bitte hilfe
60 Beiträge • Seite 1 von 4 • 1, 2, 3, 4
bitte hilfe
von pugs am 08.10.2005, 22:14
ich habe ein riesen problem:
vor ca 2wochen hat mein computer/leptop angefangen,beim runterfhren,zu flackern.das fand ich jedoch nicht so schlimm,doch dann trat dieses flackern immer häufiger auf und ich kam nicht mehr(ohne jede seite 1000x zu akktualisiren)ins internet.
nun komm ich zwar wieder ohne probleme ins netz,aber das flackern hab ich immer noch.jetzt hab ich auch noch ein problem mit nero:wenn ich brenne,dauert es höchstens 2min.dann kommt die meldung BRENNEN FEHLGESCHLAGEN,oder,wenn es mal gut geht und der BRENNVORGANG ERFOLGREICH war,dann ist auf der cd nix drauf
.
hängt das vileicht alles zusammen?hab ich nen virus oder trojaner?wie entferne ich viren/trojaner ohne das ich dafür zahlen muss?
bitte bitte HILFE
vor ca 2wochen hat mein computer/leptop angefangen,beim runterfhren,zu flackern.das fand ich jedoch nicht so schlimm,doch dann trat dieses flackern immer häufiger auf und ich kam nicht mehr(ohne jede seite 1000x zu akktualisiren)ins internet.
nun komm ich zwar wieder ohne probleme ins netz,aber das flackern hab ich immer noch.jetzt hab ich auch noch ein problem mit nero:wenn ich brenne,dauert es höchstens 2min.dann kommt die meldung BRENNEN FEHLGESCHLAGEN,oder,wenn es mal gut geht und der BRENNVORGANG ERFOLGREICH war,dann ist auf der cd nix drauf
.
hängt das vileicht alles zusammen?hab ich nen virus oder trojaner?wie entferne ich viren/trojaner ohne das ich dafür zahlen muss?
bitte bitte HILFE
- pugs
- Beiträge: 64
- Registriert: 08.10.2005, 21:30
- Wohnort: leverkusen
von automatix am 08.10.2005, 23:01
Um nach Schädlingen zu suchen hat sich das Programm bewährt:
Hijackthis:
http://virus-protect.net/hjtkurz.html
Lade/entpacke HijackThis in einem Ordner
-->None of the above,
just start the program --> Save--> Savelog -->es öffnet sich der
Editor -->
oder:
Do a system scan and save a logfile --> Save--> Savelog -->es öffnet sich der
Editor -->
nun das KOMPLETTE Log mit rechtem Mausklick abkopieren und ins
Forum mit rechtem Mausklick "einfügen"
Hijackthis:
http://virus-protect.net/hjtkurz.html
Lade/entpacke HijackThis in einem Ordner
-->None of the above,
just start the program --> Save--> Savelog -->es öffnet sich der
Editor -->
oder:
Do a system scan and save a logfile --> Save--> Savelog -->es öffnet sich der
Editor -->
nun das KOMPLETTE Log mit rechtem Mausklick abkopieren und ins
Forum mit rechtem Mausklick "einfügen"
- automatix
- Administrator
- Beiträge: 14440
- Registriert: 12.09.2004, 13:58
- Wohnort: 95138 Bad Steben
von pugs am 08.10.2005, 23:37
Logfile of HijackThis v1.99.1
Scan saved at 23:28:48, on 08.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\Programme\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\skeys.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Progra~1\Launch Manager\LaunchAp.exe
C:\Progra~1\Launch Manager\PowerKey.exe
C:\Progra~1\Launch Manager\HotkeyApp.exe
C:\Progra~1\Launch Manager\CtrlVol.exe
C:\Progra~1\Launch Manager\Wbutton.exe
C:\Programme\Acer\Notebook Manager\almxptray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programme\ltmoh\Ltmoh.exe
D:\Programme\CyberLink\PowerDVD\PowerDVD.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\eDonkey2000\eDonkey2000.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\ahead\InCD\InCD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\SPYWAR~1\swdoctor.exe
C:\Programme\a2\a2guard.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\explorer.exe
D:\Programme\Musikzip\eBayTBDaemon.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\DOKUME~1\schnuppe\LOKALE~1\Temp\Temporäres Verzeichnis 3 für hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gmx.net/de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - D:\Programme\Musikzip\eBayTB.dll
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Programme\NewDotNet\newdotnet6_90.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: GMX Toolbar - {2D1DDD38-CE4D-459b-A01C-F11BC92D5B69} - C:\Programme\GMX\GMX Toolbar\toolbar.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - D:\Programme\Musikzip\eBayTB.dll
O4 - HKLM\..\Run: [LaunchApp] LaunApp
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Progra~1\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Progra~1\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Progra~1\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Progra~1\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Progra~1\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [AcerNotebookManager] C:\Programme\Acer\Notebook Manager\almxptray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Programme\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [PowerDVD] D:\Programme\CyberLink\PowerDVD\PowerDVD.exe /autostart
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [eDonkey2000] C:\Programme\eDonkey2000\eDonkey2000.exe -t
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s
O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [WlanMonitor] C:\Program Files\USB Wireless LAN\WlanMonitor.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [InCD] C:\Programme\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [eBayToolbar] D:\Programme\Musikzip\eBayTBDaemon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ChkMail] ˜>‹
O4 - HKCU\..\Run: [Spyware Doctor] C:\PROGRA~1\SPYWAR~1\swdoctor.exe /Q
O4 - HKCU\..\Run: [a-squared] "C:\Programme\a2\a2guard.exe"
O8 - Extra context menu item: &eBay Search - res://D:\Programme\Musikzip\eBayTb.dll/RCSearch.html
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing)
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsup ... SupCtl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0118a978dbb ... 601_de.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsup ... mAData.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Programme\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
Scan saved at 23:28:48, on 08.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programme\Norton AntiVirus\navapsvc.exe
C:\Programme\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\skeys.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\Progra~1\Launch Manager\LaunchAp.exe
C:\Progra~1\Launch Manager\PowerKey.exe
C:\Progra~1\Launch Manager\HotkeyApp.exe
C:\Progra~1\Launch Manager\CtrlVol.exe
C:\Progra~1\Launch Manager\Wbutton.exe
C:\Programme\Acer\Notebook Manager\almxptray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programme\ltmoh\Ltmoh.exe
D:\Programme\CyberLink\PowerDVD\PowerDVD.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\eDonkey2000\eDonkey2000.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\ahead\InCD\InCD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\SPYWAR~1\swdoctor.exe
C:\Programme\a2\a2guard.exe
C:\Programme\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\explorer.exe
D:\Programme\Musikzip\eBayTBDaemon.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\DOKUME~1\schnuppe\LOKALE~1\Temp\Temporäres Verzeichnis 3 für hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gmx.net/de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,,SKEYS /I
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - D:\Programme\Musikzip\eBayTB.dll
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Programme\NewDotNet\newdotnet6_90.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: GMX Toolbar - {2D1DDD38-CE4D-459b-A01C-F11BC92D5B69} - C:\Programme\GMX\GMX Toolbar\toolbar.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - D:\Programme\Musikzip\eBayTB.dll
O4 - HKLM\..\Run: [LaunchApp] LaunApp
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Progra~1\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Progra~1\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Progra~1\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Progra~1\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Progra~1\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [AcerNotebookManager] C:\Programme\Acer\Notebook Manager\almxptray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Programme\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [PowerDVD] D:\Programme\CyberLink\PowerDVD\PowerDVD.exe /autostart
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [eDonkey2000] C:\Programme\eDonkey2000\eDonkey2000.exe -t
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s
O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [WlanMonitor] C:\Program Files\USB Wireless LAN\WlanMonitor.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [InCD] C:\Programme\ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [eBayToolbar] D:\Programme\Musikzip\eBayTBDaemon.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ChkMail] ˜>‹
O4 - HKCU\..\Run: [Spyware Doctor] C:\PROGRA~1\SPYWAR~1\swdoctor.exe /Q
O4 - HKCU\..\Run: [a-squared] "C:\Programme\a2\a2guard.exe"
O8 - Extra context menu item: &eBay Search - res://D:\Programme\Musikzip\eBayTb.dll/RCSearch.html
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe (file missing)
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsup ... SupCtl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0118a978dbb ... 601_de.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsup ... mAData.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Programme\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Programme\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
- pugs
- Beiträge: 64
- Registriert: 08.10.2005, 21:30
- Wohnort: leverkusen
von automatix am 08.10.2005, 23:47
Da sind einige Schädlinge drauf.
