Hilfe!

Kann diese searchupgrader nicht löschen!!!
Gibt's sonst welche Probleme auf mein Rechner?

Logfile of HijackThis v1.99.1
Scan saved at 16:37:22, on 02.03.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\MSI\Bluetooth Software\bin\btwdins.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\cusrvc.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\Programme\Danware Data\NetOp Remote Control\Host\NHOSTSVC.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\mqsvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\mqtgsvc.exe
C:\Programme\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\WINDOWS\ehome\ehmsas.exe
C:\WINDOWS\system32\NWTRAY.EXE
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
C:\Programme\Common files\SearchUpgrader\SearchUpgrader.exe
C:\PROGRA~1\GEMEIN~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programme\Yahoo!\Messenger\ypager.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
C:\PROGRA~1\GEMEIN~1\PCSuite\Services\SERVIC~1.EXE
C:\Programme\MSI\Bluetooth Software\BTTray.exe
C:\Programme\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
C:\Programme\Psion\PsiWin\Psconsv.exe
C:\PROGRA~1\Psion\PsiWin\Elogerr.exe
C:\PROGRA~1\MSI\BLUETO~1\BTSTAC~1.EXE
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\WINDOWS\system32\hpoipm07.exe
C:\Programme\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Programme\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe
C:\Programme\Novell\GroupWise\GrpWise.exe
C:\Programme\Advansys\Formativ\uiload.dll
C:\Programme\Advansys\Formativ\formativ.exe
C:\Programme\Novell\GroupWise\GWSync.exe
C:\Programme\Novell\GroupWise\Notify.exe
C:\Programme\Novell\GroupWise\ADDRBOOK.EXE
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\blanchard.DD-02\Lokale Einstellungen\Temporary Internet Files\Content.IE5\NICZVLWP\hijackthis_199[1]\HijackThis.exe
C:\Programme\Messenger\msmsgs.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.spiegel.de/
O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NAV_Update] C:\NAV_Update.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PSDrvCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Programme\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [winpsd] C:\WINDOWS\System32\winpsd.exe
O4 - HKLM\..\Run: [SearchUpgrader] C:\Programme\Common files\SearchUpgrader\SearchUpgrader.exe
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\GEMEIN~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Programme\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HPAiODevice(hp officejet g series) - 1.lnk = C:\Programme\Hewlett-Packard\AiO\hp officejet g series\Bin\hpoavn07.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PsiWin 2.3 Connection Server.lnk = C:\Programme\Psion\PsiWin\Psconsv.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Programme\MSI\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\MSI\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\MSI\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) - https://webresponse.one.microsoft.com/o ... winrep.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/09bfd2b3c44bf27509 ... 601_de.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.napster.com/client/isetup.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnme ... loader.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/48e ... taller.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programme\MSI\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\System32\cusrvc.exe
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: NetOp Helper ver. 7.50 (2003048) (NetOp Host for NT Service) - Danware Data A/S - C:\Programme\Danware Data\NetOp Remote Control\Host\NHOSTSVC.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe


---

Hallo@njb1001

W32.Mydoom.Q@mm winpsd.exe
What does it do?
W32.Mydoom.Q@mm is a mass-mailing worm that downloads an executable file and uses its own SMTP engine to send itself to the email addresses that it finds on the infected computer.
The downloaded file is detected as Backdoor.Nemog .
Creates a mutex named "43jfds93872", so that only one copy of the worm will run on the infected computer


#öffne das HijackThis-->> Button "scan" -->> Häkchen setzen -->> Button "Fix checked" -->> PC neustarten

O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL

O4 - HKLM\..\Run: [winpsd] C:\WINDOWS\System32\winpsd.exe--> MYDOOM.Q WORM!
O4 - HKLM\..\Run: [SearchUpgrader] C:\Programme\Common files\SearchUpgrader\SearchUpgrader.exe --> eUniverse/KeenValue Hijacker/TR/Dldr.Keenval.3
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/48e ... taller.exe

PC neustarten

•HOSTFILE:
#öffne das HijackThis
"Do a system scan only"-->Config--> Misc Tools-->Open Hosts file Manager--> delet line(s) -->/Click the "Open In Notepad" button
lösche alles , lasse nur stehen:
127.0.0.1 localhost

Removal using the Removal Tool
http://www.antivirus-online.de/german/c ... hp3?a=1218
Symantec Security Response has developed a removal tool to clean the infections of W32.Mydoom.Q@mm. This is the preferred method in most cases.
http://www.sarc.com/avcenter/venc/data/ ... .q@mm.html

•KillBox
http://www.bleepingcomputer.com/files/killbox.php

•Delete File on Reboot <--anhaken

C:\Programme\Common files\SearchUpgrader\SearchUpgrader.exe
C:\WINDOWS\System32\shimgapi.dll
C:\WINDOWS\System32\winpsd.exe
C:\Programme\MyWay\myBar\1.bin\MYBAR.DLL

und klick auf das rote Kreuz,
wenn gefragt wird, ob "Do you want to reboot? "----> klicke auf "no",und kopiere das naechste rein, erst beim letzten auf "yes"

#Ad-aware SE Personal 1.05 Updated
http://fileforum.betanews.com/detail/965718306/1
Laden--> Updaten-->scannen-->PC neustarten--> noch mal scannen--> poste das Log vom Scann

•eScan-Erkennungstool
eSan ist hier unter dem Namen Free eScan Antivirus Toolkit Utility kostenlos erhältlich:
http://www.mwti.net/antivirus/free_utilities.asp
oeffne den Scanner--> noch nicht scannen--> gehe in Start<Ausfuehren< schreib rein: %temp% und suche
kavupd.exe, die klickst du an--> (Update- in DOS) ausführen

-->mwav.exe oeffnen-->alle Haekchen setzen-->scannen-->View Log anklicken--> Bearbeiten anklicken--> "infected" reinschreiben
und nun alles rauskopieren, was angezeigt wird-->

Vielen vielen Dank für Deine Hilfe!!

Symantec hat MYDOOM nicht gefunden!!

