Hallo,
Ich habe ein Problem, ich habe unendlich viele Viren auf meinem Computer, und der nervigste ist der Casino Virus, mir wurde damit schon einmal geholfen, deshalb hoffe ich, dass ich vielleicht diesselbe nette Hilfe wieder bekommen koennte, mit der Schritt fuer Schritt Erklaerung, was ich tun muss, hier ist schon einmal die Logfile von HijackThis.
Logfile of HijackThis v1.99.1
Scan saved at 6:20:24 PM, on 12/27/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\kdx\KHost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\USBMonit.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\HPZipm12.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\COMMON~1\MICROS~1\Msinfo\OFFPROV.EXE
C:\DOCUME~1\Markus\LOCALS~1\Temp\Temporary Directory 2 for hijackthis_199[1].zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.kladfjtbhclkhoojuvkqta.us/WJ ... p0nLQ.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: (no name) - {700F7B2D-CE90-BD6D-EE14-BCEEFFFCBECE} - C:\WINDOWS\system32\zmowy.dll
O2 - BHO: (no name) - {808FBA93-BC4B-15BE-A050-315B449EED48} - C:\DOCUME~1\Markus\APPLIC~1\4the\Grid beep.exe
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {DB4C4F35-2195-11E6-F669-2ABD804B7584} - C:\PROGRA~1\4the\Grid beep.exe (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [lexplore] lexplore.exe
O4 - HKLM\..\Run: [A70F6A1D-0195-42a2-934C-D8AC0F7C08EB] rundll32.exe E6F1873B.DLL,D9EBC318C
O4 - HKLM\..\Run: [98D0CE0C16B1] rundll32.exe D0CE0C16B1,D0CE0C16B1
O4 - HKLM\..\Run: [forkkeeprealroam] C:\Documents and Settings\All Users\Application Data\Less Flag Fork Keep\List Drive.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINDOWS\system32\USBMonit.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TrayDaleBaitFlap] C:\Documents and Settings\All Users\Application Data\Wipe Mail Tray Dale\Less mfcd.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\RunServices: [lexplore] lexplore.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ThunkCorn] C:\DOCUME~1\Markus\APPLIC~1\ATOMPH~1\bind one.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/rap ... loader.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b28578.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?LinkId= ... lcid=0x409
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://miniclip.com/platypus/miniclipGameLoader.dll
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/ActiveLa ... uncher.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101fd.bay101.hotmail.msn.com/r ... nPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... Client.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/ ... Client.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} (WTHoster Class) - http://install.wildtangent.com/bgn/part ... nstall.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b28578.cab
O16 - DPF: {BB47CA33-8B4D-11D0-9511-00C04FD9152D} (ExteriorSurround Object) - http://autos.msn.com/components/ocx/ext ... utside.cab
O16 - DPF: {BF5E26B7-7087-4C2D-B0BA-0098F7CBED6B} (LiveX(5.4.0.0) Control) - http://12.25.125.12/cab/Live.cab
O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thinkt ... adCtrl.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... owdown.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Vielen Dank schoneinmal im Voraus!
Smut
Warum kostenlos registrieren?
Nur als registriertes Mitglied hast Du vollen Zugriff auf alle Funktionen unserer Website. So kannst Du eigene Fragen stellen und hast die volle Übersicht über neue interessante Themen im Forum.
Jetzt kostenlos registrieren.