Als nächstes bitte mit diesen Programmen scannen und die Logs posten:
AdAware
http://virus-protect.net/adaware.html
Spybot
http://virus-protect.net/antispytools.html
Als nächstes bitte mit diesen Programmen scannen und die Logs posten:
AdAware
http://virus-protect.net/adaware.html
Spybot
http://virus-protect.net/antispytools.html
- automatix
- Administrator
- Beiträge: 14440
- Registriert: 12.09.2004, 13:58
- Wohnort: 95138 Bad Steben
von pugs am 09.10.2005, 00:23
Ad-Aware SE Build 1.06r1
Logfile Created on:Samstag, 8. Oktober 2005 23:58:02
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R69 05.10.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Claria(TAC index:7):15 total references
EffectiveBrandToolbar(TAC index:7):2 total references
IBIS Toolbar(TAC index:5):16 total references
MegaSearch Toolbar(TAC index:4):1 total references
Tracking Cookie(TAC index:3):68 total references
WebHancer(TAC index:9):7 total references
WhenU(TAC index:3):2 total references
WhenU.SaveNow(TAC index:10):1 total references
Win32.Trojan.SARS(TAC index:10):2 total references
WinFixer(TAC index:3):17 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
08.10.2005 23:58:02 - Scan started. (Full System Scan)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 436
ThreadCreationTime : 08.10.2005 17:17:23
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 492
ThreadCreationTime : 08.10.2005 17:17:25
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 516
ThreadCreationTime : 08.10.2005 17:17:26
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 560
ThreadCreationTime : 08.10.2005 17:17:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Anwendung für Dienste und Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 572
ThreadCreationTime : 08.10.2005 17:17:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 792
ThreadCreationTime : 08.10.2005 17:17:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 840
ThreadCreationTime : 08.10.2005 17:17:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 904
ThreadCreationTime : 08.10.2005 17:17:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 952
ThreadCreationTime : 08.10.2005 17:17:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1060
ThreadCreationTime : 08.10.2005 17:17:29
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1272
ThreadCreationTime : 08.10.2005 17:17:30
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [ccevtmgr.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 1308
ThreadCreationTime : 08.10.2005 17:17:30
BasePriority : Normal
FileVersion : 1.03.4
ProductVersion : 1.03.4
ProductName : Event Manager
CompanyName : Symantec Corporation
FileDescription : Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:13 [cdac11ba.exe]
FilePath : C:\WINDOWS\system32\drivers\
ProcessID : 1688
ThreadCreationTime : 08.10.2005 17:17:37
BasePriority : Normal
FileVersion : 4.20.0
ProductVersion : 4.20.0 Windows NT 2002/07/15
ProductName : SafeCast Windows NT
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
LegalCopyright : Copyright (c) 1998-2002 Macrovision Corp.
OriginalFilename : CDANTSRV.EXE
Comments : StringFileInfo: U.S. English
#:14 [navapsvc.exe]
FilePath : C:\Programme\Norton AntiVirus\
ProcessID : 1740
ThreadCreationTime : 08.10.2005 17:17:37
BasePriority : Normal
FileVersion : 9.05.1015
ProductVersion : 9.05.1015
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:15 [nprotect.exe]
FilePath : C:\Programme\Norton AntiVirus\AdvTools\
ProcessID : 1760
ThreadCreationTime : 08.10.2005 17:17:37
BasePriority : Normal
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
ProductName : Norton Utilities
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
LegalCopyright : Copyright (C) 2003 Symantec Corporation
LegalTrademarks : Norton Utilities
OriginalFilename : NPROTECT.EXE
#:16 [skeys.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1960
ThreadCreationTime : 08.10.2005 17:17:40
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Microsoft® Serial Keys Utility
InternalName : skeys.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : skeys.exe
#:17 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2012
ThreadCreationTime : 08.10.2005 17:17:41
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:18 [symwsc.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\
ProcessID : 172
ThreadCreationTime : 08.10.2005 17:17:41
BasePriority : Normal
FileVersion : 2005.1.2.20
ProductVersion : 2005.1
ProductName : Norton Security Center
CompanyName : Symantec Corporation
FileDescription : Norton Security Center Service
InternalName : SymWSC.exe
LegalCopyright : Copyright (c) 1997-2004 Symantec Corporation
OriginalFilename : SymWSC.exe
#:19 [igfxtray.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 672
ThreadCreationTime : 08.10.2005 17:17:52
BasePriority : Normal
FileVersion : 3.0.0.3943
ProductVersion : 7.0.0.3943
ProductName : Intel(R) Common User Interface
CompanyName : Intel Corporation
FileDescription : igfxTray Module
InternalName : IGFXTRAY
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : IGFXTRAY.EXE
#:20 [hkcmd.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1428
ThreadCreationTime : 08.10.2005 17:17:52
BasePriority : Normal
FileVersion : 3.0.0.3943
ProductVersion : 7.0.0.3943
ProductName : Intel(R) Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : HKCMD.EXE
#:21 [syntplpr.exe]
FilePath : C:\Programme\Synaptics\SynTP\
ProcessID : 1700
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 7.5.5 24Apr03
ProductVersion : 7.5.5 24Apr03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2003
OriginalFilename : SynTPLpr.exe
#:22 [syntpenh.exe]
FilePath : C:\Programme\Synaptics\SynTP\
ProcessID : 1752
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 7.5.5 24Apr03
ProductVersion : 7.5.5 24Apr03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2003
OriginalFilename : SynTPEnh.exe
#:23 [launchap.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1816
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 1, 0, 0, 3
ProductVersion : 1, 0, 0, 3
ProductName : LaunchAp Application
FileDescription : LaunchAp MFC Application
InternalName : LaunchAp
LegalCopyright : Copyright (C) 2001
OriginalFilename : LaunchAp.EXE
#:24 [powerkey.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1828
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 1, 4, 4, 0
ProductVersion : 1, 4, 4, 0
FileDescription : Powerkey
InternalName : Powerkey
LegalCopyright : Copyright © 2001
OriginalFilename : Powerkey.exe
#:25 [hotkeyapp.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1856
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 1, 0, 4, 7
ProductVersion : 1, 0, 4, 7
ProductName : Wistron HotkeyApp
CompanyName : Wistron
FileDescription : HotkeyApp
InternalName : HotkeyApp
LegalCopyright : Copyright c 2002
OriginalFilename : HotkeyApp.exe
#:26 [ctrlvol.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1872
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : Wistron ctrlvol
CompanyName : Wistron
FileDescription : ctrlvol
InternalName : ctrlvol
LegalCopyright : Copyright c 2003
OriginalFilename : ctrlvol.exe
#:27 [wbutton.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1880
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 1, 0, 2, 4
ProductVersion : 1, 0, 2, 4
ProductName : WButton Application
FileDescription : WButton MFC Application
InternalName : WButton
LegalCopyright : Copyright (C) 2001
OriginalFilename : WButton.EXE
#:28 [almxptray.exe]
FilePath : C:\Programme\Acer\Notebook Manager\
ProcessID : 1952
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 2.0.10.3
ProductVersion : 2.0.10
CompanyName : Acer
#:29 [agrsmmsg.exe]
FilePath : C:\WINDOWS\
ProcessID : 2000
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 2.1.25 2.1.25 02/14/2003 11:58:58
ProductVersion : 2.1.25 2.1.25 02/14/2003 11:58:58
ProductName : Agere SoftModem Messaging Applet
CompanyName : Agere Systems
FileDescription : SoftModem Messaging Applet
InternalName : smdmstat.exe
LegalCopyright : Copyright © Agere Systems 1998-2000
OriginalFilename : smdmstat.exe
#:30 [ltmoh.exe]
FilePath : C:\Programme\ltmoh\
ProcessID : 200
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 1.68
ProductVersion : 1.68
ProductName : LtMoh Application
CompanyName : Agere Systems
FileDescription : LtMoh MFC Application
InternalName : LtMoh
LegalCopyright : Agere Copyright © 2001-2002
LegalTrademarks : LT
OriginalFilename : LtMoh.EXE
#:31 [powerdvd.exe]
FilePath : D:\Programme\CyberLink\PowerDVD\
ProcessID : 424
ThreadCreationTime : 08.10.2005 17:17:57
BasePriority : Normal
FileVersion : 4.0.1015
ProductVersion : 4.0.1015
ProductName : PowerDVD
CompanyName : CyberLink Corp.
FileDescription : PowerDVD
InternalName : PoweDVD
LegalCopyright : Copyright (c) CyberLink Corp. 2001
LegalTrademarks : PowerDVD
#:32 [ccapp.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 576
ThreadCreationTime : 08.10.2005 17:17:57
BasePriority : Normal
FileVersion : 1.0.10.006
ProductVersion : 1.0.10.006
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client CC App
InternalName : ccApp
LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:33 [edonkey2000.exe]
FilePath : C:\Programme\eDonkey2000\
ProcessID : 1020
ThreadCreationTime : 08.10.2005 17:17:58
BasePriority : Normal
#:34 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1440
ThreadCreationTime : 08.10.2005 17:17:58
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Eine DLL-Datei als Anwendung ausführen
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : RUNDLL.EXE
#:35 [realsched.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Real\Update_OB\
ProcessID : 996
ThreadCreationTime : 08.10.2005 17:17:59
BasePriority : Normal
FileVersion : 0.1.0.3249
ProductVersion : 0.1.0.3249
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:36 [qttask.exe]
FilePath : C:\Programme\QuickTime\
ProcessID : 280
ThreadCreationTime : 08.10.2005 17:18:00
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:37 [incd.exe]
FilePath : C:\Programme\ahead\InCD\
ProcessID : 1564
ThreadCreationTime : 08.10.2005 17:18:00
BasePriority : Normal
FileVersion : 3.27.2
ProductVersion : 3.27.2
ProductName : InCD
CompanyName : Copyright (C) ahead software gmbh and its licensors
FileDescription : InCD CD-RW UDF Tools
InternalName : InCD
LegalCopyright : Copyright (C) ahead software gmbh and its licensors
OriginalFilename : InCD.EXE
Comments : CD-RW UDF Tools
#:38 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1456
ThreadCreationTime : 08.10.2005 17:18:00
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:39 [swdoctor.exe]
FilePath : C:\PROGRA~1\SPYWAR~1\
ProcessID : 1584
ThreadCreationTime : 08.10.2005 17:18:01
BasePriority : Normal
FileVersion : 3.2.1.359
ProductVersion : 3.1
ProductName : Spyware Doctor
CompanyName : PCTools
FileDescription : Spyware Doctor
InternalName : Spyware Doctor
LegalCopyright : Copyright (c) 2004. Distributed by PC Tools Pty Ltd
OriginalFilename : swdr.exe
#:40 [a2guard.exe]
FilePath : C:\Programme\a2\
ProcessID : 1432
ThreadCreationTime : 08.10.2005 17:18:01
BasePriority : Normal
#:41 [ipodservice.exe]
FilePath : C:\Programme\iPod\bin\
ProcessID : 2128
ThreadCreationTime : 08.10.2005 17:18:04
BasePriority : Normal
FileVersion : 4.9.0.17
ProductVersion : 4.9.0.17
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2005 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe
#:42 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2240
ThreadCreationTime : 08.10.2005 17:18:06
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:43 [realplay.exe]
FilePath : C:\Programme\Real\RealPlayer\
ProcessID : 3456
ThreadCreationTime : 08.10.2005 17:42:56
BasePriority : Idle
FileVersion : 6.0.12.1059
ProductVersion : 6.0.12.1059
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealPlayer
InternalName : REALPLAY
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : REALPLAY.EXE
#:44 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 3064
ThreadCreationTime : 08.10.2005 17:48:21
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : EXPLORER.EXE
#:45 [ebaytbdaemon.exe]
FilePath : D:\Programme\Musikzip\
ProcessID : 3872
ThreadCreationTime : 08.10.2005 18:09:02
BasePriority : Normal
FileVersion : 2, 1, 0, 0
ProductVersion : 2, 1, 0, 0
ProductName : eBay Toolbar Daemon
CompanyName : eBay
FileDescription : eBay Toolbar Daemon
InternalName : eBayTBDa
LegalCopyright : Copyright (C) eBay Inc. 2005
OriginalFilename : eBayTBDa.exe
#:46 [iexplore.exe]
FilePath : C:\Programme\Internet Explorer\
ProcessID : 2668
ThreadCreationTime : 08.10.2005 20:20:25
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : IEXPLORE.EXE
#:47 [hijackthis.exe]
FilePath : C:\DOKUME~1\schnuppe\LOKALE~1\Temp\Temporäres Verzeichnis 3 für hijackthis.zip\
ProcessID : 2480
ThreadCreationTime : 08.10.2005 21:26:01
BasePriority : Normal
FileVersion : 1.99.0001
ProductVersion : 1.99.0001
ProductName : HijackThis
CompanyName : Soeperman Enterprises Ltd.