MWAV läuft noch (seit ca. 1 Std.)

Ad-Aware log:



Ad-Aware SE Build 1.05
Logfile Created on:Freitag, 4. März 2005 11:18:35
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R28 16.02.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
AltnetBDE(TAC index:4):50 total references
Claria(TAC index:7):15 total references
eUniverse(TAC index:10):20 total references
Tracking Cookie(TAC index:3):80 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


04.03.2005 11:18:35 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 496
ThreadCreationTime : 04.03.2005 10:13:00
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 548
ThreadCreationTime : 04.03.2005 10:13:05
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 572
ThreadCreationTime : 04.03.2005 10:13:05
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 616
ThreadCreationTime : 04.03.2005 10:13:06
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Anwendung für Dienste und Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 628
ThreadCreationTime : 04.03.2005 10:13:06
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 796
ThreadCreationTime : 04.03.2005 10:13:07
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 848
ThreadCreationTime : 04.03.2005 10:13:07
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 916
ThreadCreationTime : 04.03.2005 10:13:07
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1004
ThreadCreationTime : 04.03.2005 10:13:07
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1044
ThreadCreationTime : 04.03.2005 10:13:07
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1192
ThreadCreationTime : 04.03.2005 10:13:08
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [btwdins.exe]
FilePath : C:\Programme\MSI\Bluetooth Software\bin\
ProcessID : 1552
ThreadCreationTime : 04.03.2005 10:13:17
BasePriority : Normal
FileVersion : 1.4.3 Build 4
ProductVersion : 1.4.3 Build 4
ProductName : Bluetooth Software 1.4.3 Build 4
CompanyName : WIDCOMM, Inc.
FileDescription : Bluetooth Support Server
InternalName : BTWDIns
LegalCopyright : Copyright WIDCOMM, Inc. 2000-2004.
OriginalFilename : BTWDIns.EXE

#:13 [ccsetmgr.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 1564
ThreadCreationTime : 04.03.2005 10:13:17
BasePriority : Normal
FileVersion : 2.1.3.4
ProductVersion : 2.1.3.4
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:14 [cusrvc.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1584
ThreadCreationTime : 04.03.2005 10:13:17
BasePriority : Normal
FileVersion : v4.90
ProductVersion : v4.90
ProductName : Novell Client for Windows
CompanyName : Novell, Inc.
FileDescription : Novell Client Update Service
InternalName : CUSRVC
LegalCopyright : Copyright © 2003, by Novell, Inc. All rights reserved.
OriginalFilename : CUSRVC.EXE

#:15 [ehsched.exe]
FilePath : C:\WINDOWS\ehome\
ProcessID : 1620
ThreadCreationTime : 04.03.2005 10:13:17
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Media Center Scheduler Service
InternalName : ehSched
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ehSched.exe

#:16 [mdm.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\
ProcessID : 1648
ThreadCreationTime : 04.03.2005 10:13:17
BasePriority : Normal
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
ProductName : Microsoft Development Environment
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1997-2000
OriginalFilename : mdm.exe

#:17 [msdtc.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1712
ThreadCreationTime : 04.03.2005 10:13:17
BasePriority : Normal
FileVersion : 2001.12.4414.258
ProductVersion : 03.01.00.4414
ProductName : Microsoft Distributed Transaction Coordinator
CompanyName : Microsoft Corporation
FileDescription : MS DTC console program
InternalName : MSDTC.EXE
LegalCopyright : Copyright (C) Microsoft Corp. 1995-1998
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation. Windows(TM) is a trademark of Microsoft Corporation

#:18 [ehrec.exe]
FilePath : C:\WINDOWS\ehome\
ProcessID : 1772
ThreadCreationTime : 04.03.2005 10:13:17
BasePriority : ?
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Media Center Host Module
InternalName : eHRec
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ehRec.exe

#:19 [navapsvc.exe]
FilePath : C:\Programme\Norton AntiVirus\
ProcessID : 1808
ThreadCreationTime : 04.03.2005 10:13:17
BasePriority : Normal
FileVersion : 10.00.2
ProductVersion : 10.00.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright (c) 2003 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:20 [nhostsvc.exe]
FilePath : C:\Programme\Danware Data\NetOp Remote Control\Host\
ProcessID : 1912
ThreadCreationTime : 04.03.2005 10:13:21
BasePriority : Normal


#:21 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1984
ThreadCreationTime : 04.03.2005 10:13:21
BasePriority : Normal
FileVersion : 6.14.10.4523
ProductVersion : 6.14.10.4523
ProductName : NVIDIA Driver Helper Service, Version 45.23
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 45.23
InternalName : NVSVC
LegalCopyright : (C) NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:22 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 344
ThreadCreationTime : 04.03.2005 10:13:22
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:23 [ccevtmgr.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 460
ThreadCreationTime : 04.03.2005 10:13:22
BasePriority : Normal
FileVersion : 2.1.3.4
ProductVersion : 2.1.3.4
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:24 [mqsvc.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1060
ThreadCreationTime : 04.03.2005 10:13:26
BasePriority : Normal
FileVersion : 5.01.1108
ProductVersion : 5.01.1108
ProductName : Microsoft Message Queue
CompanyName : Microsoft Corporation
FileDescription : Message Queuing Service
LegalCopyright : Copyright (C) Microsoft Corporation. 1981-2000
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation. Windows NT(TM) is a trademark of Microsoft Corporation
OriginalFilename : MQSVC.EXE

#:25 [symwsc.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\
ProcessID : 1280
ThreadCreationTime : 04.03.2005 10:13:26
BasePriority : Normal
FileVersion : 2005.1.2.20
ProductVersion : 2005.1
ProductName : Norton Security Center
CompanyName : Symantec Corporation
FileDescription : Norton Security Center Service
InternalName : SymWSC.exe
LegalCopyright : Copyright (c) 1997-2004 Symantec Corporation
OriginalFilename : SymWSC.exe

