perfectnav.dll

<C:\Programme\MyWay\
<C:\Programme\MyWay\myBar\
<MYBAR.DLL

deinstallieren oder Folder loeschen

#Ad-aware SE Personal 1.05 Updated
http://fileforum.betanews.com/detail/965718306/1
Laden--> Updaten-->scannen-->PC neustarten--> noch mal scannen--> poste das Log vom Scann
Nikita
Moderator
 
Beiträge: 11478
Registriert: 07.12.2003, 16:53
Wohnort: Lissabon
Nach oben

Beitragvon daysi am 09.02.2005, 21:00

hallo nikita,
bin leider heute erst wieder dazu gekommen, aber wie ich gesehen habe, hattest du auch so genug zu tun.
das log macht mir ja richtig angst, also poste ich es dir schnell...
mfg
daysi


Ad-Aware SE Build 1.05
Logfile Created on:Mittwoch, 9. Februar 2005 19:31:13
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R27 05.02.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Alexa(TAC index:5):11 total references
AltnetBDE(TAC index:4):73 total references
BrilliantDigital(TAC index:6):12 total references
eAcceleration(TAC index:7):7 total references
eUniverse(TAC index:10):13 total references
MRU List(TAC index:0):47 total references
Other(TAC index:5):5 total references
Tracking Cookie(TAC index:3):8 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


09.02.2005 19:31:13 - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 680
ThreadCreationTime : 09.02.2005 18:29:12
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 744
ThreadCreationTime : 09.02.2005 18:29:14
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 772
ThreadCreationTime : 09.02.2005 18:29:18
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 816
ThreadCreationTime : 09.02.2005 18:29:18
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Anwendung für Dienste und Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 828
ThreadCreationTime : 09.02.2005 18:29:18
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 992
ThreadCreationTime : 09.02.2005 18:29:19
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1120
ThreadCreationTime : 09.02.2005 18:29:19
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1228
ThreadCreationTime : 09.02.2005 18:29:20
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1256
ThreadCreationTime : 09.02.2005 18:29:20
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [lexbces.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1596
ThreadCreationTime : 09.02.2005 18:29:22
BasePriority : Normal
FileVersion : 7.4
ProductVersion : 7.4
ProductName : MarkVision for Windows (32 bit)
CompanyName : Lexmark International, Inc.
FileDescription : LexBce Service
InternalName : LexBce Service
LegalCopyright : (C) 1993 - 2002 Lexmark International, Inc.
OriginalFilename : LexBceS.exe

#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1628
ThreadCreationTime : 09.02.2005 18:29:22
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [lexpps.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1660
ThreadCreationTime : 09.02.2005 18:29:22
BasePriority : Normal
FileVersion : 7.4
ProductVersion : 7.4
ProductName : MarkVision for Windows (32 bit)
CompanyName : Lexmark International, Inc.
FileDescription : LEXPPS.EXE
InternalName : LEXPPS
LegalCopyright : (C) 1993 - 2002 Lexmark International, Inc.
OriginalFilename : LEXPPS.EXE
Comments : MarkVision for Windows '95 New P2P Server (32-bit)

#:13 [packethsvc.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1772
ThreadCreationTime : 09.02.2005 18:29:23
BasePriority : Normal
FileVersion : 6, 0, 0, 6
ProductVersion : 6, 0, 0, 6
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : Virtual Adapter Service
InternalName : Virtual Adapter Service
LegalCopyright : Copyright (C) America Online, Inc. 1999 - 2001
OriginalFilename : PackethSvc.exe

#:14 [w0svc.exe]
FilePath : C:\Programme\0190 Warner\
ProcessID : 1796
ThreadCreationTime : 09.02.2005 18:29:23
BasePriority : Normal
FileVersion : 4.0.0.22
ProductVersion : 4.0
ProductName : 0190/0900 Warner
CompanyName : Mirko Böer
FileDescription : 0190/0900 Warner Service
InternalName : w0svc
LegalCopyright : Copyright © 2003-2004 Mirko Böer
OriginalFilename : w0svc.exe

#:15 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1812
ThreadCreationTime : 09.02.2005 18:29:23
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:16 [avgamsvr.exe]
FilePath : C:\PROGRA~1\Grisoft\AVG7\
ProcessID : 1824
ThreadCreationTime : 09.02.2005 18:29:23
BasePriority : Normal
FileVersion : 7,0,0,297
ProductVersion : 7.0.0.297
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE

