So, jetzt hab ich das mal gemacht....
C:\windows\system32\eliteuzw32.exe
C:\windows\system32\eliteuzw32.exe
C:\!Submit
C:\WINDOWS\TEMP\tmp9099.tmp
C:\windows\system\elitenun32.exe
C:\WINDOWS\EliteToolBar
C:\WINDOWS\SYSTEM\eliteerror32.dat
C:\WINDOWS\TEMP\tmp9099.tmp
C:\WINDOWS\EliteToolBar
C:\WINDOWS\SYSTEM\eliteerror32.dat
C:\windows\system\elitenun32.exe
C:\windows\system\elitenun32.exe
C:\windows\system32\eliteuzw32.exe
C:\!Submit
C:\windows\system\elitenun32.exe
C:\WINDOWS\EliteToolBar
C:\WINDOWS\SYSTEM\eliteerror32.dat
C:\WINDOWS\TEMP\tmp9099.tmp
Gruß
Simon
Warum kostenlos registrieren?
Nur als registriertes Mitglied hast Du vollen Zugriff auf alle Funktionen unserer Website. So kannst Du eigene Fragen stellen und hast die volle Übersicht über neue interessante Themen im Forum.
Jetzt kostenlos registrieren.
Login
Von SearchMiracle/EliteToolbar etc befallen, bitte helfen...
36 Beiträge • Seite 2 von 3 • 1, 2, 3
von Nikita am 09.02.2005, 16:40
nichts zu machen, es erscheint kein deleted, hast du auch angehakt:"Replace on Reboot"????
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von Nikita am 09.02.2005, 16:43
#Gehe auf diese Seite: http://www.lavasofthelp.com/submit/
kopiere folgendes Submit)
Copy and paste the full filepaths below and hit "submit", one at a time:
kopiere rein:
C:\windows\system32\eliteuzw32.exe
C:\WINDOWS\TEMP\tmp9099.tmp
C:\windows\system\elitenun32.exe
C:\WINDOWS\EliteToolBar
C:\WINDOWS\SYSTEM\eliteerror32.dat
#Ad-aware SE Personal 1.05 Updated
http://fileforum.betanews.com/detail/965718306/1
Laden--> Updaten-->scannen (fullscann)-->PC neustarten--> noch mal scannen--> poste das Log vom Scann
kopiere folgendes Submit)
Copy and paste the full filepaths below and hit "submit", one at a time:
kopiere rein:
C:\windows\system32\eliteuzw32.exe
C:\WINDOWS\TEMP\tmp9099.tmp
C:\windows\system\elitenun32.exe
C:\WINDOWS\EliteToolBar
C:\WINDOWS\SYSTEM\eliteerror32.dat
#Ad-aware SE Personal 1.05 Updated
http://fileforum.betanews.com/detail/965718306/1
Laden--> Updaten-->scannen (fullscann)-->PC neustarten--> noch mal scannen--> poste das Log vom Scann
Zuletzt geändert von Nikita am 09.02.2005, 16:43, insgesamt 1-mal geändert.
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von mister_tt am 09.02.2005, 16:43
Klar, hab ich das gemacht.... 
Gehe jetzt nochmal mit allen Scannern durch.....
Gehe jetzt nochmal mit allen Scannern durch.....
- mister_tt
- Beiträge: 290
- Registriert: 08.02.2005, 23:06
- Wohnort: Frankfurt am Main
von Nikita am 09.02.2005, 16:44
nikita hat geschrieben:#Gehe auf diese Seite: http://www.lavasofthelp.com/submit/
kopiere folgendes Submit)
Copy and paste the full filepaths below and hit "submit", one at a time:
kopiere rein:
C:\windows\system32\eliteuzw32.exe
C:\WINDOWS\TEMP\tmp9099.tmp
C:\windows\system\elitenun32.exe
C:\WINDOWS\EliteToolBar
C:\WINDOWS\SYSTEM\eliteerror32.dat
#Ad-aware SE Personal 1.05 Updated
http://fileforum.betanews.com/detail/965718306/1
Laden--> Updaten-->scannen (fullscann) POSTE DAS LOG -->PC neustarten--> noch mal scannen--> poste das Log vom Scann
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von mister_tt am 09.02.2005, 16:47
Bin eben nochmal mit Adaware durch, werde das nmoch paar ma machen *lol*
Das hab ich aber nicht wirklich verstanden, kannst nomma erklären?