FileDescription : HijackThis
InternalName : HijackThis
LegalCopyright : Freeware
OriginalFilename : HijackThis.exe
Comments : Version history is in Help section
#:48 [ad-aware.exe]
FilePath : C:\PROGRA~1\LAVASOFT\AD-AWA~1\
ProcessID : 1580
ThreadCreationTime : 08.10.2005 21:57:11
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
#:49 [hh.exe]
FilePath : C:\WINDOWS\
ProcessID : 3772
ThreadCreationTime : 08.10.2005 21:57:12
BasePriority : Normal
FileVersion : 5.2.3790.2453 (srv03_sp1_gdr.050525-1542)
ProductVersion : 5.2.3790.2453
ProductName : HTML Help
CompanyName : Microsoft Corporation
FileDescription : Microsoft® HTML Help Executable
InternalName : HH 1.41
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : HH.exe
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Claria Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : uets
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GMG
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GMI128
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GMI
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : LastInstall
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : PAK
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GMI64
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : SSeq
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : SEvt
IBIS Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{6e21f428-5617-47f7-aed8-b2e1d8fba711}
IBIS Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{708be496-e202-497b-bc31-9cf47e3bf8d6}
IBIS Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{8b0fa130-0c3d-4cb1-aeb7-2c29da5509a3}
WebHancer Object Recognized!
Type : Regkey
Data :
TAC Rating : 9
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{c89435b0-cdfe-11d3-976a-00e02913a9e0}
WebHancer Object Recognized!
Type : Regkey
Data :
TAC Rating : 9
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{c8cb3870-cdfe-11d3-976a-00e02913a9e0}
WhenU Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wusn.1
WinFixer Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{8c65aef6-e413-4314-815b-82717a3f1603}
WinFixer Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\checkproduct2.dll
WinFixer Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{c427b3e3-28dc-4001-9590-d99b6776119b}
WinFixer Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{c427b3e3-28dc-4001-9590-d99b6776119b}
Value : AppID
WinFixer Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{4f79d1c5-24f9-4e59-8022-604d4b41d5ca}
WinFixer Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{30ed49a5-ca6c-4918-b5f3-5e6818c91d8b}
Win32.Trojan.SARS Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Keylogger
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3781621227-2062909200-2316195234-1005\software\sars
Claria Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\gator.com
EffectiveBrandToolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\effective-i
WebHancer Object Recognized!
Type : Regkey
Data :
TAC Rating : 9
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\webhancer
WebHancer Object Recognized!
Type : RegValue
Data :
TAC Rating : 9
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\webhancer
Value : BaseDir
IBIS Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment : "{8952A998-1E7E-4716-B23D-3DBE03910972}"
Rootkey : HKEY_USERS
Object : S-1-5-21-3781621227-2062909200-2316195234-1005\software\microsoft\internet explorer\urlsearchhooks
Value : {8952A998-1E7E-4716-B23D-3DBE03910972}
WebHancer Object Recognized!
Type : RegValue
Data :
TAC Rating : 9
Category : Data Miner
Comment : "webHancer Agent"
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\run
Value : webHancer Agent
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 29
Objects found so far: 29
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 29
EffectiveBrandToolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3781621227-2062909200-2316195234-1005\software\microsoft\internet explorer\toolbar\Webbrowser
Value : {44be0690-5429-47f0-85bb-3ffd8020233e}
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@partners.webmasterplan[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:schnuppe@partners.webmasterplan.com/
Expires : 05.10.2015
LastSync : Hits:9
UseCount : 0
Hits : 9
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@as1.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:29
Value : Cookie:schnuppe@as1.falkag.de/
Expires : 07.11.2005 22:39:30
LastSync : Hits:29
UseCount : 0
Hits : 29
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@adserver.71i[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@adserver.71i.de/
Expires : 30.12.2037 18:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:schnuppe@doubleclick.net/
Expires : 07.10.2008 21:20:58
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@fortunecity[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@fortunecity.com/
Expires : 01.01.2011 02:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@perf.overture[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@perf.overture.com/
Expires : 13.09.2009 11:05:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@servedby.netshelter[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@servedby.netshelter.net/
Expires : 10.10.2005 22:05:10
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@advertising.com/
Expires : 07.10.2010 22:21:42
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@0[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:schnuppe@jedonkey.cjt1.net/HTM/307/0
Expires : 07.10.2006 19:22:32
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@kelkoo[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@kelkoo.de/
Expires : 07.09.2007 22:17:36
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@ehg-cablestogo.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:schnuppe@ehg-cablestogo.hitbox.com/
Expires : 12.09.2006 11:32:12
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@ads.pointroll[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:schnuppe@ads.pointroll.com/
Expires : 01.01.2010 02:00:00
LastSync : Hits:10
UseCount : 0
Hits : 10
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@trafficmp[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:12
Value : Cookie:schnuppe@trafficmp.com/
Expires : 08.10.2006 23:57:44
LastSync : Hits:12
UseCount : 0
Hits : 12
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@247realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@247realmedia.com/
Expires : 01.01.2021 02:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@statcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:schnuppe@statcounter.com/
Expires : 07.10.2010 22:30:58
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@statse.webtrendslive[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:schnuppe@statse.webtrendslive.com/
Expires : 06.09.2015 14:53:52
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@mediaplex.com/
Expires : 22.06.2009 02:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@questionmarket[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@questionmarket.com/
Expires : 30.10.2006 07:21:14
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@tripod[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@tripod.com/
Expires : 26.09.2006 15:04:28
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@findwhat[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:schnuppe@findwhat.com/
Expires : 01.01.2020 02:00:02
LastSync : Hits:10
UseCount : 0
Hits : 10
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@cgi-bin[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@www2.addfreestats.com/cgi-bin
Expires : 28.02.2015 02:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@cgi-bin[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@offshore-pharma.com/ccp5/cgi-bin
Expires : 14.09.2006 21:14:42
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@list[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@list.ru/
Expires : 30.12.2005 14:59:56
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@adtech.de/
Expires : 01.10.2015 22:26:26
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@tradedoubler[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@tradedoubler.com/
Expires : 03.10.2025 01:13:18
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@server.iad.liveperson[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:schnuppe@server.iad.liveperson.net/
Expires : 19.08.2006 13:48:40
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@bfast[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:schnuppe@bfast.com/
Expires : 06.10.2025 21:47:34
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@hg1.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@hg1.hitbox.com/
Expires : 16.09.2006 18:02:42
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@cgi-bin[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@imrworldwide.com/cgi-bin
Expires : 04.10.2015 15:41:24
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@tribalfusion[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@tribalfusion.com/
Expires : 01.01.2038 02:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@ehg-idg.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@ehg-idg.hitbox.com/
Expires : 08.10.2006 21:15:20
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@servedby.advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@servedby.advertising.com/
Expires : 07.11.2005 22:21:42
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:schnuppe@hitbox.com/
Expires : 08.10.2006 21:15:20
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@cgi-bin[4].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:24
Value : Cookie:schnuppe@posterxxl.com/cgi-bin/
Expires : 24.08.2015 15:24:52
LastSync : Hits:24
UseCount : 0
Hits : 24
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:schnuppe@realmedia.com/
Expires : 01.01.2021 02:00:00
LastSync : Hits:9
UseCount : 0
Hits : 9
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:13
Value : Cookie:schnuppe@serving-sys.com/
Expires : 01.01.2038
LastSync : Hits:13
UseCount : 0
Hits : 13
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@apmebf[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:schnuppe@apmebf.com/
Expires : 12.09.2010 13:36:34
LastSync : Hits:8
UseCount : 0
Hits : 8
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@adserver.swissad[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@adserver.swissad.net/
Expires : 26.08.2005 03:50:56
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@maxserving[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@maxserving.com/
Expires : 19.08.2015 16:09:44
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@casalemedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:schnuppe@casalemedia.com/
Expires : 29.09.2006 12:02:38
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@centrport[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@centrport.net/
Expires : 01.01.2030 02:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@ehg-svt.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@ehg-svt.hitbox.com/
Expires : 03.10.2006 17:13:40
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@targetnet[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:42
Value : Cookie:schnuppe@targetnet.com/
Expires : 18.05.2033 05:33:20
LastSync : Hits:42
UseCount : 0
Hits : 42
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@ehg-dig.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:schnuppe@ehg-dig.hitbox.com/
Expires : 27.08.2006 14:25:40
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@2o7[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@2o7.net/
Expires : 06.10.2010 22:49:20
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@bluestreak[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@bluestreak.com/
Expires : 21.09.2015 16:12:48