#:17 [avgupsvc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVG7\
ProcessID : 1840
ThreadCreationTime : 09.02.2005 18:29:23
BasePriority : Normal
FileVersion : 7,0,0,301
ProductVersion : 7.0.0.301
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE

#:18 [wanmpsvc.exe]
FilePath : C:\WINDOWS\
ProcessID : 1920
ThreadCreationTime : 09.02.2005 18:29:23
BasePriority : Normal
FileVersion : 7, 0, 0, 2
ProductVersion : 7, 0, 0, 2
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : Wan Miniport (ATW) Service
InternalName : WanMPSvc
LegalCopyright : Copyright © 2001 America Online, Inc.
OriginalFilename : WanMPSvc.exe

#:19 [fxssvc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 164
ThreadCreationTime : 09.02.2005 18:29:24
BasePriority : Normal
FileVersion : 5.2.1776.1023
ProductVersion : 5.2.1776.1023
ProductName : Microsoft® Fax Server
CompanyName : Microsoft Corporation
FileDescription : Faxdienst
InternalName : FXSSVC.EXE
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : FXSSVC.EXE

#:20 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 832
ThreadCreationTime : 09.02.2005 18:29:45
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : EXPLORER.EXE

#:21 [syntplpr.exe]
FilePath : C:\Programme\Synaptics\SynTP\
ProcessID : 1104
ThreadCreationTime : 09.02.2005 18:29:49
BasePriority : Normal
FileVersion : 5.7.1 02Aug01
ProductVersion : 5.7.1 02Aug01
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2001
OriginalFilename : SynTPLpr.exe

#:22 [syntpenh.exe]
FilePath : C:\Programme\Synaptics\SynTP\
ProcessID : 1112
ThreadCreationTime : 09.02.2005 18:29:49
BasePriority : Normal
FileVersion : 5.7.1 02Aug01
ProductVersion : 5.7.1 02Aug01
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2001
OriginalFilename : SynTPEnh.exe

#:23 [lxsupmon.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1196
ThreadCreationTime : 09.02.2005 18:29:49
BasePriority : Normal
FileVersion : 3.0.105.1
ProductVersion : 3.0.105.1
ProductName : Lexmark Supplies Monitor
CompanyName : Lexmark International Inc.
FileDescription : Supplies Monitor
InternalName : LXSUPMON
LegalCopyright : Copyright © 2002
OriginalFilename : LXSUPMON.RC

#:24 [cm20.exe]
FilePath : C:\Programme\SM Electronic\
ProcessID : 1216
ThreadCreationTime : 09.02.2005 18:29:49
BasePriority : Normal


#:25 [p2p networking.exe]
FilePath : C:\WINDOWS\System32\P2P Networking\
ProcessID : 1264
ThreadCreationTime : 09.02.2005 18:29:50
BasePriority : Normal
FileVersion : 1, 25, 0, 20
ProductVersion : 1, 25, 0, 20
ProductName : P2P Networking
CompanyName : Joltid Ltd.
FileDescription : P2P Networking
InternalName : P2P Networking
LegalCopyright : Copyright © 2001 - 2004 Joltid Ltd. All Rights Reserved.
LegalTrademarks : Joltid is a registered trademark of Joltid Ltd.
OriginalFilename : P2P Networking.exe

#:26 [clonecdtray.exe]
FilePath : C:\Programme\Elaborate Bytes\CloneCD\
ProcessID : 1364
ThreadCreationTime : 09.02.2005 18:29:50
BasePriority : Normal


#:27 [avgcc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVG7\
ProcessID : 1488
ThreadCreationTime : 09.02.2005 18:29:50
BasePriority : Normal
FileVersion : 7,0,0,298
ProductVersion : 7.0.0.298
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE

#:28 [warn0190.exe]
FilePath : C:\PROGRA~1\0190WA~1\
ProcessID : 248
ThreadCreationTime : 09.02.2005 18:29:52
BasePriority : Normal
FileVersion : 4.3.0.221
ProductVersion : 4.03
ProductName : 0190 Warner / 0900 Warner
CompanyName : Mirko Böer
FileDescription : 0190 Warner / 0900 Warner
LegalCopyright : Copyright © 2001 - 2004 Mirko Böer
Comments : http://www.wt-rate.com/