Login
Casino Virus
11 Beiträge • Seite 1 von 1
von Nikita am 28.12.2005, 04:16
Oben auf der Seite --> auf Durchsuchen klicken --> Datei aussuchen --> Doppelklick auf die zu prüfende Datei --> klick auf Submit... jetzt abwarten --> kopiere das Ergebnis in das Sicherheitsforum
http://www.virustotal.com/flash/index_en.html
C:\WINDOWS\system32\zmowy.dll
C:\WINDOWS\system32\lexplore.exe
C:\WINDOWS\system32\E6F1873B.DLL
-----------------------------------------------------------------------------------------------------
öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.kladfjtbhclkhoojuvkqta.us/WJ ... p0nLQ.html
O2 - BHO: (no name) - {700F7B2D-CE90-BD6D-EE14-BCEEFFFCBECE} - C:\WINDOWS\system32\zmowy.dll
O2 - BHO: (no name) - {808FBA93-BC4B-15BE-A050-315B449EED48} - C:\DOCUME~1\Markus\APPLIC~1\4the\Grid beep.exe
O2 - BHO: (no name) - {DB4C4F35-2195-11E6-F669-2ABD804B7584} - C:\PROGRA~1\4the\Grid beep.exe (file missing)
O4 - HKLM\..\Run: [lexplore] lexplore.exe
O4 - HKLM\..\Run: [A70F6A1D-0195-42a2-934C-D8AC0F7C08EB] rundll32.exe E6F1873B.DLL,D9EBC318C
O4 - HKLM\..\Run: [98D0CE0C16B1] rundll32.exe D0CE0C16B1,D0CE0C16B1
O4 - HKLM\..\Run: [forkkeeprealroam] C:\Documents and Settings\All Users\Application Data\Less Flag Fork Keep\List Drive.exe
O4 - HKLM\..\Run: [TrayDaleBaitFlap] C:\Documents and Settings\All Users\Application Data\Wipe Mail Tray Dale\Less mfcd.exe
O4 - HKLM\..\RunServices: [lexplore] lexplore.exe
O4 - HKCU\..\Run: [ThunkCorn] C:\DOCUME~1\Markus\APPLIC~1\ATOMPH~1\bind one.exe
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/rap ... loader.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://miniclip.com/platypus/miniclipGameLoader.dll
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/ActiveLa ... uncher.cab
PC neustarten
loeschen (am besten im abgesicherten modus)
C:\Documents and Settings\All Users\Application Data\Less Flag Fork Keep
C:\Documents and Settings\Markus\Application Data\ATOMPH...
C:\Documents and Settings\All Users\Application Data\Wipe Mail Tray Dale
C:\PROGRA~1\4the
C:\WINDOWS\system32\zmowy.dll
C:\WINDOWS\system32\E6F1873B.DLL
wende CleanUp an
http://virus-protect.net/cleanup.html
Start -- alle Programme -- Zubehör -- Editor und kopiere folgenden Text rein:
dir %Windir%\tasks /a h > files.txt
notepad files.txt
- Speichern als: findjobs.bat
- abspeichern unter : Dateityp: alle Dateien
- speichere auf dem Desktop
- Locate findjobs.bat-- doppelklick auf die bat-Datei , der Editor öffnet sich -- poste den Text
-------------------------
Adware.BrowserAid
http://securityresponse.symantec.com/av ... eraid.html
http://www.virustotal.com/flash/index_en.html
C:\WINDOWS\system32\zmowy.dll
C:\WINDOWS\system32\lexplore.exe
C:\WINDOWS\system32\E6F1873B.DLL
-----------------------------------------------------------------------------------------------------
öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.kladfjtbhclkhoojuvkqta.us/WJ ... p0nLQ.html
O2 - BHO: (no name) - {700F7B2D-CE90-BD6D-EE14-BCEEFFFCBECE} - C:\WINDOWS\system32\zmowy.dll
O2 - BHO: (no name) - {808FBA93-BC4B-15BE-A050-315B449EED48} - C:\DOCUME~1\Markus\APPLIC~1\4the\Grid beep.exe
O2 - BHO: (no name) - {DB4C4F35-2195-11E6-F669-2ABD804B7584} - C:\PROGRA~1\4the\Grid beep.exe (file missing)
O4 - HKLM\..\Run: [lexplore] lexplore.exe
O4 - HKLM\..\Run: [A70F6A1D-0195-42a2-934C-D8AC0F7C08EB] rundll32.exe E6F1873B.DLL,D9EBC318C
O4 - HKLM\..\Run: [98D0CE0C16B1] rundll32.exe D0CE0C16B1,D0CE0C16B1
O4 - HKLM\..\Run: [forkkeeprealroam] C:\Documents and Settings\All Users\Application Data\Less Flag Fork Keep\List Drive.exe
O4 - HKLM\..\Run: [TrayDaleBaitFlap] C:\Documents and Settings\All Users\Application Data\Wipe Mail Tray Dale\Less mfcd.exe
O4 - HKLM\..\RunServices: [lexplore] lexplore.exe
O4 - HKCU\..\Run: [ThunkCorn] C:\DOCUME~1\Markus\APPLIC~1\ATOMPH~1\bind one.exe
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/rap ... loader.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://miniclip.com/platypus/miniclipGameLoader.dll
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/ActiveLa ... uncher.cab
PC neustarten
loeschen (am besten im abgesicherten modus)
C:\Documents and Settings\All Users\Application Data\Less Flag Fork Keep
C:\Documents and Settings\Markus\Application Data\ATOMPH...