#:26 [mqtgsvc.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2136
ThreadCreationTime : 04.03.2005 10:13:27
BasePriority : Normal
FileVersion : 5.01.1108
ProductVersion : 5.01.1108
ProductName : Microsoft Message Queue
CompanyName : Microsoft Corporation
FileDescription : Windows NT MSMQ Trigger Service
LegalCopyright : Copyright (C) Microsoft Corporation. 1981-2000
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation. Windows NT(TM) is a trademark of Microsoft Corporation
OriginalFilename : QMTGSVC.EXE

#:27 [savscan.exe]
FilePath : C:\Programme\Norton AntiVirus\
ProcessID : 2304
ThreadCreationTime : 04.03.2005 10:13:27
BasePriority : Normal
FileVersion : 9.2.1.14
ProductVersion : 9.2
ProductName : Symantec AntiVirus AutoProtect
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus Scanner
InternalName : SAVSCAN
LegalCopyright : Copyright (c) 2003 Symantec Corporation
OriginalFilename : SAVSCAN.EXE

#:28 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2320
ThreadCreationTime : 04.03.2005 10:13:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:29 [wuauclt.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2684
ThreadCreationTime : 04.03.2005 10:14:11
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Automatische Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : wuauclt.exe

#:30 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2996
ThreadCreationTime : 04.03.2005 10:14:18
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : EXPLORER.EXE

#:31 [ehtray.exe]
FilePath : C:\WINDOWS\ehome\
ProcessID : 3232
ThreadCreationTime : 04.03.2005 10:14:23
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Media Center Tray Applet
InternalName : ehtray
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ehtray.exe

#:32 [ehmsas.exe]
FilePath : C:\WINDOWS\ehome\
ProcessID : 3272
ThreadCreationTime : 04.03.2005 10:14:23
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Media Center Media Status Aggregator Service
InternalName : eHMSAS
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ehMSAS.exe

#:33 [ccapp.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 3328
ThreadCreationTime : 04.03.2005 10:14:23
BasePriority : Normal
FileVersion : 2.1.3.4
ProductVersion : 2.1.3.4
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client User Session
InternalName : ccApp
LegalCopyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:34 [nwtray.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3336
ThreadCreationTime : 04.03.2005 10:14:23
BasePriority : Normal
FileVersion : v4.90
ProductVersion : v4.90
ProductName : Novell Client for Windows
CompanyName : Novell, Inc.
FileDescription : Novell System Tray Icon
LegalCopyright : Copyright © 1992-2002 Novell, Inc.
OriginalFilename : NWTRAY.EXE

#:35 [realsched.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Real\Update_OB\
ProcessID : 3360
ThreadCreationTime : 04.03.2005 10:14:24
BasePriority : Normal
FileVersion : 0.1.0.1622
ProductVersion : 0.1.0.1622
ProductName : RealOne Player (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2002
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:36 [soundman.exe]
FilePath : C:\WINDOWS\
ProcessID : 3368
ThreadCreationTime : 04.03.2005 10:14:24
BasePriority : Normal
FileVersion : 5.1.09
ProductVersion : 5.1.09
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright (c) 2001-2003 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager

#:37 [hpgs2wnd.exe]
FilePath : C:\Programme\Hewlett-Packard\HP Share-to-Web\
ProcessID : 3396
ThreadCreationTime : 04.03.2005 10:14:24
BasePriority : Normal
FileVersion : 2,4,0,26
ProductVersion : 2,4,0,26
ProductName : Hewlett-Packard hpgs2wnd
CompanyName : Hewlett-Packard
FileDescription : hpgs2wnd
InternalName : hpgs2wnd
LegalCopyright : Copyright © 2001
OriginalFilename : hpgs2wnd.exe

#:38 [wkufind.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\
ProcessID : 3420
ThreadCreationTime : 04.03.2005 10:14:24
BasePriority : Normal
FileVersion : 9.00.0603.0
ProductVersion : 9.00.0603.0
ProductName : Update Detection Module
CompanyName : Microsoft® Corporation
FileDescription : Microsoft® Works-Aktualisierungserkennung
InternalName : WkUFind
LegalCopyright : Copyright © 1987-2003 Microsoft Corporation.
OriginalFilename : WkUFind.exe

#:39 [datala~1.exe]
FilePath : C:\PROGRA~1\GEMEIN~1\PCSuite\DATALA~1\
ProcessID : 3436
ThreadCreationTime : 04.03.2005 10:14:24
BasePriority : Normal
FileVersion : 6, 4, 76, 5
ProductVersion : 5, 0
ProductName : Nokia PC Suite
CompanyName : Nokia Mobile Phones Ltd.
FileDescription : DataLayer 2.0 Module
InternalName : DataLayer 2.0
LegalCopyright : Copyright (c) 2004. Nokia. All rights reserved.
OriginalFilename : DataLayer.exe

#:40 [trayap~1.exe]
FilePath : C:\PROGRA~1\Nokia\NOKIAP~1\
ProcessID : 3464
ThreadCreationTime : 04.03.2005 10:14:24
BasePriority : Normal
FileVersion : 6, 4, 27, 0
ProductVersion : 6, 0, 27, 0
ProductName : Tray Application
FileDescription : Tray Application
InternalName : Tray Application
LegalCopyright : Copyright © 2001 - 2004 Nokia. All Rights Reserved.
OriginalFilename : TrayApplication.EXE

#:41 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3492
ThreadCreationTime : 04.03.2005 10:14:24
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:42 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3508
ThreadCreationTime : 04.03.2005 10:14:24
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Eine DLL-Datei als Anwendung ausführen
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : RUNDLL.EXE

#:43 [ypager.exe]
FilePath : C:\Programme\Yahoo!\Messenger\
ProcessID : 3516
ThreadCreationTime : 04.03.2005 10:14:24
BasePriority : Normal
FileVersion : 5, 6, 0, 1358
ProductVersion : 5, 6, 0, 1358
ProductName : Yahoo! Messenger
CompanyName : Yahoo! Inc.
FileDescription : Yahoo! Messenger
InternalName : Yahoo! Messengerr
LegalCopyright : Copyright 1998-2003
OriginalFilename : YPager.exe