Danke, Lg
Simon
- Code: Alles auswählen
#Gehe auf diese Seite: http://www.lavasofthelp.com/submit/
kopiere folgendes Submit)
Copy and paste the full filepaths below and hit "submit", one at a time:
kopiere rein:
C:\windows\system32\eliteuzw32.exe
C:\WINDOWS\TEMP\tmp9099.tmp
C:\windows\system\elitenun32.exe
C:\WINDOWS\EliteToolBar
C:\WINDOWS\SYSTEM\eliteerror32.dat
Das hab ich aber nicht wirklich verstanden, kannst nomma erklären?
Danke, Lg
Simon
- mister_tt
- Beiträge: 290
- Registriert: 08.02.2005, 23:06
- Wohnort: Frankfurt am Main
von Nikita am 09.02.2005, 16:53
du meldest dich dort an, dann erscheint ein Fenster: Submit oder aehnlich, dort kopierst du die Dateien rein.
dann laedst du das Tool, eventuell noch die deutsche Sprachversion, konfigurierst, dass nach Neustart alles geloescht wird + Fullscann.
und postest mir beide logs, das vor und das nach dem Neustart
dann laedst du das Tool, eventuell noch die deutsche Sprachversion, konfigurierst, dass nach Neustart alles geloescht wird + Fullscann.
und postest mir beide logs, das vor und das nach dem Neustart
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von mister_tt am 09.02.2005, 17:09
Hier erstma die zwei Adaware Logs:
(1)
(2)
Ich versuch das jetzt mal noch mit dem anderen da
(1)
- Code: Alles auswählen
Ad-Aware SE Build 1.05
Logfile Created on:Mittwoch, 9. Februar 2005 15:30:29
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R27 05.02.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ebates MoneyMaker(TAC index:4):18 total references
MRU List(TAC index:0):16 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
09.02.2005 15:30:29 - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : S-1-5-21-117609710-879983540-682003330-1004\software\nico mak computing\winzip\filemenu
Description : winzip recently used archives
MRU List Object Recognized!
Location: : S-1-5-21-117609710-879983540-682003330-1004\software\nvidia corporation\global\nview\windowmanagement
Description : nvidia nview cached application window positions
MRU List Object Recognized!
Location: : S-1-5-21-117609710-879983540-682003330-1004\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run
MRU List Object Recognized!
Location: : S-1-5-21-117609710-879983540-682003330-1004\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-117609710-879983540-682003330-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-117609710-879983540-682003330-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-117609710-879983540-682003330-1004\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-117609710-879983540-682003330-1004\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-117609710-879983540-682003330-1004\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-117609710-879983540-682003330-1004\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-117609710-879983540-682003330-1004\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor
MRU List Object Recognized!