C:\Documents and Settings\All Users\Application Data\Wipe Mail Tray Dale
C:\PROGRA~1\4the
C:\WINDOWS\system32\zmowy.dll
C:\WINDOWS\system32\E6F1873B.DLL
wende CleanUp an
http://virus-protect.net/cleanup.html
Start -- alle Programme -- Zubehör -- Editor und kopiere folgenden Text rein:
dir %Windir%\tasks /a h > files.txt
notepad files.txt
- Speichern als: findjobs.bat
- abspeichern unter : Dateityp: alle Dateien
- speichere auf dem Desktop
- Locate findjobs.bat-- doppelklick auf die bat-Datei , der Editor öffnet sich -- poste den Text
-------------------------
Adware.BrowserAid
http://securityresponse.symantec.com/av ... eraid.html
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von that_smut am 28.12.2005, 05:49
Volume in drive C has no label.
Volume Serial Number is 807C-EC2A
Directory of C:\WINDOWS\tasks
12/27/2005 06:11 PM <DIR> .
12/27/2005 06:11 PM <DIR> ..
12/27/2005 09:00 PM 286 A4BA1B9D95699549.job
12/27/2005 09:00 PM 282 A8560D0890E9BF8C.job
12/27/2005 09:00 PM 286 AC3B7E7F9900F12F.job
12/27/2005 09:00 PM 272 AD9EEB8491E59F54.job
08/29/2002 05:00 AM 65 DESKTOP.INI
12/27/2005 09:00 PM 282 FC343676B647B12A.job
04/09/2004 05:46 PM 354 FRU Task #Hewlett-Packard#hp psc 1200 series#1073152666.job
12/25/2005 03:00 AM 476 Norton AntiVirus - Scan my computer.job
12/27/2005 09:26 PM 6 SA.DAT
12/27/2005 07:13 PM 376 Symantec NetDetect.job
10 File(s) 2,685 bytes
Directory of C:\Documents and Settings\Markus\Desktop
Vielen, vielen Dank fuer die erneute Hilfe!
Volume Serial Number is 807C-EC2A
Directory of C:\WINDOWS\tasks
12/27/2005 06:11 PM <DIR> .
12/27/2005 06:11 PM <DIR> ..
12/27/2005 09:00 PM 286 A4BA1B9D95699549.job
12/27/2005 09:00 PM 282 A8560D0890E9BF8C.job
12/27/2005 09:00 PM 286 AC3B7E7F9900F12F.job
12/27/2005 09:00 PM 272 AD9EEB8491E59F54.job
08/29/2002 05:00 AM 65 DESKTOP.INI
12/27/2005 09:00 PM 282 FC343676B647B12A.job
04/09/2004 05:46 PM 354 FRU Task #Hewlett-Packard#hp psc 1200 series#1073152666.job
12/25/2005 03:00 AM 476 Norton AntiVirus - Scan my computer.job
12/27/2005 09:26 PM 6 SA.DAT
12/27/2005 07:13 PM 376 Symantec NetDetect.job
10 File(s) 2,685 bytes
Directory of C:\Documents and Settings\Markus\Desktop
Vielen, vielen Dank fuer die erneute Hilfe!
- that_smut
- Beiträge: 10
- Registriert: 02.01.2005, 01:11
von Holy Marcell am 28.12.2005, 13:04
Start -- alle Programme -- Zubehör -- Editor und kopiere folgenden Text rein:
%systemdrive%
cd C:\WINDOWS\Tasks
attrib -r -s -h A4BA1B9D95699549.job
del A4BA1B9D95699549.job
attrib -r -s -h A8560D0890E9BF8C.job
del A8560D0890E9BF8C.job
attrib -r -s -h AC3B7E7F9900F12F.job
del AC3B7E7F9900F12F.job
attrib -r -s -h AD9EEB8491E59F54.job
del AD9EEB8491E59F54.job
attrib -r -s -h FC343676B647B12A.job
del FC343676B647B12A.job
- Speichern als: remjob.bat
- abspeichern unter : Dateityp: alle Dateien
- speichere auf dem Desktop
- Locate remjob.bat-- doppelklick auf die bat-Datei , der Editor öffnet sich kurz ist normal
Poste nochmals findjobs.bat
==============
Warte uf weitere Instruktionen von Nikita!
%systemdrive%
cd C:\WINDOWS\Tasks
attrib -r -s -h A4BA1B9D95699549.job
del A4BA1B9D95699549.job
attrib -r -s -h A8560D0890E9BF8C.job
del A8560D0890E9BF8C.job
attrib -r -s -h AC3B7E7F9900F12F.job
del AC3B7E7F9900F12F.job
attrib -r -s -h AD9EEB8491E59F54.job
del AD9EEB8491E59F54.job
attrib -r -s -h FC343676B647B12A.job
del FC343676B647B12A.job
- Speichern als: remjob.bat
- abspeichern unter : Dateityp: alle Dateien
- speichere auf dem Desktop
- Locate remjob.bat-- doppelklick auf die bat-Datei , der Editor öffnet sich kurz ist normal
Poste nochmals findjobs.bat
==============
Warte uf weitere Instruktionen von Nikita!