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@adrevolver[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@media.adrevolver.com/adrevolver/
Expires : 16.05.2008 00:12:38
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@0[3].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@j.2004cms.com/HTM/307/0
Expires : 15.09.2006 16:11:42
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@www.counter-gratis[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@www.counter-gratis.com/
Expires : 14.08.2005 23:28:16
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@atdmt[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@atdmt.com/
Expires : 07.10.2010 02:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@estat[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@estat.com/
Expires : 16.09.2015 02:17:26
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@fastclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@fastclick.net/
Expires : 28.09.2007 21:08:56
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@counter.hitslink[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:20
Value : Cookie:schnuppe@counter.hitslink.com/
Expires : 18.01.2038 07:00:00
LastSync : Hits:20
UseCount : 0
Hits : 20
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@cgi-bin[3].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@www.posterxxl.com/cgi-bin/
Expires : 25.09.2005 16:04:26
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@count.xhit[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:22
Value : Cookie:schnuppe@count.xhit.com/
Expires : 02.08.2006 23:39:36
LastSync : Hits:22
UseCount : 0
Hits : 22
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@sel.as-eu.falkag[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:schnuppe@sel.as-eu.falkag.net/
Expires : 06.11.2005 18:42:44
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@ehg-yvesrocher.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:schnuppe@ehg-yvesrocher.hitbox.com/
Expires : 25.09.2006 20:58:46
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@as-eu.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:73
Value : Cookie:schnuppe@as-eu.falkag.net/
Expires : 06.10.2006 16:10:48
LastSync : Hits:73
UseCount : 0
Hits : 73
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 58
Objects found so far: 88
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@as1.falkag[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\schnuppe\Lokale Einstellungen\Temp\Cookies\schnuppe@as1.falkag[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@real[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\schnuppe\Lokale Einstellungen\Temp\Cookies\schnuppe@real[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@tribalfusion[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\schnuppe\Lokale Einstellungen\Temp\Cookies\schnuppe@tribalfusion[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@fastclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\schnuppe\Lokale Einstellungen\Temp\Cookies\schnuppe@fastclick[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\schnuppe\Lokale Einstellungen\Temp\Cookies\schnuppe@doubleclick[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@tradedoubler[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\schnuppe\Lokale Einstellungen\Temp\Cookies\schnuppe@tradedoubler[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@servedby.advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\schnuppe\Lokale Einstellungen\Temp\Cookies\schnuppe@servedby.advertising[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@casalemedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\schnuppe\Lokale Einstellungen\Temp\Cookies\schnuppe@casalemedia[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@servedby.advertising[1].txt
TAC Rating : 3
Category : Data Miner
Comme
Logfile Created on:Samstag, 8. Oktober 2005 23:58:02
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R69 05.10.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Claria(TAC index:7):15 total references
EffectiveBrandToolbar(TAC index:7):2 total references
IBIS Toolbar(TAC index:5):16 total references
MegaSearch Toolbar(TAC index:4):1 total references
Tracking Cookie(TAC index:3):68 total references
WebHancer(TAC index:9):7 total references
WhenU(TAC index:3):2 total references
WhenU.SaveNow(TAC index:10):1 total references
Win32.Trojan.SARS(TAC index:10):2 total references
WinFixer(TAC index:3):17 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
08.10.2005 23:58:02 - Scan started. (Full System Scan)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 436
ThreadCreationTime : 08.10.2005 17:17:23
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 492
ThreadCreationTime : 08.10.2005 17:17:25
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 516
ThreadCreationTime : 08.10.2005 17:17:26
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 560
ThreadCreationTime : 08.10.2005 17:17:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Anwendung für Dienste und Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 572
ThreadCreationTime : 08.10.2005 17:17:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 792
ThreadCreationTime : 08.10.2005 17:17:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 840
ThreadCreationTime : 08.10.2005 17:17:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 904
ThreadCreationTime : 08.10.2005 17:17:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 952
ThreadCreationTime : 08.10.2005 17:17:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1060
ThreadCreationTime : 08.10.2005 17:17:29
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1272
ThreadCreationTime : 08.10.2005 17:17:30
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [ccevtmgr.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 1308
ThreadCreationTime : 08.10.2005 17:17:30
BasePriority : Normal
FileVersion : 1.03.4
ProductVersion : 1.03.4
ProductName : Event Manager
CompanyName : Symantec Corporation
FileDescription : Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:13 [cdac11ba.exe]
FilePath : C:\WINDOWS\system32\drivers\
ProcessID : 1688
ThreadCreationTime : 08.10.2005 17:17:37
BasePriority : Normal
FileVersion : 4.20.0
ProductVersion : 4.20.0 Windows NT 2002/07/15
ProductName : SafeCast Windows NT
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
LegalCopyright : Copyright (c) 1998-2002 Macrovision Corp.
OriginalFilename : CDANTSRV.EXE
Comments : StringFileInfo: U.S. English
#:14 [navapsvc.exe]
FilePath : C:\Programme\Norton AntiVirus\
ProcessID : 1740
ThreadCreationTime : 08.10.2005 17:17:37
BasePriority : Normal
FileVersion : 9.05.1015
ProductVersion : 9.05.1015
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:15 [nprotect.exe]
FilePath : C:\Programme\Norton AntiVirus\AdvTools\
ProcessID : 1760
ThreadCreationTime : 08.10.2005 17:17:37
BasePriority : Normal
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
ProductName : Norton Utilities
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
LegalCopyright : Copyright (C) 2003 Symantec Corporation
LegalTrademarks : Norton Utilities
OriginalFilename : NPROTECT.EXE
#:16 [skeys.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1960
ThreadCreationTime : 08.10.2005 17:17:40
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Microsoft® Serial Keys Utility
InternalName : skeys.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : skeys.exe
#:17 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2012
ThreadCreationTime : 08.10.2005 17:17:41
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:18 [symwsc.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\
ProcessID : 172
ThreadCreationTime : 08.10.2005 17:17:41
BasePriority : Normal
FileVersion : 2005.1.2.20
ProductVersion : 2005.1
ProductName : Norton Security Center
CompanyName : Symantec Corporation
FileDescription : Norton Security Center Service
InternalName : SymWSC.exe
LegalCopyright : Copyright (c) 1997-2004 Symantec Corporation
OriginalFilename : SymWSC.exe
#:19 [igfxtray.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 672
ThreadCreationTime : 08.10.2005 17:17:52
BasePriority : Normal
FileVersion : 3.0.0.3943
ProductVersion : 7.0.0.3943
ProductName : Intel(R) Common User Interface
CompanyName : Intel Corporation
FileDescription : igfxTray Module
InternalName : IGFXTRAY
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : IGFXTRAY.EXE
#:20 [hkcmd.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1428
ThreadCreationTime : 08.10.2005 17:17:52
BasePriority : Normal
FileVersion : 3.0.0.3943
ProductVersion : 7.0.0.3943
ProductName : Intel(R) Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : HKCMD.EXE
#:21 [syntplpr.exe]
FilePath : C:\Programme\Synaptics\SynTP\
ProcessID : 1700
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 7.5.5 24Apr03
ProductVersion : 7.5.5 24Apr03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2003
OriginalFilename : SynTPLpr.exe
#:22 [syntpenh.exe]
FilePath : C:\Programme\Synaptics\SynTP\
ProcessID : 1752
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 7.5.5 24Apr03
ProductVersion : 7.5.5 24Apr03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2003
OriginalFilename : SynTPEnh.exe
#:23 [launchap.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1816
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 1, 0, 0, 3
ProductVersion : 1, 0, 0, 3
ProductName : LaunchAp Application
FileDescription : LaunchAp MFC Application
InternalName : LaunchAp
LegalCopyright : Copyright (C) 2001
OriginalFilename : LaunchAp.EXE
#:24 [powerkey.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1828
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 1, 4, 4, 0
ProductVersion : 1, 4, 4, 0
FileDescription : Powerkey
InternalName : Powerkey
LegalCopyright : Copyright © 2001
OriginalFilename : Powerkey.exe
#:25 [hotkeyapp.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1856
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 1, 0, 4, 7
ProductVersion : 1, 0, 4, 7
ProductName : Wistron HotkeyApp
CompanyName : Wistron
FileDescription : HotkeyApp
InternalName : HotkeyApp
LegalCopyright : Copyright c 2002
OriginalFilename : HotkeyApp.exe
#:26 [ctrlvol.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1872
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : Wistron ctrlvol
CompanyName : Wistron
FileDescription : ctrlvol
InternalName : ctrlvol
LegalCopyright : Copyright c 2003
OriginalFilename : ctrlvol.exe
#:27 [wbutton.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1880
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 1, 0, 2, 4
ProductVersion : 1, 0, 2, 4
ProductName : WButton Application
FileDescription : WButton MFC Application
InternalName : WButton
LegalCopyright : Copyright (C) 2001
OriginalFilename : WButton.EXE
#:28 [almxptray.exe]
FilePath : C:\Programme\Acer\Notebook Manager\
ProcessID : 1952
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 2.0.10.3
ProductVersion : 2.0.10
CompanyName : Acer
#:29 [agrsmmsg.exe]
FilePath : C:\WINDOWS\
ProcessID : 2000
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 2.1.25 2.1.25 02/14/2003 11:58:58
ProductVersion : 2.1.25 2.1.25 02/14/2003 11:58:58
ProductName : Agere SoftModem Messaging Applet
CompanyName : Agere Systems
FileDescription : SoftModem Messaging Applet
InternalName : smdmstat.exe
LegalCopyright : Copyright © Agere Systems 1998-2000
OriginalFilename : smdmstat.exe
#:30 [ltmoh.exe]
FilePath : C:\Programme\ltmoh\
ProcessID : 200
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 1.68
ProductVersion : 1.68
ProductName : LtMoh Application
CompanyName : Agere Systems
FileDescription : LtMoh MFC Application
InternalName : LtMoh
LegalCopyright : Agere Copyright © 2001-2002
LegalTrademarks : LT
OriginalFilename : LtMoh.EXE
#:31 [powerdvd.exe]
FilePath : D:\Programme\CyberLink\PowerDVD\
ProcessID : 424
ThreadCreationTime : 08.10.2005 17:17:57
BasePriority : Normal
FileVersion : 4.0.1015
ProductVersion : 4.0.1015
ProductName : PowerDVD
CompanyName : CyberLink Corp.