#:29 [aoltray.exe]
FilePath : D:\AOL 8.0\
ProcessID : 416
ThreadCreationTime : 09.02.2005 18:29:53
BasePriority : Normal
FileVersion : 8.00.000
ProductVersion : 8.00.000
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : AOL 6.0 Tray-Symbol
InternalName : AolTray
LegalCopyright : Copyright (C) America Online, Inc. 1999 - 2003

#:30 [f53e.exe]
FilePath : C:\WINDOWS\
ProcessID : 564
ThreadCreationTime : 09.02.2005 18:29:55
BasePriority : Normal
FileVersion : 3.0.0.0
ProductVersion : 3.0.0.0
ProductName : YAW - Yet Another Warner
CompanyName : Ebert & Tietz GBR und Andreas Haak
FileDescription : YAW - Yet Another Warner
InternalName : YAW
LegalCopyright : Ebert & Tietz GBR sowie Andreas Haak
OriginalFilename : yaw.exe

#:31 [wuauclt.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2936
ThreadCreationTime : 09.02.2005 18:30:26
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Automatische Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : wuauclt.exe

#:32 [ad-aware.exe]
FilePath : C:\Programme\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3180
ThreadCreationTime : 09.02.2005 18:30:35
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:33 [wuauclt.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3384
ThreadCreationTime : 09.02.2005 18:30:48
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Automatische Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : wuauclt.exe

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuText

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuStatusBar

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Script

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : clsid

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Icon

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : HotIcon

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : ButtonText

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{e813099d-5529-47f4-9b37-4afafcb00a43}

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{e813099d-5529-47f4-9b37-4afafcb00a43}
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{ad5bc1f0-72d8-44b3-8e3d-8e8fecce43fb}

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{ad5bc1f0-72d8-44b3-8e3d-8e8fecce43fb}
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\{8b0fef15-54dc-49f5-8377-8172de975f75}

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\{8b0fef15-54dc-49f5-8377-8172de975f75}
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\typelib\{bff4f684-677e-44f4-8c74-1d575c950e10}

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\altnet

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\altnet
Value : ALTNET_DIR

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\altnet
Value : SharedMediaDir

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\altnet
Value : SharedMediaDir2

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\altnet
Value : SharedFilesDir

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm4.adm4

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm4.adm4
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm25.adm25

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm25.adm25
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm.adm.1

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm.adm.1
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm4.adm4.1

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm4.adm4.1
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8}

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8}
Value :

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8}
Value : AppID

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm25.adm25.1

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm25.adm25.1
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm.adm

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm.adm
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}
Value :

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}
Value : AppID

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\typelib\{5830698f-7fc0-40cd-a453-9a0cafdf3a64}

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{def37997-d9c9-4a4b-bf3c-88f99eaceec2}

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{def37997-d9c9-4a4b-bf3c-88f99eaceec2}
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\typelib\{676f6d1d-c559-42a9-860b-27c1477b7179}

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\adm.exe

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\adm.exe
Value : AppID

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{1d3bce37-7834-4579-8169-e67681420a98}

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{1d3bce37-7834-4579-8169-e67681420a98}
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\{99a8e2b2-3405-4c0d-9110-131c14caaf62}

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\{99a8e2b2-3405-4c0d-9110-131c14caaf62}
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\altnet signing module.exe

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\altnet signing module.exe
Value : AppID

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{e813099d-5529-47f4-9b37-4afafcb00a43}

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{e813099d-5529-47f4-9b37-4afafcb00a43}
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\altnetdm

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\altnetdm
Value : DisplayName

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\altnetdm
Value : UnInstallString

BrilliantDigital Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : .b3dini

BrilliantDigital Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : .b3dini
Value :

BrilliantDigital Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{3eec42b5-fb94-40d3-a588-bb54b383a7cb}

BrilliantDigital Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{3eec42b5-fb94-40d3-a588-bb54b383a7cb}
Value :

BrilliantDigital Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{e79dadc6-18d0-4a2a-831f-d196d41f8438}

BrilliantDigital Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{e79dadc6-18d0-4a2a-831f-d196d41f8438}
Value :

BrilliantDigital Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{29e825aa-13bc-457c-806a-d72e4a25b3c5}