- Holy Marcell
von that_smut am 29.12.2005, 01:44
Volume in drive C has no label.
Volume Serial Number is 807C-EC2A
Directory of C:\WINDOWS\tasks
12/28/2005 05:30 PM <DIR> .
12/28/2005 05:30 PM <DIR> ..
12/28/2005 05:00 PM 282 AA9BB739910C3191.job
08/29/2002 05:00 AM 65 DESKTOP.INI
04/09/2004 05:46 PM 354 FRU Task #Hewlett-Packard#hp psc 1200 series#1073152666.job
12/28/2005 03:00 AM 476 Norton AntiVirus - Scan my computer.job
12/28/2005 11:58 AM 6 SA.DAT
12/28/2005 03:13 PM 376 Symantec NetDetect.job
6 File(s) 1,559 bytes
Directory of C:\Documents and Settings\Markus\Desktop
ALs ich gestern alle Sachen, so wie mir Nikita gesagt hat ausgefuehrt habe hat alles wieder wunderbar geklappt, keine Pop-Ups mehr, keine Symbole auf meinem Desktop, heute geh ich wieder an den PC, nachdem meine Schwester dran war, und der ganze *lol* ist wieder da, die Pop-Ups, die Desktopsymbole, alles. Ich hab nochmal eine neue HijackThis LOgfile gemacht, vielleicht hilfty das ja um das Problem zu finden, koennte es evtl. daran liegen, dass die ich weiss nicht wie das heisst, das Ding, dass verloren gegangene Sachen wiederherstellt, dass die nicht deaktiviert ist? Hier ist erstmal die Logfile:
Logfile of HijackThis v1.99.1
Scan saved at 5:42:28 PM, on 12/28/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\kdx\KHost.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\system32\USBMonit.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Markus\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.gdkhfselnyce.net/WJRluB6oBsm ... 8p0nLQ.jpg
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: (no name) - {808FBA93-BC4B-15BE-A050-315B449EED48} - C:\DOCUME~1\LISAGA~1\APPLIC~1\4the\Grid beep.exe
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINDOWS\system32\USBMonit.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [TrayDaleBaitFlap] C:\Documents and Settings\All Users\Application Data\Wipe Mail Tray Dale\defy about.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b28578.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?LinkId= ... lcid=0x409
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101fd.bay101.hotmail.msn.com/r ... nPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... Client.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/ ... Client.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} (WTHoster Class) - http://install.wildtangent.com/bgn/part ... nstall.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b28578.cab
O16 - DPF: {BB47CA33-8B4D-11D0-9511-00C04FD9152D} (ExteriorSurround Object) - http://autos.msn.com/components/ocx/ext ... utside.cab
O16 - DPF: {BF5E26B7-7087-4C2D-B0BA-0098F7CBED6B} (LiveX(5.4.0.0) Control) - http://12.25.125.12/cab/Live.cab
O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thinkt ... adCtrl.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... owdown.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
Volume Serial Number is 807C-EC2A
Directory of C:\WINDOWS\tasks
12/28/2005 05:30 PM <DIR> .
12/28/2005 05:30 PM <DIR> ..