FileDescription : PowerDVD
InternalName : PoweDVD
LegalCopyright : Copyright (c) CyberLink Corp. 2001
LegalTrademarks : PowerDVD
#:32 [ccapp.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 576
ThreadCreationTime : 08.10.2005 17:17:57
BasePriority : Normal
FileVersion : 1.0.10.006
ProductVersion : 1.0.10.006
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client CC App
InternalName : ccApp
LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:33 [edonkey2000.exe]
FilePath : C:\Programme\eDonkey2000\
ProcessID : 1020
ThreadCreationTime : 08.10.2005 17:17:58
BasePriority : Normal
#:34 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1440
ThreadCreationTime : 08.10.2005 17:17:58
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Eine DLL-Datei als Anwendung ausführen
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : RUNDLL.EXE
#:35 [realsched.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Real\Update_OB\
ProcessID : 996
ThreadCreationTime : 08.10.2005 17:17:59
BasePriority : Normal
FileVersion : 0.1.0.3249
ProductVersion : 0.1.0.3249
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:36 [qttask.exe]
FilePath : C:\Programme\QuickTime\
ProcessID : 280
ThreadCreationTime : 08.10.2005 17:18:00
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:37 [incd.exe]
FilePath : C:\Programme\ahead\InCD\
ProcessID : 1564
ThreadCreationTime : 08.10.2005 17:18:00
BasePriority : Normal
FileVersion : 3.27.2
ProductVersion : 3.27.2
ProductName : InCD
CompanyName : Copyright (C) ahead software gmbh and its licensors
FileDescription : InCD CD-RW UDF Tools
InternalName : InCD
LegalCopyright : Copyright (C) ahead software gmbh and its licensors
OriginalFilename : InCD.EXE
Comments : CD-RW UDF Tools
#:38 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1456
ThreadCreationTime : 08.10.2005 17:18:00
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:39 [swdoctor.exe]
FilePath : C:\PROGRA~1\SPYWAR~1\
ProcessID : 1584
ThreadCreationTime : 08.10.2005 17:18:01
BasePriority : Normal
FileVersion : 3.2.1.359
ProductVersion : 3.1
ProductName : Spyware Doctor
CompanyName : PCTools
FileDescription : Spyware Doctor
InternalName : Spyware Doctor
LegalCopyright : Copyright (c) 2004. Distributed by PC Tools Pty Ltd
OriginalFilename : swdr.exe
#:40 [a2guard.exe]
FilePath : C:\Programme\a2\
ProcessID : 1432
ThreadCreationTime : 08.10.2005 17:18:01
BasePriority : Normal
#:41 [ipodservice.exe]
FilePath : C:\Programme\iPod\bin\
ProcessID : 2128
ThreadCreationTime : 08.10.2005 17:18:04
BasePriority : Normal
FileVersion : 4.9.0.17
ProductVersion : 4.9.0.17
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2005 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe
#:42 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2240
ThreadCreationTime : 08.10.2005 17:18:06
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:43 [realplay.exe]
FilePath : C:\Programme\Real\RealPlayer\
ProcessID : 3456
ThreadCreationTime : 08.10.2005 17:42:56
BasePriority : Idle
FileVersion : 6.0.12.1059
ProductVersion : 6.0.12.1059
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealPlayer
InternalName : REALPLAY
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : REALPLAY.EXE
#:44 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 3064
ThreadCreationTime : 08.10.2005 17:48:21
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : EXPLORER.EXE
#:45 [ebaytbdaemon.exe]
FilePath : D:\Programme\Musikzip\
ProcessID : 3872
ThreadCreationTime : 08.10.2005 18:09:02
BasePriority : Normal
FileVersion : 2, 1, 0, 0
ProductVersion : 2, 1, 0, 0
ProductName : eBay Toolbar Daemon
CompanyName : eBay
FileDescription : eBay Toolbar Daemon
InternalName : eBayTBDa
LegalCopyright : Copyright (C) eBay Inc. 2005
OriginalFilename : eBayTBDa.exe
#:46 [iexplore.exe]
FilePath : C:\Programme\Internet Explorer\
ProcessID : 2668
ThreadCreationTime : 08.10.2005 20:20:25
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : IEXPLORE.EXE
#:47 [hijackthis.exe]
FilePath : C:\DOKUME~1\schnuppe\LOKALE~1\Temp\Temporäres Verzeichnis 3 für hijackthis.zip\
ProcessID : 2480
ThreadCreationTime : 08.10.2005 21:26:01
BasePriority : Normal
FileVersion : 1.99.0001
ProductVersion : 1.99.0001
ProductName : HijackThis
CompanyName : Soeperman Enterprises Ltd.
FileDescription : HijackThis
InternalName : HijackThis
LegalCopyright : Freeware
OriginalFilename : HijackThis.exe
Comments : Version history is in Help section
#:48 [ad-aware.exe]
FilePath : C:\PROGRA~1\LAVASOFT\AD-AWA~1\
ProcessID : 1580
ThreadCreationTime : 08.10.2005 21:57:11
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
#:49 [hh.exe]
FilePath : C:\WINDOWS\
ProcessID : 3772
ThreadCreationTime : 08.10.2005 21:57:12
BasePriority : Normal
FileVersion : 5.2.3790.2453 (srv03_sp1_gdr.050525-1542)
ProductVersion : 5.2.3790.2453
ProductName : HTML Help
CompanyName : Microsoft Corporation
FileDescription : Microsoft® HTML Help Executable
InternalName : HH 1.41
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : HH.exe
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Claria Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : uets
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GMG
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GMI128
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GMI
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : LastInstall
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : PAK
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GMI64
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : SSeq
Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : SEvt
IBIS Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{6e21f428-5617-47f7-aed8-b2e1d8fba711}
IBIS Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{708be496-e202-497b-bc31-9cf47e3bf8d6}
IBIS Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{8b0fa130-0c3d-4cb1-aeb7-2c29da5509a3}
WebHancer Object Recognized!
Type : Regkey
Data :
TAC Rating : 9
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{c89435b0-cdfe-11d3-976a-00e02913a9e0}
WebHancer Object Recognized!
Type : Regkey
Data :
TAC Rating : 9
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{c8cb3870-cdfe-11d3-976a-00e02913a9e0}
WhenU Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wusn.1
WinFixer Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{8c65aef6-e413-4314-815b-82717a3f1603}
WinFixer Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\checkproduct2.dll
WinFixer Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{c427b3e3-28dc-4001-9590-d99b6776119b}
WinFixer Object Recognized!
Type : RegValue
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{c427b3e3-28dc-4001-9590-d99b6776119b}
Value : AppID
WinFixer Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{4f79d1c5-24f9-4e59-8022-604d4b41d5ca}
WinFixer Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{30ed49a5-ca6c-4918-b5f3-5e6818c91d8b}
Win32.Trojan.SARS Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Keylogger
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3781621227-2062909200-2316195234-1005\software\sars
Claria Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\gator.com
EffectiveBrandToolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\effective-i
WebHancer Object Recognized!
Type : Regkey
Data :
TAC Rating : 9
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\webhancer
WebHancer Object Recognized!
Type : RegValue
Data :
TAC Rating : 9
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\webhancer
Value : BaseDir
IBIS Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment : "{8952A998-1E7E-4716-B23D-3DBE03910972}"
Rootkey : HKEY_USERS
Object : S-1-5-21-3781621227-2062909200-2316195234-1005\software\microsoft\internet explorer\urlsearchhooks
Value : {8952A998-1E7E-4716-B23D-3DBE03910972}
WebHancer Object Recognized!