Location: : S-1-5-21-117609710-879983540-682003330-1004\software\microsoft\frontpage\explorer\frontpage explorer\recent page list
Description : list of recently used pages in microsoft frontpage
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : C:\Dokumente und Einstellungen\Simon S\recent
Description : list of recently opened documents
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 476
ThreadCreationTime : 09.02.2005 14:24:31
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 724
ThreadCreationTime : 09.02.2005 14:24:36
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 1348
ThreadCreationTime : 09.02.2005 14:24:37
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1392
ThreadCreationTime : 09.02.2005 14:24:37
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Anwendung für Dienste und Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1404
ThreadCreationTime : 09.02.2005 14:24:37
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1568
ThreadCreationTime : 09.02.2005 14:24:38
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1628
ThreadCreationTime : 09.02.2005 14:24:38
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1860
ThreadCreationTime : 09.02.2005 14:24:38
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1932
ThreadCreationTime : 09.02.2005 14:24:38
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2036
ThreadCreationTime : 09.02.2005 14:24:39
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [ccproxy.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 544
ThreadCreationTime : 09.02.2005 14:24:39
BasePriority : Normal
FileVersion : 103.0.2.10
ProductVersion : 103.0.2.10
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Network Proxy Service
InternalName : ccProxy
LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccProxy.exe
#:12 [ccsetmgr.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 560
ThreadCreationTime : 09.02.2005 14:24:39
BasePriority : Normal
FileVersion : 103.0.2.10
ProductVersion : 103.0.2.10
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe
#:13 [issvc.exe]
FilePath : C:\Programme\Norton Internet Security\
ProcessID : 572
ThreadCreationTime : 09.02.2005 14:24:39
BasePriority : Normal
FileVersion : 8.0.2.5
ProductVersion : 8.0
ProductName : Norton Internet Security
CompanyName : Symantec Corporation
FileDescription : IS Service
InternalName : ISSVC.exe
LegalCopyright : Copyright (c) 2004 Symantec Corporation
OriginalFilename : ISSVC.exe
#:14 [sndsrvc.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 584
ThreadCreationTime : 09.02.2005 14:24:40
BasePriority : Normal
FileVersion : 5.4.4.17
ProductVersion : 5.4
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe
#:15 [spbbcsvc.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\
ProcessID : 612
ThreadCreationTime : 09.02.2005 14:24:40
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright (c) 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe
#:16 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 892
ThreadCreationTime : 09.02.2005 14:24:42
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : EXPLORER.EXE
#:17 [ccevtmgr.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 940
ThreadCreationTime : 09.02.2005 14:24:42
BasePriority : Normal
FileVersion : 103.0.2.10
ProductVersion : 103.0.2.10
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:18 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 376
ThreadCreationTime : 09.02.2005 14:24:44
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:19 [ctsvccda.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1368
ThreadCreationTime : 09.02.2005 14:24:53
BasePriority : Normal
FileVersion : 1.0.1.0
ProductVersion : 1.0.0.0
ProductName : Creative Service for CDROM Access
CompanyName : Creative Technology Ltd
FileDescription : Creative Service for CDROM Access
InternalName : CTsvcCDAEXE
LegalCopyright : Copyright (c) Creative Technology Ltd., 1999. All rights reserved.
OriginalFilename : CTsvcCDA.EXE
#:20 [kodakccs.exe]
FilePath : C:\WINDOWS\system32\drivers\
ProcessID : 1540
ThreadCreationTime : 09.02.2005 14:24:53
BasePriority : Normal
FileVersion : 1.1.5000.0
ProductVersion : 4.3.3.0
ProductName : Kodak DC File System Driver (Win32)
CompanyName : Eastman Kodak Company
FileDescription : Kodak DC Ring 3 Conduit (Win32)
InternalName : KodakCCS.exe
LegalCopyright : Copyright (C) Eastman Kodak Co. 2000-2003
OriginalFilename : DcFsSvc.exe
#:21 [navapsvc.exe]
FilePath : C:\Programme\Norton Internet Security\Norton AntiVirus\
ProcessID : 1688
ThreadCreationTime : 09.02.2005 14:24:53
BasePriority : Normal
FileVersion : 11.0.2.4
ProductVersion : 11.0.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:22 [nvsvc32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1716
ThreadCreationTime : 09.02.2005 14:24:53
BasePriority : Normal
FileVersion : 6.14.10.6693
ProductVersion : 6.14.10.6693
ProductName : NVIDIA Driver Helper Service, Version 66.93
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 66.93
InternalName : NVSVC
LegalCopyright : (C) NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe
#:23 [scsiaccess.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1888
ThreadCreationTime : 09.02.2005 14:24:54
BasePriority : Normal
#:24 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2040
ThreadCreationTime : 09.02.2005 14:24:54
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:25 [symlcsvc.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\
ProcessID : 528
ThreadCreationTime : 09.02.2005 14:24:54
BasePriority : Normal
FileVersion : 1, 8, 54, 478
ProductVersion : 1, 8, 54, 478
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright (C) 2003
OriginalFilename : symlcsvc.exe
#:26 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 744
ThreadCreationTime : 09.02.2005 14:24:54
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:27 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2112
ThreadCreationTime : 09.02.2005 14:25:04
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Eine DLL-Datei als Anwendung ausführen
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : RUNDLL.EXE
#:28 [itouch.exe]
FilePath : C:\Programme\Logitech iTouch\iTouch\
ProcessID : 2168
ThreadCreationTime : 09.02.2005 14:25:04
BasePriority : Normal
FileVersion : 2.22.289
ProductVersion : 2.22.289
ProductName : iTouch
CompanyName : Logitech Inc.