12/28/2005 05:00 PM 282 AA9BB739910C3191.job
08/29/2002 05:00 AM 65 DESKTOP.INI
04/09/2004 05:46 PM 354 FRU Task #Hewlett-Packard#hp psc 1200 series#1073152666.job
12/28/2005 03:00 AM 476 Norton AntiVirus - Scan my computer.job
12/28/2005 11:58 AM 6 SA.DAT
12/28/2005 03:13 PM 376 Symantec NetDetect.job
6 File(s) 1,559 bytes
Directory of C:\Documents and Settings\Markus\Desktop
ALs ich gestern alle Sachen, so wie mir Nikita gesagt hat ausgefuehrt habe hat alles wieder wunderbar geklappt, keine Pop-Ups mehr, keine Symbole auf meinem Desktop, heute geh ich wieder an den PC, nachdem meine Schwester dran war, und der ganze *lol* ist wieder da, die Pop-Ups, die Desktopsymbole, alles. Ich hab nochmal eine neue HijackThis LOgfile gemacht, vielleicht hilfty das ja um das Problem zu finden, koennte es evtl. daran liegen, dass die ich weiss nicht wie das heisst, das Ding, dass verloren gegangene Sachen wiederherstellt, dass die nicht deaktiviert ist? Hier ist erstmal die Logfile:
Logfile of HijackThis v1.99.1
Scan saved at 5:42:28 PM, on 12/28/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\kdx\KHost.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\system32\USBMonit.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\DOCUME~1\Markus\LOCALS~1\Temp\Temporary Directory 1 for hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.gdkhfselnyce.net/WJRluB6oBsm ... 8p0nLQ.jpg
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - C:\Program Files\Yahoo!\Common\YIeTagBm.dll
O2 - BHO: (no name) - {808FBA93-BC4B-15BE-A050-315B449EED48} - C:\DOCUME~1\LISAGA~1\APPLIC~1\4the\Grid beep.exe
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [mmtask] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Gene USB Monitor] C:\WINDOWS\system32\USBMonit.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [TrayDaleBaitFlap] C:\Documents and Settings\All Users\Application Data\Wipe Mail Tray Dale\defy about.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b28578.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage) - http://go.microsoft.com/fwlink/?LinkId= ... lcid=0x409
O16 - DPF: {2253F320-AB68-4A07-917D-4F12D8884A06} (ChainCast VMR Client Proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101fd.bay101.hotmail.msn.com/r ... nPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... Client.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://photo.walmart.com/photo/uploads/ ... Client.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} (WTHoster Class) - http://install.wildtangent.com/bgn/part ... nstall.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZI ... b28578.cab
O16 - DPF: {BB47CA33-8B4D-11D0-9511-00C04FD9152D} (ExteriorSurround Object) - http://autos.msn.com/components/ocx/ext ... utside.cab
O16 - DPF: {BF5E26B7-7087-4C2D-B0BA-0098F7CBED6B} (LiveX(5.4.0.0) Control) - http://12.25.125.12/cab/Live.cab
O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thinkt ... adCtrl.cab
O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... owdown.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
- that_smut
- Beiträge: 10
- Registriert: 02.01.2005, 01:11
von Yourhighness am 29.12.2005, 02:07
Habe mir erlaubt mal dein doppel und trippel post zu loeschen ( wahrscheinlich laggte das Forum wieder - war bei mir eben so ).
Fuer den Rest bitte auf Nikita warten. Werde mich hier nicht einfach dazwischen schuppsen
MfG,
Fuer den Rest bitte auf Nikita warten. Werde mich hier nicht einfach dazwischen schuppsen
MfG,
- Yourhighness
von Yourhighness am 31.12.2005, 03:10
Nikita hat fuer Heute Abend schluss gemacht ( so wie ich gleich - schlafe gleich im Sitzen ein ).
Vll hat sie deinen Thread in der Menge uebersehen ( Sie bekommt EINIGE Mails pro Tag ). Sag Ihr noch mal bescheid.
MfG,
Vll hat sie deinen Thread in der Menge uebersehen ( Sie bekommt EINIGE Mails pro Tag
). Sag Ihr noch mal bescheid.
MfG,
- Yourhighness
von Nikita am 31.12.2005, 15:36
fixe mit dem HijackThis
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.gdkhfselnyce.net/WJRluB6oBsm ... X3fq4qPwzo
4hdC0fQANtBAitPg1Qvc8p0nLQ.jpg
O2 - BHO: (no name) - {808FBA93-BC4B-15BE-A050-315B449EED48} - C:\DOCUME~1\LISAGA~1\APPLIC~1\4the\Grid beep.exe
O4 - HKLM\..\Run: [TrayDaleBaitFlap] C:\Documents and Settings\All Users\Application Data\Wipe Mail Tray Dale\defy about.exe
PC neustarten--> in den abgesicherten modus
loeschen
C:\Documents and Settings\All Users\Application Data\Wipe Mail Tray Dale
C:\Documents and Settings\LISAGA~1\Application Data\4the
C:\Documents and Settings\All Users\Application Data\Less Flag Fork Keep
C:\Documents and Settings\Markus\Application Data\ATOMPH...