Type : RegValue
Data :
TAC Rating : 9
Category : Data Miner
Comment : "webHancer Agent"
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\run
Value : webHancer Agent
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 29
Objects found so far: 29
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 29
EffectiveBrandToolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3781621227-2062909200-2316195234-1005\software\microsoft\internet explorer\toolbar\Webbrowser
Value : {44be0690-5429-47f0-85bb-3ffd8020233e}
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@partners.webmasterplan[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:schnuppe@partners.webmasterplan.com/
Expires : 05.10.2015
LastSync : Hits:9
UseCount : 0
Hits : 9
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@as1.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:29
Value : Cookie:schnuppe@as1.falkag.de/
Expires : 07.11.2005 22:39:30
LastSync : Hits:29
UseCount : 0
Hits : 29
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@adserver.71i[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@adserver.71i.de/
Expires : 30.12.2037 18:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:schnuppe@doubleclick.net/
Expires : 07.10.2008 21:20:58
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@fortunecity[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@fortunecity.com/
Expires : 01.01.2011 02:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@perf.overture[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@perf.overture.com/
Expires : 13.09.2009 11:05:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@servedby.netshelter[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@servedby.netshelter.net/
Expires : 10.10.2005 22:05:10
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@advertising.com/
Expires : 07.10.2010 22:21:42
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@0[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:schnuppe@jedonkey.cjt1.net/HTM/307/0
Expires : 07.10.2006 19:22:32
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@kelkoo[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@kelkoo.de/
Expires : 07.09.2007 22:17:36
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@ehg-cablestogo.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:schnuppe@ehg-cablestogo.hitbox.com/
Expires : 12.09.2006 11:32:12
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@ads.pointroll[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:schnuppe@ads.pointroll.com/
Expires : 01.01.2010 02:00:00
LastSync : Hits:10
UseCount : 0
Hits : 10
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@trafficmp[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:12
Value : Cookie:schnuppe@trafficmp.com/
Expires : 08.10.2006 23:57:44
LastSync : Hits:12
UseCount : 0
Hits : 12
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@247realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@247realmedia.com/
Expires : 01.01.2021 02:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@statcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:schnuppe@statcounter.com/
Expires : 07.10.2010 22:30:58
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@statse.webtrendslive[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:schnuppe@statse.webtrendslive.com/
Expires : 06.09.2015 14:53:52
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@mediaplex.com/
Expires : 22.06.2009 02:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@questionmarket[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@questionmarket.com/
Expires : 30.10.2006 07:21:14
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@tripod[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@tripod.com/
Expires : 26.09.2006 15:04:28
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@findwhat[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:schnuppe@findwhat.com/
Expires : 01.01.2020 02:00:02
LastSync : Hits:10
UseCount : 0
Hits : 10
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@cgi-bin[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@www2.addfreestats.com/cgi-bin
Expires : 28.02.2015 02:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@cgi-bin[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@offshore-pharma.com/ccp5/cgi-bin
Expires : 14.09.2006 21:14:42
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@list[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@list.ru/
Expires : 30.12.2005 14:59:56
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@adtech.de/
Expires : 01.10.2015 22:26:26
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@tradedoubler[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@tradedoubler.com/
Expires : 03.10.2025 01:13:18
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@server.iad.liveperson[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:schnuppe@server.iad.liveperson.net/
Expires : 19.08.2006 13:48:40
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@bfast[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:schnuppe@bfast.com/
Expires : 06.10.2025 21:47:34
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@hg1.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@hg1.hitbox.com/
Expires : 16.09.2006 18:02:42
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@cgi-bin[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@imrworldwide.com/cgi-bin
Expires : 04.10.2015 15:41:24
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@tribalfusion[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@tribalfusion.com/
Expires : 01.01.2038 02:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@ehg-idg.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@ehg-idg.hitbox.com/
Expires : 08.10.2006 21:15:20
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@servedby.advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@servedby.advertising.com/
Expires : 07.11.2005 22:21:42
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:schnuppe@hitbox.com/
Expires : 08.10.2006 21:15:20
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@cgi-bin[4].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:24
Value : Cookie:schnuppe@posterxxl.com/cgi-bin/
Expires : 24.08.2015 15:24:52
LastSync : Hits:24
UseCount : 0
Hits : 24
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:schnuppe@realmedia.com/
Expires : 01.01.2021 02:00:00
LastSync : Hits:9
UseCount : 0
Hits : 9
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:13
Value : Cookie:schnuppe@serving-sys.com/
Expires : 01.01.2038
LastSync : Hits:13
UseCount : 0
Hits : 13
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@apmebf[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:schnuppe@apmebf.com/
Expires : 12.09.2010 13:36:34
LastSync : Hits:8
UseCount : 0
Hits : 8
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@adserver.swissad[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@adserver.swissad.net/
Expires : 26.08.2005 03:50:56
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@maxserving[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@maxserving.com/
Expires : 19.08.2015 16:09:44
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@casalemedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:schnuppe@casalemedia.com/
Expires : 29.09.2006 12:02:38
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@centrport[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@centrport.net/
Expires : 01.01.2030 02:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@ehg-svt.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@ehg-svt.hitbox.com/
Expires : 03.10.2006 17:13:40
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@targetnet[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:42
Value : Cookie:schnuppe@targetnet.com/
Expires : 18.05.2033 05:33:20
LastSync : Hits:42
UseCount : 0
Hits : 42
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@ehg-dig.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:schnuppe@ehg-dig.hitbox.com/
Expires : 27.08.2006 14:25:40
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@2o7[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@2o7.net/
Expires : 06.10.2010 22:49:20
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@bluestreak[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@bluestreak.com/
Expires : 21.09.2015 16:12:48
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@adrevolver[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@media.adrevolver.com/adrevolver/
Expires : 16.05.2008 00:12:38
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@0[3].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@j.2004cms.com/HTM/307/0
Expires : 15.09.2006 16:11:42
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@www.counter-gratis[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@www.counter-gratis.com/
Expires : 14.08.2005 23:28:16
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@atdmt[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@atdmt.com/
Expires : 07.10.2010 02:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@estat[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@estat.com/
Expires : 16.09.2015 02:17:26
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@fastclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:schnuppe@fastclick.net/
Expires : 28.09.2007 21:08:56
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@counter.hitslink[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:20
Value : Cookie:schnuppe@counter.hitslink.com/
Expires : 18.01.2038 07:00:00
LastSync : Hits:20
UseCount : 0
Hits : 20
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@cgi-bin[3].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:schnuppe@www.posterxxl.com/cgi-bin/
Expires : 25.09.2005 16:04:26
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@count.xhit[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:22
Value : Cookie:schnuppe@count.xhit.com/
Expires : 02.08.2006 23:39:36
LastSync : Hits:22
UseCount : 0
Hits : 22
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@sel.as-eu.falkag[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:schnuppe@sel.as-eu.falkag.net/
Expires : 06.11.2005 18:42:44
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@ehg-yvesrocher.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:schnuppe@ehg-yvesrocher.hitbox.com/
Expires : 25.09.2006 20:58:46
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@as-eu.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:73
Value : Cookie:schnuppe@as-eu.falkag.net/
Expires : 06.10.2006 16:10:48
LastSync : Hits:73
UseCount : 0
Hits : 73
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 58
Objects found so far: 88
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@as1.falkag[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\schnuppe\Lokale Einstellungen\Temp\Cookies\schnuppe@as1.falkag[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@real[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\schnuppe\Lokale Einstellungen\Temp\Cookies\schnuppe@real[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@tribalfusion[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\schnuppe\Lokale Einstellungen\Temp\Cookies\schnuppe@tribalfusion[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@fastclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\schnuppe\Lokale Einstellungen\Temp\Cookies\schnuppe@fastclick[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\schnuppe\Lokale Einstellungen\Temp\Cookies\schnuppe@doubleclick[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@tradedoubler[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\schnuppe\Lokale Einstellungen\Temp\Cookies\schnuppe@tradedoubler[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@servedby.advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\schnuppe\Lokale Einstellungen\Temp\Cookies\schnuppe@servedby.advertising[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@casalemedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\schnuppe\Lokale Einstellungen\Temp\Cookies\schnuppe@casalemedia[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : schnuppe@servedby.advertising[1].txt
TAC Rating : 3
Category : Data Miner
Comme
- pugs
- Beiträge: 64
- Registriert: 08.10.2005, 21:30
- Wohnort: leverkusen
von pugs am 09.10.2005, 00:23
Ad-Aware SE Build 1.06r1
Logfile Created on:Samstag, 8. Oktober 2005 23:58:02
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R69 05.10.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Claria(TAC index:7):15 total references
EffectiveBrandToolbar(TAC index:7):2 total references
IBIS Toolbar(TAC index:5):16 total references
MegaSearch Toolbar(TAC index:4):1 total references
Tracking Cookie(TAC index:3):68 total references
WebHancer(TAC index:9):7 total references
WhenU(TAC index:3):2 total references
WhenU.SaveNow(TAC index:10):1 total references
Win32.Trojan.SARS(TAC index:10):2 total references
WinFixer(TAC index:3):17 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
08.10.2005 23:58:02 - Scan started. (Full System Scan)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 436
ThreadCreationTime : 08.10.2005 17:17:23
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 492
ThreadCreationTime : 08.10.2005 17:17:25
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 516
ThreadCreationTime : 08.10.2005 17:17:26
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 560
ThreadCreationTime : 08.10.2005 17:17:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Anwendung für Dienste und Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 572
ThreadCreationTime : 08.10.2005 17:17:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 792
ThreadCreationTime : 08.10.2005 17:17:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 840
ThreadCreationTime : 08.10.2005 17:17:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 904
ThreadCreationTime : 08.10.2005 17:17:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 952
ThreadCreationTime : 08.10.2005 17:17:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1060
ThreadCreationTime : 08.10.2005 17:17:29
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1272
ThreadCreationTime : 08.10.2005 17:17:30
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [ccevtmgr.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 1308
ThreadCreationTime : 08.10.2005 17:17:30
BasePriority : Normal
FileVersion : 1.03.4
ProductVersion : 1.03.4
ProductName : Event Manager
CompanyName : Symantec Corporation
FileDescription : Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:13 [cdac11ba.exe]
FilePath : C:\WINDOWS\system32\drivers\
ProcessID : 1688
ThreadCreationTime : 08.10.2005 17:17:37
BasePriority : Normal
FileVersion : 4.20.0
ProductVersion : 4.20.0 Windows NT 2002/07/15
ProductName : SafeCast Windows NT
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
LegalCopyright : Copyright (c) 1998-2002 Macrovision Corp.