#:44 [msnmsgr.exe]
FilePath : C:\Programme\MSN Messenger\
ProcessID : 3524
ThreadCreationTime : 04.03.2005 10:14:25
BasePriority : Normal
FileVersion : 6.2.0205
ProductVersion : Version 6.2
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:45 [bttray.exe]
FilePath : C:\Programme\MSI\Bluetooth Software\
ProcessID : 3564
ThreadCreationTime : 04.03.2005 10:14:25
BasePriority : Normal
FileVersion : 1.4.3 Build 4
ProductVersion : 1.4.3 Build 4
ProductName : Bluetooth Software 1.4.3 Build 4
CompanyName : WIDCOMM, Inc.
FileDescription : Bluetooth Tray Application
InternalName : BTTray
LegalCopyright : Copyright WIDCOMM, Inc. 2000-2004.
OriginalFilename : BTTray.exe

#:46 [hpoavn07.exe]
FilePath : C:\Programme\Hewlett-Packard\AiO\hp officejet g series\Bin\
ProcessID : 3580
ThreadCreationTime : 04.03.2005 10:14:25
BasePriority : Normal
FileVersion : 2.00
ProductVersion : A.14.06.09
ProductName : hp officejet g series
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Device Objects
InternalName : HPOAVN07
LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2000
OriginalFilename : HPOAVN07.EXE
Comments : HP OfficeJet G Series COM Device Objects

#:47 [hpgs2wnf.exe]
FilePath : C:\PROGRA~1\HEWLET~1\HPSHAR~1\
ProcessID : 3604
ThreadCreationTime : 04.03.2005 10:14:25
BasePriority : Normal
FileVersion : 2,4,0,26
ProductVersion : 2,4,0,26
ProductName : hpgs2wnf Module
FileDescription : hpgs2wnf Module
InternalName : hpgs2wnf
LegalCopyright : Copyright 2001
OriginalFilename : hpgs2wnf.EXE

#:48 [psconsv.exe]
FilePath : C:\Programme\Psion\PsiWin\
ProcessID : 3640
ThreadCreationTime : 04.03.2005 10:14:25
BasePriority : Normal
FileVersion : 1, 0, 0, 131
ProductVersion : 1, 0, 0, 1
ProductName : EPOC Connect.
CompanyName : Symbian Ltd.
FileDescription : Connection Manager Application
InternalName : PSCONSV
LegalCopyright : Copyright (C) Symbian Ltd. 1999
LegalTrademarks : EPOC
OriginalFilename : PSCONSV.EXE

#:49 [elogerr.exe]
FilePath : C:\PROGRA~1\Psion\PsiWin\
ProcessID : 3780
ThreadCreationTime : 04.03.2005 10:14:26
BasePriority : Normal
FileVersion : 1, 0, 0, 17
ProductVersion : 1, 0, 0, 1
ProductName : EPOC Connect.
CompanyName : Symbian Ltd.
FileDescription : logerr MFC Application
InternalName : logerr
LegalCopyright : Copyright (C) Symbian Ltd. 1999
LegalTrademarks : EPOC
OriginalFilename : logerr.EXE

#:50 [servic~1.exe]
FilePath : C:\PROGRA~1\GEMEIN~1\PCSuite\Services\
ProcessID : 3788
ThreadCreationTime : 04.03.2005 10:14:26
BasePriority : Normal
FileVersion : 6, 4, 17, 0
ProductVersion : 6.0
ProductName : Nokia Connectivity Library
CompanyName : Nokia.
FileDescription : ServiceLayer Module
InternalName : ServiceLayer
LegalCopyright : Copyright © 2002-2004 Nokia. All Rights Reserved.
OriginalFilename : ServiceLayer.exe

#:51 [btstac~1.exe]
FilePath : C:\PROGRA~1\MSI\BLUETO~1\
ProcessID : 908
ThreadCreationTime : 04.03.2005 10:14:33
BasePriority : Normal
FileVersion : 1.4.3 Build 4
ProductVersion : 1.4.3 Build 4
ProductName : Bluetooth Software 1.4.3 Build 4
CompanyName : WIDCOMM, Inc.
FileDescription : Bluetooth Stack COM Server
InternalName : BTStackServer
LegalCopyright : Copyright WIDCOMM, Inc. 2000-2004.
OriginalFilename : BTStackServer.exe

#:52 [hpoevm07.exe]
FilePath : C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\
ProcessID : 2416
ThreadCreationTime : 04.03.2005 10:14:34
BasePriority : Normal
FileVersion : 1.00
ProductVersion : A.14.06.09
ProductName : hp officejet g series
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Event Manager
InternalName : HPOEVM07
LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2000
OriginalFilename : HPOEVM07.EXE
Comments : HP OfficeJet COM Event Manager

#:53 [hpoipm07.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2516
ThreadCreationTime : 04.03.2005 10:14:35
BasePriority : Normal
FileVersion : 4, 5, 0, 767
ProductVersion : 4, 5, 0, 767
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-Packard Company
OriginalFilename : PmlDrv.exe

#:54 [iexplore.exe]
FilePath : C:\Programme\Internet Explorer\
ProcessID : 2908
ThreadCreationTime : 04.03.2005 10:14:44
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : IEXPLORE.EXE

#:55 [hposts07.exe]
FilePath : C:\Programme\Hewlett-Packard\AiO\Shared\bin\
ProcessID : 3176
ThreadCreationTime : 04.03.2005 10:14:49
BasePriority : Normal
FileVersion : 1.00
ProductVersion : A.14.06.09
ProductName : hp officejet g series
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet Status
InternalName : HPOSTS07
LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2000
OriginalFilename : HPOCPY07.EXE
Comments : HP OfficeJet Status

#:56 [hpofxm07.exe]
FilePath : C:\Programme\Hewlett-Packard\AiO\Shared\bin\
ProcessID : 3184
ThreadCreationTime : 04.03.2005 10:14:49
BasePriority : Normal
FileVersion : 1.00
ProductVersion : A.14.06.09
ProductName : hp officejet g series
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet G Series Fax Manager
InternalName : HPOFXM07
LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2000
OriginalFilename : HPOFXM07.EXE
Comments : HP OfficeJet G Series Fax Manager