Start -- alle Programme -- Zubehör -- Editor und kopiere folgenden Text rein:
%systemdrive%
cd C:\WINDOWS\Tasks
attrib -r -s -h AA9BB739910C3191.job
del AA9BB739910C3191.job
- Speichern als: rem.bat
- abspeichern unter : Dateityp: alle Dateien
- speichere auf dem Desktop
- Locate rem.bat-- doppelklick auf die bat-Datei , der Editor öffnet sich kurz ist normal
scanne mit Panda und poste den Scanreport
http://virus-protect.net/onlinescan.html
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von that_smut am 08.01.2006, 18:54
Incident Status Location
Adware:Adware/BrowserAid Not disinfected C:\WINDOWS\system32\stlb2.dll
Adware:Adware/BrowserAid Not disinfected C:\WINDOWS\system32\D0CE0C16B1.dll
Adware:Adware/BrowserAid Not disinfected C:\WINDOWS\system32\E6F1873B.DLL
Spyware:spyware/whazit Not disinfected C:\WINDOWS\SYSTEM32\fiz1
Adware:adware/iedriver Not disinfected C:\WINDOWS\SYSTEM32\iedriver.exe
Adware:adware/virtualbouncer Not disinfected C:\WINDOWS\SYSTEM32\INNERVBINSTALL.LOG
Adware:adware/powersearch Not disinfected C:\WINDOWS\SYSTEM32\stlb2.dll
Adware:adware/addestroyer Not disinfected C:\WINDOWS\SYSTEM32\SWRT01.dll
Adware:adware/look2me Not disinfected C:\WINDOWS\SYSTEM\UpdInstall.exe
Adware:adware/clickalchemy Not disinfected C:\WINDOWS\INF\alchem.inf
Spyware:spyware/betterinet Not disinfected C:\WINDOWS\INF\biini.inf
Adware:adware/ipinsight Not disinfected C:\WINDOWS\INF\polall1r.inf
Spyware:spyware/new.net Not disinfected C:\WINDOWS\NDNuninstall5_48.exe
Adware:adware/sidesearch Not disinfected C:\PROGRAM FILES\Lycos
Adware:adware/ncase Not disinfected C:\WINDOWS\SYSTEM32\FLEOK
Adware:adware/wintools Not disinfected Windows Registry
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Markus\Cookies\markus@2o7[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Markus\Cookies\markus@888[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Markus\Cookies\markus@ad.yieldmanager[2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Markus\Cookies\markus@ads.pointroll[2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Markus\Cookies\markus@adultfriendfinder[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Markus\Cookies\markus@advertising[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Markus\Cookies\markus@as-eu.falkag[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Markus\Cookies\markus@as1.falkag[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Markus\Cookies\markus@atdmt[2].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Markus\Cookies\markus@azjmp[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Markus\Cookies\markus@burstnet[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Markus\Cookies\markus@casalemedia[2].txt
Spyware:Cookie/Coremetrics Not disinfected C:\Documents and Settings\Markus\Cookies\markus@data.coremetrics[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Markus\Cookies\markus@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Markus\Cookies\markus@fastclick[1].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Markus\Cookies\markus@fe.lea.lycos[1].txt
Spyware:Cookie/Linksynergy Not disinfected C:\Documents and Settings\Markus\Cookies\markus@linksynergy[1].txt
Spyware:Cookie/Lop Not disinfected C:\Documents and Settings\Markus\Cookies\markus@lop[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Markus\Cookies\markus@mediaplex[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Markus\Cookies\markus@perf.overture[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Markus\Cookies\markus@realmedia[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Markus\Cookies\markus@serving-sys[2].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Markus\Cookies\markus@targetnet[2].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Markus\Cookies\markus@tradedoubler[2].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Markus\Cookies\markus@trafficmp[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Markus\Cookies\markus@tribalfusion[1].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Markus\Cookies\markus@valueclick[2].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Markus\Cookies\markus@weborama[2].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Markus\Cookies\markus@z1.adserver[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Markus\Cookies\markus@zedo[2].txt
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Administrator\Application Data\atom phone comp\gram trust stupid license.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\4the\Grid beep.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\aobnqyse.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\arwxxudo.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\bind one.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\cgsnhwxi.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\ckiundmi.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\clvkxljq.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\efkrdvzh.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\gkhrjqss.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\gllcsflw.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\gnyylwrj.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\gram trust stupid license.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\hdkpheen.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\hijsdlbb.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\hthwujfj.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\hyzjudtv.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\jdkkzevc.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\jyvpjwmg.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\kygidgqb.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\open sixth trans.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\pcjcyzdv.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\pvaruifg.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\qrfkfkhq.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\rdgoghbl.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\tufcknxn.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\uldsaiti.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\vcnlgfqh.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\ylwzwyjy.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\zpypdjqs.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\4the\Grid beep.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\ahhxichj.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\bind one.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\dxeqnsjv.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\enqawnhw.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\eydygxdh.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\fikwoiso.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\fycglezc.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\gpfmtciz.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\gram trust stupid license.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\grogveyf.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\hnjuunhq.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\jruqzmlt.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\lpaieyrg.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\lrustzmx.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\nsdrfrmh.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\open sixth trans.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\pkkhgsbt.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\putzeffo.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\rbxlrwfr.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\scfdldkv.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\swgltckf.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\ttawdkou.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\vgdgwagv.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\vgqftbqv.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\xaxyxlev.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\zrhfqzja.exe
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@888[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@ad.yieldmanager[2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@ads.pointroll[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@advertising[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@atdmt[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@belnk[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@dist.belnk[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@doubleclick[1].txt