OriginalFilename : CDANTSRV.EXE
Comments : StringFileInfo: U.S. English
#:14 [navapsvc.exe]
FilePath : C:\Programme\Norton AntiVirus\
ProcessID : 1740
ThreadCreationTime : 08.10.2005 17:17:37
BasePriority : Normal
FileVersion : 9.05.1015
ProductVersion : 9.05.1015
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:15 [nprotect.exe]
FilePath : C:\Programme\Norton AntiVirus\AdvTools\
ProcessID : 1760
ThreadCreationTime : 08.10.2005 17:17:37
BasePriority : Normal
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
ProductName : Norton Utilities
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
LegalCopyright : Copyright (C) 2003 Symantec Corporation
LegalTrademarks : Norton Utilities
OriginalFilename : NPROTECT.EXE
#:16 [skeys.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1960
ThreadCreationTime : 08.10.2005 17:17:40
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Microsoft® Serial Keys Utility
InternalName : skeys.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : skeys.exe
#:17 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2012
ThreadCreationTime : 08.10.2005 17:17:41
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:18 [symwsc.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\
ProcessID : 172
ThreadCreationTime : 08.10.2005 17:17:41
BasePriority : Normal
FileVersion : 2005.1.2.20
ProductVersion : 2005.1
ProductName : Norton Security Center
CompanyName : Symantec Corporation
FileDescription : Norton Security Center Service
InternalName : SymWSC.exe
LegalCopyright : Copyright (c) 1997-2004 Symantec Corporation
OriginalFilename : SymWSC.exe
#:19 [igfxtray.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 672
ThreadCreationTime : 08.10.2005 17:17:52
BasePriority : Normal
FileVersion : 3.0.0.3943
ProductVersion : 7.0.0.3943
ProductName : Intel(R) Common User Interface
CompanyName : Intel Corporation
FileDescription : igfxTray Module
InternalName : IGFXTRAY
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : IGFXTRAY.EXE
#:20 [hkcmd.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1428
ThreadCreationTime : 08.10.2005 17:17:52
BasePriority : Normal
FileVersion : 3.0.0.3943
ProductVersion : 7.0.0.3943
ProductName : Intel(R) Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : HKCMD.EXE
#:21 [syntplpr.exe]
FilePath : C:\Programme\Synaptics\SynTP\
ProcessID : 1700
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 7.5.5 24Apr03
ProductVersion : 7.5.5 24Apr03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2003
OriginalFilename : SynTPLpr.exe
#:22 [syntpenh.exe]
FilePath : C:\Programme\Synaptics\SynTP\
ProcessID : 1752
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 7.5.5 24Apr03
ProductVersion : 7.5.5 24Apr03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2003
OriginalFilename : SynTPEnh.exe
#:23 [launchap.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1816
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 1, 0, 0, 3
ProductVersion : 1, 0, 0, 3
ProductName : LaunchAp Application
FileDescription : LaunchAp MFC Application
InternalName : LaunchAp
LegalCopyright : Copyright (C) 2001
OriginalFilename : LaunchAp.EXE
#:24 [powerkey.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1828
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 1, 4, 4, 0
ProductVersion : 1, 4, 4, 0
FileDescription : Powerkey
InternalName : Powerkey
LegalCopyright : Copyright © 2001
OriginalFilename : Powerkey.exe
#:25 [hotkeyapp.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1856
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 1, 0, 4, 7
ProductVersion : 1, 0, 4, 7
ProductName : Wistron HotkeyApp
CompanyName : Wistron
FileDescription : HotkeyApp
InternalName : HotkeyApp
LegalCopyright : Copyright c 2002
OriginalFilename : HotkeyApp.exe
#:26 [ctrlvol.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1872
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : Wistron ctrlvol
CompanyName : Wistron
FileDescription : ctrlvol
InternalName : ctrlvol
LegalCopyright : Copyright c 2003
OriginalFilename : ctrlvol.exe
#:27 [wbutton.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1880
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 1, 0, 2, 4
ProductVersion : 1, 0, 2, 4
ProductName : WButton Application
FileDescription : WButton MFC Application
InternalName : WButton
LegalCopyright : Copyright (C) 2001
OriginalFilename : WButton.EXE
#:28 [almxptray.exe]
FilePath : C:\Programme\Acer\Notebook Manager\
ProcessID : 1952
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 2.0.10.3
ProductVersion : 2.0.10
CompanyName : Acer
#:29 [agrsmmsg.exe]
FilePath : C:\WINDOWS\
ProcessID : 2000
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 2.1.25 2.1.25 02/14/2003 11:58:58
ProductVersion : 2.1.25 2.1.25 02/14/2003 11:58:58
ProductName : Agere SoftModem Messaging Applet
CompanyName : Agere Systems
FileDescription : SoftModem Messaging Applet
InternalName : smdmstat.exe
LegalCopyright : Copyright © Agere Systems 1998-2000
OriginalFilename : smdmstat.exe
#:30 [ltmoh.exe]
FilePath : C:\Programme\ltmoh\
ProcessID : 200
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 1.68
ProductVersion : 1.68
ProductName : LtMoh Application
CompanyName : Agere Systems
FileDescription : LtMoh MFC Application
InternalName : LtMoh
LegalCopyright : Agere Copyright © 2001-2002
LegalTrademarks : LT
OriginalFilename : LtMoh.EXE
#:31 [powerdvd.exe]
FilePath : D:\Programme\CyberLink\PowerDVD\
ProcessID : 424
ThreadCreationTime : 08.10.2005 17:17:57
BasePriority : Normal
FileVersion : 4.0.1015
ProductVersion : 4.0.1015
ProductName : PowerDVD
CompanyName : CyberLink Corp.
FileDescription : PowerDVD
InternalName : PoweDVD
LegalCopyright : Copyright (c) CyberLink Corp. 2001
LegalTrademarks : PowerDVD
#:32 [ccapp.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 576
ThreadCreationTime : 08.10.2005 17:17:57
BasePriority : Normal
FileVersion : 1.0.10.006
ProductVersion : 1.0.10.006
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client CC App
InternalName : ccApp
LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:33 [edonkey2000.exe]
FilePath : C:\Programme\eDonkey2000\
ProcessID : 1020
ThreadCreationTime : 08.10.2005 17:17:58
BasePriority : Normal
#:34 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1440
ThreadCreationTime : 08.10.2005 17:17:58
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Eine DLL-Datei als Anwendung ausführen
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : RUNDLL.EXE
#:35 [realsched.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Real\Update_OB\
ProcessID : 996
ThreadCreationTime : 08.10.2005 17:17:59
BasePriority : Normal
FileVersion : 0.1.0.3249
ProductVersion : 0.1.0.3249
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:36 [qttask.exe]
FilePath : C:\Programme\QuickTime\
ProcessID : 280
ThreadCreationTime : 08.10.2005 17:18:00
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:37 [incd.exe]
FilePath : C:\Programme\ahead\InCD\
ProcessID : 1564
ThreadCreationTime : 08.10.2005 17:18:00
BasePriority : Normal
FileVersion : 3.27.2
ProductVersion : 3.27.2
ProductName : InCD
CompanyName : Copyright (C) ahead software gmbh and its licensors
FileDescription : InCD CD-RW UDF Tools
InternalName : InCD
LegalCopyright : Copyright (C) ahead software gmbh and its licensors
OriginalFilename : InCD.EXE
Comments : CD-RW UDF Tools
#:38 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1456
ThreadCreationTime : 08.10.2005 17:18:00
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:39 [swdoctor.exe]
FilePath : C:\PROGRA~1\SPYWAR~1\
ProcessID : 1584
ThreadCreationTime : 08.10.2005 17:18:01
BasePriority : Normal
FileVersion : 3.2.1.359
ProductVersion : 3.1
ProductName : Spyware Doctor
CompanyName : PCTools
FileDescription : Spyware Doctor
InternalName : Spyware Doctor
LegalCopyright : Copyright (c) 2004. Distributed by PC Tools Pty Ltd
OriginalFilename : swdr.exe
#:40 [a2guard.exe]
FilePath : C:\Programme\a2\
ProcessID : 1432
ThreadCreationTime : 08.10.2005 17:18:01
BasePriority : Normal
<
Logfile Created on:Samstag, 8. Oktober 2005 23:58:02
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R69 05.10.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Claria(TAC index:7):15 total references
EffectiveBrandToolbar(TAC index:7):2 total references
IBIS Toolbar(TAC index:5):16 total references
MegaSearch Toolbar(TAC index:4):1 total references
Tracking Cookie(TAC index:3):68 total references
WebHancer(TAC index:9):7 total references
WhenU(TAC index:3):2 total references
WhenU.SaveNow(TAC index:10):1 total references
Win32.Trojan.SARS(TAC index:10):2 total references
WinFixer(TAC index:3):17 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
08.10.2005 23:58:02 - Scan started. (Full System Scan)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 436
ThreadCreationTime : 08.10.2005 17:17:23
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 492
ThreadCreationTime : 08.10.2005 17:17:25
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 516
ThreadCreationTime : 08.10.2005 17:17:26
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 560
ThreadCreationTime : 08.10.2005 17:17:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Anwendung für Dienste und Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 572
ThreadCreationTime : 08.10.2005 17:17:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 792
ThreadCreationTime : 08.10.2005 17:17:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 840
ThreadCreationTime : 08.10.2005 17:17:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 904
ThreadCreationTime : 08.10.2005 17:17:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 952
ThreadCreationTime : 08.10.2005 17:17:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1060
ThreadCreationTime : 08.10.2005 17:17:29
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1272
ThreadCreationTime : 08.10.2005 17:17:30
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [ccevtmgr.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 1308
ThreadCreationTime : 08.10.2005 17:17:30
BasePriority : Normal
FileVersion : 1.03.4
ProductVersion : 1.03.4
ProductName : Event Manager
CompanyName : Symantec Corporation
FileDescription : Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:13 [cdac11ba.exe]
FilePath : C:\WINDOWS\system32\drivers\
ProcessID : 1688
ThreadCreationTime : 08.10.2005 17:17:37
BasePriority : Normal
FileVersion : 4.20.0
ProductVersion : 4.20.0 Windows NT 2002/07/15
ProductName : SafeCast Windows NT
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
LegalCopyright : Copyright (c) 1998-2002 Macrovision Corp.