#:57 [msmsgs.exe]
FilePath : C:\Programme\Messenger\
ProcessID : 4016
ThreadCreationTime : 04.03.2005 10:16:32
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright (c) Microsoft Corporation 2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:58 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
ProcessID : 2724
ThreadCreationTime : 04.03.2005 10:17:06
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:59 [hh.exe]
FilePath : C:\WINDOWS\
ProcessID : 2260
ThreadCreationTime : 04.03.2005 10:17:06
BasePriority : Normal
FileVersion : 5.2.3790.1159 (dnsrv.040209-1620)
ProductVersion : 5.2.3790.1159
ProductName : HTML Help
CompanyName : Microsoft Corporation
FileDescription : Microsoft® HTML Help Executable
InternalName : HH 1.41
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : HH.exe

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm4.adm4

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm4.adm4
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm25.adm25

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm25.adm25
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm4.adm4.1

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm4.adm4.1
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm25.adm25.1

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\adm25.adm25.1
Value :

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\adm.exe

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\adm.exe
Value : AppID

AltnetBDE Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\altnet signing module.exe

AltnetBDE Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\altnet signing module.exe
Value : AppID

Claria Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : uets

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GEF

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GMG

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GMI

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : LastInstall

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : PAK

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : SSeq

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : SEvt

Claria Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\gator.com

eUniverse Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : bho.perfectnavbho

eUniverse Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : bho.perfectnavbho
Value :

eUniverse Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : bho.perfectnavbho.1

eUniverse Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : bho.perfectnavbho.1
Value :

eUniverse Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{8b8f6968-2f24-41e3-b653-e9613226f14d}

eUniverse Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{8b8f6968-2f24-41e3-b653-e9613226f14d}
Value :

eUniverse Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{de289bfa-737b-4abb-a4ec-f8753551b875}

eUniverse Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\searchupgrader

eUniverse Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\searchupgrader
Value : Install_Dir

eUniverse Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\searchupgrader
Value : EXEName

eUniverse Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\searchupgrader
Value : VersionNumber

eUniverse Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\searchupgrader
Value : cid

eUniverse Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\searchupgrader
Value : installDate

eUniverse Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\searchupgrader
Value : puid

eUniverse Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\searchupgrader
Value : LastUpdateAttempt

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 37
Objects found so far: 37


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 37


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@phg.hitbox[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:blanchard@phg.hitbox.com/
Expires : 02.03.2006 15:41:32
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@ads.pointroll[2].txt
Category : Data Miner
Comment : Hits:8
Value : Cookie:blanchard@ads.pointroll.com/
Expires : 01.01.2010 01:00:00
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@atdmt[2].txt
Category : Data Miner
Comment : Hits:31
Value : Cookie:blanchard@atdmt.com/
Expires : 20.02.2010 01:00:00
LastSync : Hits:31
UseCount : 0
Hits : 31

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@bs.serving-sys[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:blanchard@bs.serving-sys.com/
Expires : 01.01.2038 06:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@adserver.71i[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:blanchard@adserver.71i.de/
Expires : 30.12.2037 17:00:00
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@questionmarket[1].txt
Category : Data Miner
Comment : Hits:16
Value : Cookie:blanchard@questionmarket.com/
Expires : 24.04.2006 01:11:22
LastSync : Hits:16
UseCount : 0
Hits : 16

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@doubleclick[1].txt
Category : Data Miner
Comment : Hits:26
Value : Cookie:blanchard@doubleclick.net/
Expires : 21.02.2008 15:24:34
LastSync : Hits:26
UseCount : 0
Hits : 26

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@tickle[1].txt
Category : Data Miner
Comment : Hits:21
Value : Cookie:blanchard@tickle.com/
Expires : 01.03.2015 15:26:18
LastSync : Hits:21
UseCount : 0
Hits : 21

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@bfast[2].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:blanchard@bfast.com/
Expires : 03.03.2025 15:08:28
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@servedby.netshelter[1].txt
Category : Data Miner
Comment : Hits:10
Value : Cookie:blanchard@servedby.netshelter.net/
Expires : 11.03.2005 10:57:44
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@cgi-bin[2].txt
Category : Data Miner
Comment : Hits:16
Value : Cookie:blanchard@imrworldwide.com/cgi-bin
Expires : 01.03.2015 12:27:26
LastSync : Hits:16
UseCount : 0
Hits : 16

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@mediaplex[2].txt
Category : Data Miner
Comment : Hits:18
Value : Cookie:blanchard@mediaplex.com/
Expires : 22.06.2009 01:00:00
LastSync : Hits:18
UseCount : 0
Hits : 18

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@serving-sys[2].txt
Category : Data Miner
Comment : Hits:8
Value : Cookie:blanchard@serving-sys.com/
Expires : 01.01.2038 06:00:00
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@versiontracker[1].txt
Category : Data Miner
Comment : Hits:8
Value : Cookie:blanchard@versiontracker.com/
Expires : 04.03.2007 03:15:52
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@fastclick[1].txt
Category : Data Miner
Comment : Hits:12
Value : Cookie:blanchard@fastclick.net/
Expires : 20.02.2007 16:27:04
LastSync : Hits:12
UseCount : 0
Hits : 12

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@web2.realtracker[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:blanchard@web2.realtracker.com/
Expires : 01.01.2007
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@adviva[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:blanchard@adviva.net/
Expires : 04.02.2010 15:15:22
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@goclick[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:blanchard@goclick.com/
Expires : 01.01.2010 01:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@247realmedia[1].txt
Category : Data Miner
Comment : Hits:32
Value : Cookie:blanchard@247realmedia.com/
Expires : 01.01.2011 01:00:00
LastSync : Hits:32
UseCount : 0
Hits : 32