Spyware:Cookie/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@lop[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@perf.overture[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@realmedia[1].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@targetnet[2].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@trafficmp[2].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@z1.adserver[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@zedo[2].txt
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Local Settings\Temp\sta9D.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Local Settings\Temp\staC.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\bepgpsnq.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\bind one.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\blmvgdju.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\cfygjddt.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\dcpndwap.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\duzibaph.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\fuicgqgd.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\goiwksjb.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\gram trust stupid license.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\guuffkjo.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\ilipemyt.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\mczplhvs.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\mhxwzjbk.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\nlpnnrdt.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\open sixth trans.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\pbpogdgc.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\qnxvleop.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\rqlrefdz.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\rqmmvkbh.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\synnfikz.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\vwicrqld.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\xvrgfpkb.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\yoeioheh.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\zubdwiym.exe
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@2o7[2].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@888[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@ad.yieldmanager[2].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@adopt.hbmediapro[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@adrevolver[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@adrevolver[3].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@ads.pointroll[2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@adultfriendfinder[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@advertising[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@as-eu.falkag[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@as1.falkag[2].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@ask[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@atdmt[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@ath.belnk[2].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@azjmp[2].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@banner[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@belnk[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@casalemedia[2].txt
Spyware:Cookie/CentrPort Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@centrport[1].txt
Spyware:Cookie/Coremetrics Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@data.coremetrics[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@dist.belnk[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@fastclick[1].txt
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@hc2.humanclick[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@hitbox[2].txt
Spyware:Cookie/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@lop[2].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@maxserving[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@mediaplex[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@perf.overture[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@realmedia[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@serving-sys[2].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@targetnet[1].txt
Spyware:Cookie/Tradedoubler
Adware:Adware/BrowserAid Not disinfected C:\WINDOWS\system32\stlb2.dll
Adware:Adware/BrowserAid Not disinfected C:\WINDOWS\system32\D0CE0C16B1.dll
Adware:Adware/BrowserAid Not disinfected C:\WINDOWS\system32\E6F1873B.DLL
Spyware:spyware/whazit Not disinfected C:\WINDOWS\SYSTEM32\fiz1
Adware:adware/iedriver Not disinfected C:\WINDOWS\SYSTEM32\iedriver.exe
Adware:adware/virtualbouncer Not disinfected C:\WINDOWS\SYSTEM32\INNERVBINSTALL.LOG
Adware:adware/powersearch Not disinfected C:\WINDOWS\SYSTEM32\stlb2.dll
Adware:adware/addestroyer Not disinfected C:\WINDOWS\SYSTEM32\SWRT01.dll
Adware:adware/look2me Not disinfected C:\WINDOWS\SYSTEM\UpdInstall.exe
Adware:adware/clickalchemy Not disinfected C:\WINDOWS\INF\alchem.inf
Spyware:spyware/betterinet Not disinfected C:\WINDOWS\INF\biini.inf
Adware:adware/ipinsight Not disinfected C:\WINDOWS\INF\polall1r.inf
Spyware:spyware/new.net Not disinfected C:\WINDOWS\NDNuninstall5_48.exe
Adware:adware/sidesearch Not disinfected C:\PROGRAM FILES\Lycos
Adware:adware/ncase Not disinfected C:\WINDOWS\SYSTEM32\FLEOK
Adware:adware/wintools Not disinfected Windows Registry
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Markus\Cookies\markus@2o7[1].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Markus\Cookies\markus@888[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Markus\Cookies\markus@ad.yieldmanager[2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Markus\Cookies\markus@ads.pointroll[2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Markus\Cookies\markus@adultfriendfinder[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Markus\Cookies\markus@advertising[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Markus\Cookies\markus@as-eu.falkag[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Markus\Cookies\markus@as1.falkag[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Markus\Cookies\markus@atdmt[2].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Markus\Cookies\markus@azjmp[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Markus\Cookies\markus@burstnet[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Markus\Cookies\markus@casalemedia[2].txt
Spyware:Cookie/Coremetrics Not disinfected C:\Documents and Settings\Markus\Cookies\markus@data.coremetrics[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Markus\Cookies\markus@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Markus\Cookies\markus@fastclick[1].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Markus\Cookies\markus@fe.lea.lycos[1].txt
Spyware:Cookie/Linksynergy Not disinfected C:\Documents and Settings\Markus\Cookies\markus@linksynergy[1].txt
Spyware:Cookie/Lop Not disinfected C:\Documents and Settings\Markus\Cookies\markus@lop[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Markus\Cookies\markus@mediaplex[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Markus\Cookies\markus@perf.overture[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Markus\Cookies\markus@realmedia[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Markus\Cookies\markus@serving-sys[2].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Markus\Cookies\markus@targetnet[2].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Markus\Cookies\markus@tradedoubler[2].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Markus\Cookies\markus@trafficmp[1].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Markus\Cookies\markus@tribalfusion[1].txt
Spyware:Cookie/Valueclick Not disinfected C:\Documents and Settings\Markus\Cookies\markus@valueclick[2].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Markus\Cookies\markus@weborama[2].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Markus\Cookies\markus@z1.adserver[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Markus\Cookies\markus@zedo[2].txt