BrilliantDigital Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{29e825aa-13bc-457c-806a-d72e4a25b3c5}
Value :

BrilliantDigital Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{9d4548ce-92fd-4c6c-ae7f-3dbe3bc763d8}

BrilliantDigital Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\interface\{9d4548ce-92fd-4c6c-ae7f-3dbe3bc763d8}
Value :

eAcceleration Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : directory\shellex\contextmenuhandlers\eac_virusscanner

eAcceleration Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : directory\shellex\contextmenuhandlers\eac_virusscanner
Value :

eAcceleration Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : mseaid.gd\glsid

eAcceleration Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : mseaid.gd\glsid
Value :

eUniverse Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{00d6a7e7-4a97-456f-848a-3b75bf7554d7}

eUniverse Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{00d6a7e7-4a97-456f-848a-3b75bf7554d7}\progid

eUniverse Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{00d6a7e7-4a97-456f-848a-3b75bf7554d7}\typelib

eUniverse Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{00d6a7e7-4a97-456f-848a-3b75bf7554d7}\typelib
Value :

eUniverse Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{00d6a7e7-4a97-456f-848a-3b75bf7554d7}\programmable

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

eAcceleration Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{46D570D9-71C8-44E5-A76C-AADFE94442CA}"
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\shell extensions\approved
Value : {46D570D9-71C8-44E5-A76C-AADFE94442CA}

eAcceleration Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "Stop Sign" shell extension
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\shell extensions\approved
Value : {BB83FD23-AC96-472D-8AA2-7D8560A61D1A}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 79
Objects found so far: 79


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : C:\Program Files\Altnet\Download Manager\asmps.dll
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{E813099D-5529-47F4-9B37-4AFAFCB00A43}

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : C:\Program Files\Altnet\Download Manager\asmps.dll
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{E813099D-5529-47F4-9B37-4AFAFCB00A43}
Value :

AltnetBDE Object Recognized!
Type : File
Data : asmps.dll
Category : Data Miner
Comment :
Object : c:\program files\altnet\download manager\
FileVersion : 1, 0, 0, 5
ProductVersion : 1, 0, 0, 0
InternalName : ASMPS
LegalCopyright : Copyright 2003
OriginalFilename : ASMPS.DLL


Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 82


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : microstar@bluestreak[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:microstar@bluestreak.com/
Expires : 07.02.2015 14:01:40
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : microstar@servedby.netshelter[2].txt
Category : Data Miner
Comment : Hits:10
Value : Cookie:microstar@servedby.netshelter.net/
Expires : 29.06.2021 14:48:54
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : microstar@adtech[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:microstar@adtech.de/
Expires : 07.02.2015 19:00:20
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : microstar@doubleclick[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:microstar@doubleclick.net/
Expires : 09.02.2008 19:03:14
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : microstar@2o7[2].txt
Category : Data Miner
Comment : Hits:19
Value : Cookie:microstar@2o7.net/
Expires : 01.02.2010 22:35:24
LastSync : Hits:19
UseCount : 0
Hits : 19

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : microstar@versiontracker[2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:microstar@versiontracker.com/
Expires : 09.02.2007 11:03:34
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : microstar@tribalfusion[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:microstar@tribalfusion.com/
Expires : 01.01.2038 01:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : microstar@bravenet[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:microstar@bravenet.com/
Expires : 31.01.2015 22:44:46
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 8
Objects found so far: 90



Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 90

Disk Scan Result for C:\WINDOWS\System32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 90

Disk Scan Result for C:\DOKUME~1\MICROS~1\LOKALE~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 90


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
3 entries scanned.
New critical objects:0
Objects found so far: 90



MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\office\9.0\excel\recent files
Description : list of recent files used by microsoft excel


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\office\9.0\powerpoint\recent file list
Description : list of recent files used by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\ahead\nero - burning rom\recent file list
Description : list of recently used files in nero burning rom


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\kazaa\search
Description : list of recent searches performed with sharman networks kazaa


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\adobe\acrobat reader\5.0\avgeneral\crecentfiles
Description : list of recently used files in adobe reader


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\musicmatch
Description : download location of the musicmatch installer


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\frontpage\explorer\frontpage explorer\recent web list
Description : list of recently used webs in microsoft frontpage


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-19\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-20\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio
Description : information on the last station listened to using musicmatch radio


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\clipart gallery\2.0\mrudescription
Description : most recently used description in microsoft clipart gallery


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\picture it! publishing\5.0\recent file list
Description : list of recently used files in microsoft picture it!