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@tribalfusion[2].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:blanchard@tribalfusion.com/
Expires : 01.01.2038 01:00:00
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@bluestreak[2].txt
Category : Data Miner
Comment : Hits:8
Value : Cookie:blanchard@bluestreak.com/
Expires : 26.02.2015 04:34:54
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@2o7[2].txt
Category : Data Miner
Comment : Hits:138
Value : Cookie:blanchard@2o7.net/
Expires : 02.03.2010 09:50:04
LastSync : Hits:138
UseCount : 0
Hits : 138

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@adtech[2].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:blanchard@adtech.de/
Expires : 19.02.2015 15:31:04
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@ehg-guardian.hitbox[2].txt
Category : Data Miner
Comment : Hits:208
Value : Cookie:blanchard@ehg-guardian.hitbox.com/
Expires : 04.03.2006 10:40:30
LastSync : Hits:208
UseCount : 0
Hits : 208

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@apmebf[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:blanchard@apmebf.com/
Expires : 02.03.2010 15:10:08
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@z1.adserver[1].txt
Category : Data Miner
Comment : Hits:39
Value : Cookie:blanchard@z1.adserver.com/
Expires : 02.03.2006 16:27:32
LastSync : Hits:39
UseCount : 0
Hits : 39

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@partners.webmasterplan[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:blanchard@partners.webmasterplan.com/
Expires : 01.04.2005 23:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@as1.falkag[2].txt
Category : Data Miner
Comment : Hits:225
Value : Cookie:blanchard@as1.falkag.de/
Expires : 02.04.2005 15:45:06
LastSync : Hits:225
UseCount : 0
Hits : 225

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@advertising[2].txt
Category : Data Miner
Comment : Hits:44
Value : Cookie:blanchard@advertising.com/
Expires : 03.03.2010 09:00:10
LastSync : Hits:44
UseCount : 0
Hits : 44

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@hitbox[2].txt
Category : Data Miner
Comment : Hits:358
Value : Cookie:blanchard@hitbox.com/
Expires : 04.03.2006 10:40:30
LastSync : Hits:358
UseCount : 0
Hits : 358

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@servedby.advertising[2].txt
Category : Data Miner
Comment : Hits:252
Value : Cookie:blanchard@servedby.advertising.com/
Expires : 03.04.2005 10:40:34
LastSync : Hits:252
UseCount : 0
Hits : 252

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@tradedoubler[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:blanchard@tradedoubler.com/
Expires : 25.02.2005 04:51:06
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 32
Objects found so far: 69



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@0[1].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@0[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@276[2].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@276[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@2o7[2].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@2o7[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@a.as-us.falkag[1].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@a.as-us.falkag[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@advertising[2].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@advertising[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@adviva[1].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@adviva[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@as-us.falkag[1].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@as-us.falkag[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@as1.falkag[1].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@as1.falkag[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@atdmt[2].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@atdmt[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@bfast[1].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@bfast[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@bilbo.counted[2].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@bilbo.counted[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@bluestreak[2].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@bluestreak[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@bs.serving-sys[2].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@bs.serving-sys[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@cgi-bin[2].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@cgi-bin[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@clickagents[1].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@clickagents[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@counter.hitslink[2].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@counter.hitslink[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@doubleclick[1].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@ehg-hpsas.hitbox[1].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@ehg-hpsas.hitbox[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@ehg-petrocanada.hitbox[2].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@ehg-petrocanada.hitbox[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@etype.adbureau[2].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@etype.adbureau[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@fastclick[2].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@fastclick[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard@gator[1].txt
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\blanchard\Cookies\blanchard@gator[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : blanchard

Fri Mar 04 12:43:28 2005 => File C:\DOKUME~1\BLANCH~1.DD-\LOKALE~1\Temp\asmfiles.cab infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.

Fri Mar 04 12:43:50 2005 => File C:\DOKUME~1\BLANCH~1.DD-\LOKALE~1\Temp\perfectnavUninstall.exe infected by "Trojan-Downloader.Win32.Keenval.f" Virus. Action Taken: No Action Taken.

Fri Mar 04 13:17:52 2005 => File C:\Dokumente und Einstellungen\blanchard.DD-02\Lokale Einstellungen\Temp\asmfiles.cab infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.

Fri Mar 04 13:18:11 2005 => File C:\Dokumente und Einstellungen\blanchard.DD-02\Lokale Einstellungen\Temp\perfectnavUninstall.exe infected by "Trojan-Downloader.Win32.Keenval.f" Virus. Action Taken: No Action Taken.

Fri Mar 04 13:58:28 2005 => File C:\Programme\MyWay\myBar\1.bin\MY2NS.EXE infected by "not-a-virus:AdWare.Toolbar.MyWay.b" Virus. Action Taken: No Action Taken.