FileDescription : iTouch Application
InternalName : iTouch
LegalCopyright : (C) 1998-2003 Logitech. All rights reserved.
LegalTrademarks : Logitech® and iTouch® are registered trademarks of Logitech Inc.
OriginalFilename : iTouch.exe
Comments : Created by the iTouch team
#:29 [jusched.exe]
FilePath : C:\Programme\Java\j2re1.4.2_05\bin\
ProcessID : 2212
ThreadCreationTime : 09.02.2005 14:25:05
BasePriority : Normal
#:30 [realsched.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Real\Update_OB\
ProcessID : 2228
ThreadCreationTime : 09.02.2005 14:25:05
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:31 [ccapp.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 2268
ThreadCreationTime : 09.02.2005 14:25:06
BasePriority : Normal
FileVersion : 103.0.2.10
ProductVersion : 103.0.2.10
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:32 [qttask.exe]
FilePath : C:\Programme\QuickTime\
ProcessID : 2276
ThreadCreationTime : 09.02.2005 14:25:06
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:33 [pdvdserv.exe]
FilePath : C:\Programme\CyberLink PowerDVD\
ProcessID : 2296
ThreadCreationTime : 09.02.2005 14:25:06
BasePriority : Normal
FileVersion : 6.00.1027
ProductVersion : 6.00.1027
ProductName : PowerDVD
CompanyName : Cyberlink Corp.
FileDescription : PowerDVD RC Service
InternalName : PowerDVD RC Service
LegalCopyright : Copyright (c) CyberLink Corp. 1997-2004
OriginalFilename : PDVDSERV.EXE
#:34 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2304
ThreadCreationTime : 09.02.2005 14:25:06
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Eine DLL-Datei als Anwendung ausführen
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : RUNDLL.EXE
#:35 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2312
ThreadCreationTime : 09.02.2005 14:25:06
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:36 [ir.exe]
FilePath : C:\Programme\WinTV\
ProcessID : 2352
ThreadCreationTime : 09.02.2005 14:25:08
BasePriority : Normal
FileVersion : 2.34.21030
ProductVersion : 2.34.21030
ProductName : Hauppauge Computer Works IR
CompanyName : Hauppauge Computer Works
FileDescription : IR
InternalName : IR32
LegalCopyright : Copyright © 1999-2003 Hauppauge Computer Works
OriginalFilename : IR.exe
#:37 [sizer.exe]
FilePath : C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\
ProcessID : 2364
ThreadCreationTime : 09.02.2005 14:25:08
BasePriority : Normal
#:38 [wuauclt.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2612
ThreadCreationTime : 09.02.2005 14:25:46
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Automatische Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : wuauclt.exe
#:39 [ad-aware.exe]
FilePath : C:\Programme\Ad-Aware SE Personal\
ProcessID : 220
ThreadCreationTime : 09.02.2005 14:30:13
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 16
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "AC"
Rootkey : HKEY_USERS
Object : S-1-5-21-117609710-879983540-682003330-1004\software\lq
Value : AC
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 17
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 17
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ebates MoneyMaker Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : TM
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AT
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AC
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AD
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AM
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : U
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : I
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : TR
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : country
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : city
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : state
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX2.8
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX2.9
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX3.0
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX3.1
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 17
Objects found so far: 34
15:42:24 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:11:54.78
Objects scanned:175491
Objects identified:18
Objects ignored:0
New critical objects:18
(2)
- Code: Alles auswählen
Ad-Aware SE Build 1.05
Logfile Created on:Mittwoch, 9. Februar 2005 15:54:27
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R27 05.02.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):6 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
09.02.2005 15:54:27 - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : S-1-5-21-117609710-879983540-682003330-1004\software\nvidia corporation\global\nview\windowmanagement
Description : nvidia nview cached application window positions
MRU List Object Recognized!