OriginalFilename : CDANTSRV.EXE
Comments : StringFileInfo: U.S. English
#:14 [navapsvc.exe]
FilePath : C:\Programme\Norton AntiVirus\
ProcessID : 1740
ThreadCreationTime : 08.10.2005 17:17:37
BasePriority : Normal
FileVersion : 9.05.1015
ProductVersion : 9.05.1015
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:15 [nprotect.exe]
FilePath : C:\Programme\Norton AntiVirus\AdvTools\
ProcessID : 1760
ThreadCreationTime : 08.10.2005 17:17:37
BasePriority : Normal
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
ProductName : Norton Utilities
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
LegalCopyright : Copyright (C) 2003 Symantec Corporation
LegalTrademarks : Norton Utilities
OriginalFilename : NPROTECT.EXE
#:16 [skeys.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1960
ThreadCreationTime : 08.10.2005 17:17:40
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Microsoft® Serial Keys Utility
InternalName : skeys.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : skeys.exe
#:17 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2012
ThreadCreationTime : 08.10.2005 17:17:41
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:18 [symwsc.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\
ProcessID : 172
ThreadCreationTime : 08.10.2005 17:17:41
BasePriority : Normal
FileVersion : 2005.1.2.20
ProductVersion : 2005.1
ProductName : Norton Security Center
CompanyName : Symantec Corporation
FileDescription : Norton Security Center Service
InternalName : SymWSC.exe
LegalCopyright : Copyright (c) 1997-2004 Symantec Corporation
OriginalFilename : SymWSC.exe
#:19 [igfxtray.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 672
ThreadCreationTime : 08.10.2005 17:17:52
BasePriority : Normal
FileVersion : 3.0.0.3943
ProductVersion : 7.0.0.3943
ProductName : Intel(R) Common User Interface
CompanyName : Intel Corporation
FileDescription : igfxTray Module
InternalName : IGFXTRAY
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : IGFXTRAY.EXE
#:20 [hkcmd.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1428
ThreadCreationTime : 08.10.2005 17:17:52
BasePriority : Normal
FileVersion : 3.0.0.3943
ProductVersion : 7.0.0.3943
ProductName : Intel(R) Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : HKCMD.EXE
#:21 [syntplpr.exe]
FilePath : C:\Programme\Synaptics\SynTP\
ProcessID : 1700
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 7.5.5 24Apr03
ProductVersion : 7.5.5 24Apr03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2003
OriginalFilename : SynTPLpr.exe
#:22 [syntpenh.exe]
FilePath : C:\Programme\Synaptics\SynTP\
ProcessID : 1752
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 7.5.5 24Apr03
ProductVersion : 7.5.5 24Apr03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2003
OriginalFilename : SynTPEnh.exe
#:23 [launchap.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1816
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 1, 0, 0, 3
ProductVersion : 1, 0, 0, 3
ProductName : LaunchAp Application
FileDescription : LaunchAp MFC Application
InternalName : LaunchAp
LegalCopyright : Copyright (C) 2001
OriginalFilename : LaunchAp.EXE
#:24 [powerkey.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1828
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 1, 4, 4, 0
ProductVersion : 1, 4, 4, 0
FileDescription : Powerkey
InternalName : Powerkey
LegalCopyright : Copyright © 2001
OriginalFilename : Powerkey.exe
#:25 [hotkeyapp.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1856
ThreadCreationTime : 08.10.2005 17:17:53
BasePriority : Normal
FileVersion : 1, 0, 4, 7
ProductVersion : 1, 0, 4, 7
ProductName : Wistron HotkeyApp
CompanyName : Wistron
FileDescription : HotkeyApp
InternalName : HotkeyApp
LegalCopyright : Copyright c 2002
OriginalFilename : HotkeyApp.exe
#:26 [ctrlvol.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1872
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : Wistron ctrlvol
CompanyName : Wistron
FileDescription : ctrlvol
InternalName : ctrlvol
LegalCopyright : Copyright c 2003
OriginalFilename : ctrlvol.exe
#:27 [wbutton.exe]
FilePath : C:\Progra~1\Launch Manager\
ProcessID : 1880
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 1, 0, 2, 4
ProductVersion : 1, 0, 2, 4
ProductName : WButton Application
FileDescription : WButton MFC Application
InternalName : WButton
LegalCopyright : Copyright (C) 2001
OriginalFilename : WButton.EXE
#:28 [almxptray.exe]
FilePath : C:\Programme\Acer\Notebook Manager\
ProcessID : 1952
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 2.0.10.3
ProductVersion : 2.0.10
CompanyName : Acer
#:29 [agrsmmsg.exe]
FilePath : C:\WINDOWS\
ProcessID : 2000
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 2.1.25 2.1.25 02/14/2003 11:58:58
ProductVersion : 2.1.25 2.1.25 02/14/2003 11:58:58
ProductName : Agere SoftModem Messaging Applet
CompanyName : Agere Systems
FileDescription : SoftModem Messaging Applet
InternalName : smdmstat.exe
LegalCopyright : Copyright © Agere Systems 1998-2000
OriginalFilename : smdmstat.exe
#:30 [ltmoh.exe]
FilePath : C:\Programme\ltmoh\
ProcessID : 200
ThreadCreationTime : 08.10.2005 17:17:54
BasePriority : Normal
FileVersion : 1.68
ProductVersion : 1.68
ProductName : LtMoh Application
CompanyName : Agere Systems
FileDescription : LtMoh MFC Application
InternalName : LtMoh
LegalCopyright : Agere Copyright © 2001-2002
LegalTrademarks : LT
OriginalFilename : LtMoh.EXE
#:31 [powerdvd.exe]
FilePath : D:\Programme\CyberLink\PowerDVD\
ProcessID : 424
ThreadCreationTime : 08.10.2005 17:17:57
BasePriority : Normal
FileVersion : 4.0.1015
ProductVersion : 4.0.1015
ProductName : PowerDVD
CompanyName : CyberLink Corp.
FileDescription : PowerDVD
InternalName : PoweDVD
LegalCopyright : Copyright (c) CyberLink Corp. 2001
LegalTrademarks : PowerDVD
#:32 [ccapp.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 576
ThreadCreationTime : 08.10.2005 17:17:57
BasePriority : Normal
FileVersion : 1.0.10.006
ProductVersion : 1.0.10.006
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client CC App
InternalName : ccApp
LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:33 [edonkey2000.exe]
FilePath : C:\Programme\eDonkey2000\
ProcessID : 1020
ThreadCreationTime : 08.10.2005 17:17:58
BasePriority : Normal
#:34 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1440
ThreadCreationTime : 08.10.2005 17:17:58
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Eine DLL-Datei als Anwendung ausführen
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : RUNDLL.EXE
#:35 [realsched.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Real\Update_OB\
ProcessID : 996
ThreadCreationTime : 08.10.2005 17:17:59
BasePriority : Normal
FileVersion : 0.1.0.3249
ProductVersion : 0.1.0.3249
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:36 [qttask.exe]
FilePath : C:\Programme\QuickTime\
ProcessID : 280
ThreadCreationTime : 08.10.2005 17:18:00
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:37 [incd.exe]
FilePath : C:\Programme\ahead\InCD\
ProcessID : 1564
ThreadCreationTime : 08.10.2005 17:18:00
BasePriority : Normal
FileVersion : 3.27.2
ProductVersion : 3.27.2
ProductName : InCD
CompanyName : Copyright (C) ahead software gmbh and its licensors
FileDescription : InCD CD-RW UDF Tools
InternalName : InCD
LegalCopyright : Copyright (C) ahead software gmbh and its licensors
OriginalFilename : InCD.EXE
Comments : CD-RW UDF Tools
#:38 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1456
ThreadCreationTime : 08.10.2005 17:18:00
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:39 [swdoctor.exe]
FilePath : C:\PROGRA~1\SPYWAR~1\
ProcessID : 1584
ThreadCreationTime : 08.10.2005 17:18:01
BasePriority : Normal
FileVersion : 3.2.1.359
ProductVersion : 3.1
ProductName : Spyware Doctor
CompanyName : PCTools
FileDescription : Spyware Doctor
InternalName : Spyware Doctor
LegalCopyright : Copyright (c) 2004. Distributed by PC Tools Pty Ltd
OriginalFilename : swdr.exe
#:40 [a2guard.exe]
FilePath : C:\Programme\a2\
ProcessID : 1432
ThreadCreationTime : 08.10.2005 17:18:01
BasePriority : Normal
<