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\frontpage
Description : default save location in microsoft frontpage


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\frontpage\explorer\frontpage explorer\recent page list
Description : list of recently used pages in microsoft frontpage


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\office\9.0\powerpoint\recent typeface list
Description : list of recently used typefaces in microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\frontpage\explorer\frontpage explorer\recent file list
Description : list of recently used files in microsoft frontpage


MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv
Description : file conversion location settings in musicmatch jukebox


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\frontpage\explorer\frontpage explorer\recently created servers
Description : list of recently created servers in microsoft frontpage


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\automap\8.0\findmru
Description : list of recently used find queries used in microsoft automap-based products


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-2969962186-1850456698-4159782051-1005\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : C:\Dokumente und Einstellungen\Microstar\recent
Description : list of recently opened documents



Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\signingmodule.signingmodule.1

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\signingmodule.signingmodule.1
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\signingmodule.signingmodule

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\signingmodule.signingmodule
Value :

AltnetBDE Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : C:\WINDOWS\temp\Altnet

AltnetBDE Object Recognized!
Type : File
Data : adm.exe
Category : Data Miner
Comment :
Object : C:\WINDOWS\temp\altnet\
FileVersion : 4, 0, 0, 2
ProductVersion : 4, 0, 0, 0
ProductName : ADM
CompanyName : Altnet
FileDescription : ADM
InternalName : ADM
LegalCopyright : Copyright © 2003 Altnet
OriginalFilename : ADM.exe


AltnetBDE Object Recognized!
Type : File
Data : adm25.dll
Category : Data Miner
Comment :
Object : C:\WINDOWS\temp\altnet\
FileVersion : 1, 2, 4, 3
ProductVersion : 1, 0, 0, 0
ProductName : ADM
CompanyName : Altnet
FileDescription : ADM
InternalName : ADM
LegalCopyright : Copyright 2002
OriginalFilename : ADM25.dll


AltnetBDE Object Recognized!
Type : File
Data : adm4.dll
Category : Data Miner
Comment :
Object : C:\WINDOWS\temp\altnet\
FileVersion : 4, 0, 0, 5
ProductVersion : 4, 0, 0, 0
ProductName : ADM
CompanyName : Altnet
FileDescription : ADM
InternalName : ADM
LegalCopyright : Copyright © 2003 Altnet
OriginalFilename : ADM4.dll


AltnetBDE Object Recognized!
Type : File
Data : admdata.dll
Category : Data Miner
Comment :
Object : C:\WINDOWS\temp\altnet\
FileVersion : 1, 0, 1, 10
ProductVersion : 1, 0, 0, 0
ProductName : ADMData
CompanyName : Altnet
FileDescription : ADMData
InternalName : ADMData
LegalCopyright : Copyright 1999
OriginalFilename : ADMData.dll


AltnetBDE Object Recognized!
Type : File
Data : admdloader.dll
Category : Data Miner
Comment :
Object : C:\WINDOWS\temp\altnet\
FileVersion : 3, 0, 39, 2
ProductVersion : 3, 0, 0, 0
ProductName : ADMDloader
CompanyName : Altnet
FileDescription : BDEDownloader
InternalName : ADMDloader
LegalCopyright : Copyright © 2001 Altnet
OriginalFilename : ADMDloader.dll


AltnetBDE Object Recognized!
Type : File
Data : admfdi.dll
Category : Data Miner
Comment :
Object : C:\WINDOWS\temp\altnet\
FileVersion : 1, 0, 0, 8
ProductVersion : 1, 0, 0, 0
ProductName : ADMFdi
CompanyName : Altnet
FileDescription : ADMFdi
InternalName : ADMFdi
LegalCopyright : Copyright © 2000
OriginalFilename : ADMFdi


AltnetBDE Object Recognized!
Type : File
Data : admprog.dll
Category : Data Miner
Comment :
Object : C:\WINDOWS\temp\altnet\
FileVersion : 4, 0, 0, 3
ProductVersion : 4, 0, 0, 0
ProductName : ADMProg
CompanyName : Altnet
InternalName : ADMProg
LegalCopyright : Copyright © 2003 Altnet
OriginalFilename : ADMProg.dll