Location: : S-1-5-21-117609710-879983540-682003330-1004\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : C:\Dokumente und Einstellungen\Simon S\recent
Description : list of recently opened documents
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 1288
ThreadCreationTime : 09.02.2005 14:51:33
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 1336
ThreadCreationTime : 09.02.2005 14:51:34
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 1360
ThreadCreationTime : 09.02.2005 14:51:35
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1404
ThreadCreationTime : 09.02.2005 14:51:36
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Anwendung für Dienste und Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1416
ThreadCreationTime : 09.02.2005 14:51:36
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1568
ThreadCreationTime : 09.02.2005 14:51:36
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1632
ThreadCreationTime : 09.02.2005 14:51:36
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1864
ThreadCreationTime : 09.02.2005 14:51:37
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1936
ThreadCreationTime : 09.02.2005 14:51:37
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2008
ThreadCreationTime : 09.02.2005 14:51:37
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [ccproxy.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 540
ThreadCreationTime : 09.02.2005 14:51:38
BasePriority : Normal
FileVersion : 103.0.2.10
ProductVersion : 103.0.2.10
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Network Proxy Service
InternalName : ccProxy
LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccProxy.exe
#:12 [ccsetmgr.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 556
ThreadCreationTime : 09.02.2005 14:51:38
BasePriority : Normal
FileVersion : 103.0.2.10
ProductVersion : 103.0.2.10
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe
#:13 [issvc.exe]
FilePath : C:\Programme\Norton Internet Security\
ProcessID : 568
ThreadCreationTime : 09.02.2005 14:51:38
BasePriority : Normal
FileVersion : 8.0.2.5
ProductVersion : 8.0
ProductName : Norton Internet Security
CompanyName : Symantec Corporation
FileDescription : IS Service
InternalName : ISSVC.exe
LegalCopyright : Copyright (c) 2004 Symantec Corporation
OriginalFilename : ISSVC.exe
#:14 [sndsrvc.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 580
ThreadCreationTime : 09.02.2005 14:51:38
BasePriority : Normal
FileVersion : 5.4.4.17
ProductVersion : 5.4
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe
#:15 [spbbcsvc.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\SPBBC\
ProcessID : 608
ThreadCreationTime : 09.02.2005 14:51:39
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright (c) 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe
#:16 [ccevtmgr.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 648
ThreadCreationTime : 09.02.2005 14:51:39
BasePriority : Normal
FileVersion : 103.0.2.10
ProductVersion : 103.0.2.10
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:17 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 972
ThreadCreationTime : 09.02.2005 14:51:41
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : EXPLORER.EXE
#:18 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 444
ThreadCreationTime : 09.02.2005 14:51:42
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:19 [ctsvccda.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1696
ThreadCreationTime : 09.02.2005 14:51:52
BasePriority : Normal
FileVersion : 1.0.1.0
ProductVersion : 1.0.0.0
ProductName : Creative Service for CDROM Access
CompanyName : Creative Technology Ltd
FileDescription : Creative Service for CDROM Access
InternalName : CTsvcCDAEXE
LegalCopyright : Copyright (c) Creative Technology Ltd., 1999. All rights reserved.