Fri Mar 04 13:58:29 2005 => File C:\Programme\MyWay\myBar\1.bin\NPMYWAY.DLL infected by "not-a-virus:AdWare.ToolBar.MyWay.f" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:22 2005 => File C:\Programme\Norton AntiVirus\Quarantine\009D2753.exe infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:22 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\00BC2755.822
Fri Mar 04 14:04:22 2005 => File C:\Programme\Norton AntiVirus\Quarantine\00BC2755.822 infected by "Email-Worm.Win32.NetSky.r" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:22 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\01675274.exe
Fri Mar 04 14:04:22 2005 => File C:\Programme\Norton AntiVirus\Quarantine\01675274.exe infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:22 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\03734351.exe
Fri Mar 04 14:04:22 2005 => File C:\Programme\Norton AntiVirus\Quarantine\03734351.exe infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:22 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\0384153F.exe
Fri Mar 04 14:04:22 2005 => File C:\Programme\Norton AntiVirus\Quarantine\0384153F.exe infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:22 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\038C7577
Fri Mar 04 14:04:22 2005 => File C:\Programme\Norton AntiVirus\Quarantine\038C7577 infected by "not-a-virus:AdWare.Gator.a" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:22 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\03B87EC9.exe
Fri Mar 04 14:04:23 2005 => File C:\Programme\Norton AntiVirus\Quarantine\03B87EC9.exe infected by "Email-Worm.Win32.Bagle.au" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:23 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\050C2A74
Fri Mar 04 14:04:23 2005 => File C:\Programme\Norton AntiVirus\Quarantine\050C2A74 infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:23 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\077853C9
Fri Mar 04 14:04:23 2005 => File C:\Programme\Norton AntiVirus\Quarantine\077853C9 infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:23 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\08B53C6C.exe
Fri Mar 04 14:04:23 2005 => File C:\Programme\Norton AntiVirus\Quarantine\08B53C6C.exe infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:23 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\08BA5945.exe
Fri Mar 04 14:04:23 2005 => File C:\Programme\Norton AntiVirus\Quarantine\08BA5945.exe infected by "Email-Worm.Win32.Bagle.at" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:23 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\0A3C3D75.822
Fri Mar 04 14:04:24 2005 => File C:\Programme\Norton AntiVirus\Quarantine\0A3C3D75.822 infected by "Email-Worm.Win32.Sober.i" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\11A10604.exe
Fri Mar 04 14:04:24 2005 => File C:\Programme\Norton AntiVirus\Quarantine\11A10604.exe infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\1B1B0087.exe
Fri Mar 04 14:04:24 2005 => File C:\Programme\Norton AntiVirus\Quarantine\1B1B0087.exe infected by "Email-Worm.Win32.Bagle.ay" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:24 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\1BDC1871.exe
Fri Mar 04 14:04:25 2005 => File C:\Programme\Norton AntiVirus\Quarantine\1BDC1871.exe infected by "Email-Worm.Win32.Bagle.at" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:25 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\20EC0B9A.822
Fri Mar 04 14:04:25 2005 => File C:\Programme\Norton AntiVirus\Quarantine\20EC0B9A.822 infected by "Email-Worm.Win32.Sober.i" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:25 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\23A148E8.822
Fri Mar 04 14:04:25 2005 => File C:\Programme\Norton AntiVirus\Quarantine\23A148E8.822 infected by "Email-Worm.Win32.Sober.i" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:25 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\243C369B
Fri Mar 04 14:04:25 2005 => File C:\Programme\Norton AntiVirus\Quarantine\243C369B infected by "Exploit.HTML.CodeBaseExec" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:25 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\27D77C4B.822
Fri Mar 04 14:04:25 2005 => File C:\Programme\Norton AntiVirus\Quarantine\27D77C4B.822 infected by "Email-Worm.Win32.Sober.i" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:26 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\2CBC655A.822
Fri Mar 04 14:04:26 2005 => File C:\Programme\Norton AntiVirus\Quarantine\2CBC655A.822 infected by "Email-Worm.Win32.NetSky.d" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:26 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\2CF7591A.822
Fri Mar 04 14:04:26 2005 => File C:\Programme\Norton AntiVirus\Quarantine\2CF7591A.822 infected by "Email-Worm.Win32.NetSky.d" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:26 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\2D6242A3.822
Fri Mar 04 14:04:26 2005 => File C:\Programme\Norton AntiVirus\Quarantine\2D6242A3.822 infected by "Email-Worm.Win32.NetSky.d" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:26 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\2DDB541E.822
Fri Mar 04 14:04:26 2005 => File C:\Programme\Norton AntiVirus\Quarantine\2DDB541E.822 infected by "Email-Worm.Win32.NetSky.d" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:26 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\335F4DA3.exe
Fri Mar 04 14:04:26 2005 => File C:\Programme\Norton AntiVirus\Quarantine\335F4DA3.exe infected by "Email-Worm.Win32.Mydoom.r" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:26 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\36AF6F88.exe
Fri Mar 04 14:04:26 2005 => File C:\Programme\Norton AntiVirus\Quarantine\36AF6F88.exe infected by "Email-Worm.Win32.Mydoom.r" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:26 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\3C42403B.822
Fri Mar 04 14:04:27 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3C42403B.822 infected by "Email-Worm.Win32.NetSky.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:27 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\3C7D33FA.822
Fri Mar 04 14:04:27 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3C7D33FA.822 infected by "Email-Worm.Win32.NetSky.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:27 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\3E1424A5.822
Fri Mar 04 14:04:27 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3E1424A5.822 infected by "Email-Worm.Win32.NetSky.d" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:27 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\3FDA0B5E.822
Fri Mar 04 14:04:27 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3FDA0B5E.822 infected by "Email-Worm.Win32.Sober.i" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:27 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\3FED0748.exe
Fri Mar 04 14:04:27 2005 => File C:\Programme\Norton AntiVirus\Quarantine\3FED0748.exe infected by "Email-Worm.Win32.Bagle.at" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:27 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\44667998
Fri Mar 04 14:04:27 2005 => File C:\Programme\Norton AntiVirus\Quarantine\44667998 infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:27 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\456E2554.exe
Fri Mar 04 14:04:28 2005 => File C:\Programme\Norton AntiVirus\Quarantine\456E2554.exe infected by "Email-Worm.Win32.Bagle.au" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:28 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4B014896
Fri Mar 04 14:04:28 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4B014896 infected by "not-a-virus:AdWare.Gator.a" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:28 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4B047293
Fri Mar 04 14:04:28 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4B047293 infected by "not-a-virus:AdWare.Gator.a" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:28 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4B953DF6.exe
Fri Mar 04 14:04:28 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4B953DF6.exe infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:28 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\4E814CBF.exe
Fri Mar 04 14:04:28 2005 => File C:\Programme\Norton AntiVirus\Quarantine\4E814CBF.exe infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:28 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\510A01AF.exe
Fri Mar 04 14:04:28 2005 => File C:\Programme\Norton AntiVirus\Quarantine\510A01AF.exe infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:28 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\514B4A79.exe
Fri Mar 04 14:04:28 2005 => File C:\Programme\Norton AntiVirus\Quarantine\514B4A79.exe infected by "Email-Worm.Win32.Bagle.at" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:28 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\51903B1B.exe