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Administrator\Application Data\atom phone comp\gram trust stupid license.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\4the\Grid beep.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\aobnqyse.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\arwxxudo.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\bind one.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\cgsnhwxi.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\ckiundmi.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\clvkxljq.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\efkrdvzh.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\gkhrjqss.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\gllcsflw.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\gnyylwrj.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\gram trust stupid license.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\hdkpheen.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\hijsdlbb.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\hthwujfj.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\hyzjudtv.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\jdkkzevc.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\jyvpjwmg.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\kygidgqb.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\open sixth trans.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\pcjcyzdv.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\pvaruifg.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\qrfkfkhq.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\rdgoghbl.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\tufcknxn.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\uldsaiti.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\vcnlgfqh.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\ylwzwyjy.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Dustin Gall\Application Data\atom phone comp\zpypdjqs.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\4the\Grid beep.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\ahhxichj.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\bind one.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\dxeqnsjv.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\enqawnhw.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\eydygxdh.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\fikwoiso.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\fycglezc.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\gpfmtciz.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\gram trust stupid license.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\grogveyf.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\hnjuunhq.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\jruqzmlt.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\lpaieyrg.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\lrustzmx.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\nsdrfrmh.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\open sixth trans.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\pkkhgsbt.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\putzeffo.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\rbxlrwfr.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\scfdldkv.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\swgltckf.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\ttawdkou.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\vgdgwagv.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\vgqftbqv.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\xaxyxlev.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Application Data\atom phone comp\zrhfqzja.exe
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@888[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@ad.yieldmanager[2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@ads.pointroll[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@advertising[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@atdmt[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@belnk[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@dist.belnk[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@doubleclick[1].txt
Spyware:Cookie/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@lop[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@perf.overture[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@realmedia[1].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@targetnet[2].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@trafficmp[2].txt
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@z1.adserver[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Elaine Gall\Cookies\elaine gall@zedo[2].txt
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Local Settings\Temp\sta9D.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Elaine Gall\Local Settings\Temp\staC.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\bepgpsnq.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\bind one.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\blmvgdju.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\cfygjddt.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\dcpndwap.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\duzibaph.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\fuicgqgd.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\goiwksjb.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\gram trust stupid license.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\guuffkjo.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\ilipemyt.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\mczplhvs.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\mhxwzjbk.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\nlpnnrdt.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\open sixth trans.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\pbpogdgc.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\qnxvleop.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\rqlrefdz.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\rqmmvkbh.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\synnfikz.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\vwicrqld.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\xvrgfpkb.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\yoeioheh.exe
Adware:Adware/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Application Data\atom phone comp\zubdwiym.exe
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@2o7[2].txt
Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@888[2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@ad.yieldmanager[2].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@adopt.hbmediapro[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@adrevolver[2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@adrevolver[3].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@ads.pointroll[2].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@adultfriendfinder[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@advertising[2].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@as-eu.falkag[1].txt
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@as1.falkag[2].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@ask[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@atdmt[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@ath.belnk[2].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@azjmp[2].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@banner[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@belnk[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@casalemedia[2].txt
Spyware:Cookie/CentrPort Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@centrport[1].txt
Spyware:Cookie/Coremetrics Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@data.coremetrics[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@dist.belnk[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@fastclick[1].txt
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@hc2.humanclick[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@hitbox[2].txt
Spyware:Cookie/Lop Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@lop[2].txt
Spyware:Cookie/Maxserving Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@maxserving[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@mediaplex[1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@perf.overture[1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@realmedia[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@serving-sys[2].txt
Spyware:Cookie/Mammamediasolutions Not disinfected C:\Documents and Settings\Lisa Gall\Cookies\lisa gall@targetnet[1].txt
Spyware:Cookie/Tradedoubler
- that_smut
- Beiträge: 10
- Registriert: 02.01.2005, 01:11