OriginalFilename : CTsvcCDA.EXE
#:20 [kodakccs.exe]
FilePath : C:\WINDOWS\system32\drivers\
ProcessID : 1748
ThreadCreationTime : 09.02.2005 14:51:52
BasePriority : Normal
FileVersion : 1.1.5000.0
ProductVersion : 4.3.3.0
ProductName : Kodak DC File System Driver (Win32)
CompanyName : Eastman Kodak Company
FileDescription : Kodak DC Ring 3 Conduit (Win32)
InternalName : KodakCCS.exe
LegalCopyright : Copyright (C) Eastman Kodak Co. 2000-2003
OriginalFilename : DcFsSvc.exe
#:21 [navapsvc.exe]
FilePath : C:\Programme\Norton Internet Security\Norton AntiVirus\
ProcessID : 1780
ThreadCreationTime : 09.02.2005 14:51:52
BasePriority : Normal
FileVersion : 11.0.2.4
ProductVersion : 11.0.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:22 [nvsvc32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1812
ThreadCreationTime : 09.02.2005 14:51:52
BasePriority : Normal
FileVersion : 6.14.10.6693
ProductVersion : 6.14.10.6693
ProductName : NVIDIA Driver Helper Service, Version 66.93
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 66.93
InternalName : NVSVC
LegalCopyright : (C) NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe
#:23 [scsiaccess.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1980
ThreadCreationTime : 09.02.2005 14:51:52
BasePriority : Normal
#:24 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 232
ThreadCreationTime : 09.02.2005 14:51:52
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:25 [symlcsvc.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\CCPD-LC\
ProcessID : 748
ThreadCreationTime : 09.02.2005 14:51:53
BasePriority : Normal
FileVersion : 1, 8, 54, 478
ProductVersion : 1, 8, 54, 478
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright (C) 2003
OriginalFilename : symlcsvc.exe
#:26 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 832
ThreadCreationTime : 09.02.2005 14:51:53
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:27 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2148
ThreadCreationTime : 09.02.2005 14:52:02
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Eine DLL-Datei als Anwendung ausführen
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : RUNDLL.EXE
#:28 [itouch.exe]
FilePath : C:\Programme\Logitech iTouch\iTouch\
ProcessID : 2188
ThreadCreationTime : 09.02.2005 14:52:02
BasePriority : Normal
FileVersion : 2.22.289
ProductVersion : 2.22.289
ProductName : iTouch
CompanyName : Logitech Inc.
FileDescription : iTouch Application
InternalName : iTouch
LegalCopyright : (C) 1998-2003 Logitech. All rights reserved.
LegalTrademarks : Logitech® and iTouch® are registered trademarks of Logitech Inc.
OriginalFilename : iTouch.exe
Comments : Created by the iTouch team
#:29 [jusched.exe]
FilePath : C:\Programme\Java\j2re1.4.2_05\bin\
ProcessID : 2220
ThreadCreationTime : 09.02.2005 14:52:03
BasePriority : Normal
#:30 [realsched.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Real\Update_OB\
ProcessID : 2248
ThreadCreationTime : 09.02.2005 14:52:03
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:31 [ccapp.exe]
FilePath : C:\Programme\Gemeinsame Dateien\Symantec Shared\
ProcessID : 2292
ThreadCreationTime : 09.02.2005 14:52:04
BasePriority : Normal
FileVersion : 103.0.2.10
ProductVersion : 103.0.2.10
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright (c) 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:32 [qttask.exe]
FilePath : C:\Programme\QuickTime\
ProcessID : 2304
ThreadCreationTime : 09.02.2005 14:52:04
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:33 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2316
ThreadCreationTime : 09.02.2005 14:52:05
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Eine DLL-Datei als Anwendung ausführen
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : RUNDLL.EXE
#:34 [pdvdserv.exe]
FilePath : C:\Programme\CyberLink PowerDVD\
ProcessID : 2328
ThreadCreationTime : 09.02.2005 14:52:05
BasePriority : Normal
FileVersion : 6.00.1027
ProductVersion : 6.00.1027
ProductName : PowerDVD
CompanyName : Cyberlink Corp.