AltnetBDE Object Recognized!
Type : File
Data : atl.dll
Category : Data Miner
Comment :
Object : C:\WINDOWS\temp\altnet\
FileVersion : 3.00.8168
ProductVersion : 6.00.8168
ProductName : Microsoft (R) Visual C++
CompanyName : Microsoft Corporation
FileDescription : ATL Module for Windows (ANSI)
InternalName : ATL
LegalCopyright : Copyright © Microsoft Corp. 1996-1998
OriginalFilename : ATL.DLL


AltnetBDE Object Recognized!
Type : File
Data : dmfiles.cab
Category : Data Miner
Comment :
Object : C:\WINDOWS\temp\altnet\



AltnetBDE Object Recognized!
Type : File
Data : DMinfo3.cab
Category : Data Miner
Comment :
Object : C:\WINDOWS\temp\altnet\



AltnetBDE Object Recognized!
Type : File
Data : dminstall3.cab
Category : Data Miner
Comment :
Object : C:\WINDOWS\temp\altnet\



AltnetBDE Object Recognized!
Type : File
Data : msvcirt.dll
Category : Data Miner
Comment :
Object : C:\WINDOWS\temp\altnet\
FileVersion : 6.00.8168.0
ProductVersion : 6.00.8168.0
ProductName : Microsoft (R) Visual C++
daysi
 
Beiträge: 87
Registriert: 06.01.2005, 11:45
Wohnort: Sondershausen
Nach oben

Beitragvon Nikita am 10.02.2005, 10:49

Hallo@daysi


KillBox
http://www.bleepingcomputer.com/files/killbox.php
<Delete File on Reboo

kopiere in die Killbox:

C:\Program Files\Altnet\Download Manager\asmps.dll

und klick auf das rote Kreuz,
wenn gefragt wird, ob "Do you want to reboot? "----> klicke auf "yes"

PC neustarten

Loesche:
C:\Program Files\Altnet\Download Manager
C:\WINDOWS\temp\altnet\ <---alles loeschen (wird auch im AdAware angezeigt, was du alles loeschen musst in diesem Ordner
Nikita
Moderator
 
Beiträge: 11478
Registriert: 07.12.2003, 16:53
Wohnort: Lissabon
Nach oben

Beitragvon daysi am 10.02.2005, 19:11

hallo nikita,
habe das jetzt getan. solls das schon gewesen sein???
hab nochmal den adaware gestartet und immer noch 104 critical objects...
willst du den log nochmal haben?
mfg
daysi
daysi
 
Beiträge: 87
Registriert: 06.01.2005, 11:45
Wohnort: Sondershausen
Nach oben

Beitragvon Nikita am 11.02.2005, 01:00

Hallo@days

bringe alle in Quarantaene und wenn dann alles gut laeuft--> loesche sie ;)
Nikita
Moderator
 
Beiträge: 11478
Registriert: 07.12.2003, 16:53
Wohnort: Lissabon
Nach oben

Beitragvon daysi am 11.02.2005, 10:37

hallo nikita,
ist ja supi, werde ich tun.
eine frage nur noch, hab immer wieder gelesen, dass man den thread abschließen soll..., sagst du mir wie ? ?!?!
:?:

und vielen dank nochmals für alles

mfg
daysi
daysi
 
Beiträge: 87
Registriert: 06.01.2005, 11:45
Wohnort: Sondershausen
Nach oben

Beitragvon Nikita am 11.02.2005, 11:19

Hallo@daysi

Du hast doch den Thread mit deinem Dankeschoen schon abgeschlossen ;)
Nikita
Moderator
 
Beiträge: 11478
Registriert: 07.12.2003, 16:53
Wohnort: Lissabon
Nach oben
Thema gesperrt

Ähnliche Themen

Was heißt:C:\Progra~1\Norton~1\Navap.vxd-Datei nicht gefunde
Forum: Hardware-Hilfe
Autor: antra
Antworten:
C:\PROGRA~1\SEARCH~1\SEARCH~2.DLL
Forum: Online- und PC-Sicherheit
Autor: Nikita
Antworten:
Nach oben

Zurück zu Online- und PC-Sicherheit

Wer ist online?

Mitglieder in diesem Forum: 0 Mitglieder und 0 Gäste

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Deutsche Übersetzung durch phpBB.de
phpBB SEO