Fri Mar 04 14:04:29 2005 => File C:\Programme\Norton AntiVirus\Quarantine\51903B1B.exe infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:29 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\51A00D09.exe
Fri Mar 04 14:04:29 2005 => File C:\Programme\Norton AntiVirus\Quarantine\51A00D09.exe infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:29 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\51BE06E9.exe
Fri Mar 04 14:04:29 2005 => File C:\Programme\Norton AntiVirus\Quarantine\51BE06E9.exe infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:29 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\51FF4EA1.exe
Fri Mar 04 14:04:29 2005 => File C:\Programme\Norton AntiVirus\Quarantine\51FF4EA1.exe infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:29 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\57CB3720
Fri Mar 04 14:04:29 2005 => File C:\Programme\Norton AntiVirus\Quarantine\57CB3720 infected by "not-a-virus:AdWare.Altnet.e" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:29 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\59A551CA.htm
Fri Mar 04 14:04:29 2005 => File C:\Programme\Norton AntiVirus\Quarantine\59A551CA.htm infected by "Exploit.HTML.Mht" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:29 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\5B6449DE.822
Fri Mar 04 14:04:29 2005 => File C:\Programme\Norton AntiVirus\Quarantine\5B6449DE.822 infected by "Email-Worm.Win32.Sober.i" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:29 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\5C594E1E
Fri Mar 04 14:04:30 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\5FA93F08.822
Fri Mar 04 14:04:30 2005 => File C:\Programme\Norton AntiVirus\Quarantine\5FA93F08.822 infected by "Email-Worm.Win32.NetSky.d" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:30 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\617F7FB6.822
Fri Mar 04 14:04:31 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\61AD4B84.822
Fri Mar 04 14:04:31 2005 => File C:\Programme\Norton AntiVirus\Quarantine\61AD4B84.822 infected by "Exploit.HTML.FileDownload" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:31 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\645D6612.exe
Fri Mar 04 14:04:31 2005 => File C:\Programme\Norton AntiVirus\Quarantine\645D6612.exe infected by "Email-Worm.Win32.Bagle.at" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:31 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\67094443.zip
Fri Mar 04 14:04:31 2005 => File C:\Programme\Norton AntiVirus\Quarantine\67094443.zip infected by "Email-Worm.Win32.NetSky.b" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:31 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\684423F8.exe
Fri Mar 04 14:04:31 2005 => File C:\Programme\Norton AntiVirus\Quarantine\684423F8.exe infected by "Email-Worm.Win32.Bagle.z" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:31 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\6B3958C2.exe
Fri Mar 04 14:04:32 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6B3958C2.exe infected by "Email-Worm.Win32.Mydoom.r" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:32 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\6BE37CFF.pif
Fri Mar 04 14:04:32 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6BE37CFF.pif infected by "Email-Worm.Win32.NetSky.c" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:32 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\6F9C15BC.exe
Fri Mar 04 14:04:32 2005 => File C:\Programme\Norton AntiVirus\Quarantine\6F9C15BC.exe infected by "Email-Worm.Win32.Mydoom.q" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:32 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\700229BF
Fri Mar 04 14:04:32 2005 => File C:\Programme\Norton AntiVirus\Quarantine\700229BF infected by "Trojan-Downloader.JS.IstBar.b" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:32 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\77FC0F10.exe
Fri Mar 04 14:04:32 2005 => File C:\Programme\Norton AntiVirus\Quarantine\77FC0F10.exe infected by "Email-Worm.Win32.Bagle.at" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:32 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\7E04097C.822
Fri Mar 04 14:04:32 2005 => File C:\Programme\Norton AntiVirus\Quarantine\7E04097C.822 infected by "Email-Worm.Win32.Sober.i" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:04:32 2005 => Scanning File C:\Programme\Norton AntiVirus\Quarantine\7E4F4F2A.822
Fri Mar 04 14:04:33 2005 => File C:\Programme\Norton AntiVirus\Quarantine\7E4F4F2A.822 infected by "Email-Worm.Win32.Sober.i" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:06:38 2005 => File C:\Programme\PerfectNav\BHO\PerfectNav150c.dll infected by "not-a-virus:AdWare.Perfnav.a" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:15:42 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP284\A0041254.dll infected by "not-a-virus:AdWare.Altnet.e" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:41 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042894.dll infected by "not-a-virus:AdWare.BrilliantDigital.1007" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:41 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042895.exe infected by "Trojan-Downloader.Win32.Keenval.f" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:42 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042903.dll infected by "not-a-virus:AdWare.Altnet.e" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:43 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042916.dll infected by "not-a-virus:AdWare.Altnet.a" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:43 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042917.dll infected by "not-a-virus:AdWare.Altnet.a" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:43 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042918.exe infected by "not-a-virus:AdWare.Altnet.a" Virus. Action Taken: No Action Taken.


Fri Mar 04 14:16:43 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042922.dll infected by "not-a-virus:AdWare.Altnet.a" Virus. Action Taken: No Action Taken.


Fri Mar 04 14:16:43 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042925.dll infected by "not-a-virus:AdWare.Altnet.b" Virus. Action Taken: No Action Taken.


Fri Mar 04 14:16:45 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042940.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.
Fri Mar 04 14:16:45 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042941.exe infected by "not-a-virus:AdWare.Gator.6034" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:45 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042942.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:45 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042943.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:45 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042944.dll infected by "not-a-virus:AdWare.Gator.3124" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:45 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042945.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:45 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042946.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:45 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042947.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:45 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042948.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:45 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042949.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:45 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042950.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:45 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0042951.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.


Fri Mar 04 14:16:48 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0043063.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:49 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0043064.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:49 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0043065.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:49 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0043066.dll infected by "not-a-virus:AdWare.Gator.5017" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:49 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0043067.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:49 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0043068.exe infected by "not-a-virus:AdWare.Gator.6034" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:49 2005 => File C:\System Volume Information\_restore{B033A2F1-E8A4-495F-93F3-7D5944287520}\RP296\A0043069.exe infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken.

Fri Mar 04 14:16:49 2005 => F