FileDescription : PowerDVD RC Service
InternalName : PowerDVD RC Service
LegalCopyright : Copyright (c) CyberLink Corp. 1997-2004
OriginalFilename : PDVDSERV.EXE
#:35 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2340
ThreadCreationTime : 09.02.2005 14:52:06
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:36 [ir.exe]
FilePath : C:\Programme\WinTV\
ProcessID : 2424
ThreadCreationTime : 09.02.2005 14:52:07
BasePriority : Normal
FileVersion : 2.34.21030
ProductVersion : 2.34.21030
ProductName : Hauppauge Computer Works IR
CompanyName : Hauppauge Computer Works
FileDescription : IR
InternalName : IR32
LegalCopyright : Copyright © 1999-2003 Hauppauge Computer Works
OriginalFilename : IR.exe
#:37 [sizer.exe]
FilePath : C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\
ProcessID : 2452
ThreadCreationTime : 09.02.2005 14:52:07
BasePriority : Normal
#:38 [wuauclt.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2696
ThreadCreationTime : 09.02.2005 14:52:45
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Automatische Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : wuauclt.exe
#:39 [ad-aware.exe]
FilePath : C:\Programme\Ad-Aware SE Personal\
ProcessID : 3392
ThreadCreationTime : 09.02.2005 14:52:57
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 6
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6
16:06:27 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:11:59.968
Objects scanned:175453
Objects identified:0
Objects ignored:0
New critical objects:0
Ich versuch das jetzt mal noch mit dem anderen da
- mister_tt
- Beiträge: 290
- Registriert: 08.02.2005, 23:06
- Wohnort: Frankfurt am Main
von mister_tt am 09.02.2005, 17:15
Welches Tool soll ich denn da runterladen? Adaware hab ich doch schon! Hab das jetzt da submitted aber konnte nichts runterladen 
Denke mal das ist ein Missverständnis und das ist dasselbe oder? Mit Adaware habe ich ja schon gescannt (siehe oben)
PS: Im mom hab ich auch keine Popups mehr, allerdings findet HijackThis immer noch das Teil etc pp
Denke mal das ist ein Missverständnis und das ist dasselbe oder? Mit Adaware habe ich ja schon gescannt (siehe oben)
PS: Im mom hab ich auch keine Popups mehr, allerdings findet HijackThis immer noch das Teil etc pp
- mister_tt
- Beiträge: 290
- Registriert: 08.02.2005, 23:06
- Wohnort: Frankfurt am Main
von Nikita am 09.02.2005, 17:51
du sollst da auch nichts runterladen, sondern die Dateien nacheinander reinkopieren.
(in Submit)
dann updatest du AdAware und scannst noch mal (am besten im abgesicherten Modus) Dann sollte ADAware die Malware erkennen
he submission system is not for assistance with scan logs, items detected by Ad-Aware that you'd like further information on, or any other type of support request. Questions of this nature should go to the Lavasoft Support Forums, and users of Ad-Aware 6 Plus and Professional Editions can also receive support by emailing general-support@lavasoft.de.
Fill in your Email address, and optionally your name. A valid Email address is required for all submissions, as we need a method to contact you if further information is required. You may review our Terms Of Use | Privacy Policy for more information concerning information submitted.
Upload size is limited to 4 Megabytes (4096 kilobytes). If your submission is larger, or if your submission does not involve a file upload, please email your submission to research@lavasoft.de.
While uploading, the browser's progress bar is used to show your upload progress. On a dial-up connection, a 1 Megabyte file takes approximately 5 to 10 minutes (depending on connection speed and other factors).
Name (optional):
Email Address:
Submission File:
C:\windows\system32\eliteuzw32.exe
C:\WINDOWS\TEMP\tmp9099.tmp
C:\windows\system\elitenun32.exe
C:\WINDOWS\EliteToolBar
C:\WINDOWS\SYSTEM\eliteerror32.dat
mich interessiert auch, ob die Nachrivht kommt, dass es gefunden/nicht gefunden wurde.
(in Submit)
dann updatest du AdAware und scannst noch mal (am besten im abgesicherten Modus) Dann sollte ADAware die Malware erkennen
he submission system is not for assistance with scan logs, items detected by Ad-Aware that you'd like further information on, or any other type of support request. Questions of this nature should go to the Lavasoft Support Forums, and users of Ad-Aware 6 Plus and Professional Editions can also receive support by emailing general-support@lavasoft.de.
Fill in your Email address, and optionally your name. A valid Email address is required for all submissions, as we need a method to contact you if further information is required. You may review our Terms Of Use | Privacy Policy for more information concerning information submitted.
Upload size is limited to 4 Megabytes (4096 kilobytes). If your submission is larger, or if your submission does not involve a file upload, please email your submission to research@lavasoft.de.
While uploading, the browser's progress bar is used to show your upload progress. On a dial-up connection, a 1 Megabyte file takes approximately 5 to 10 minutes (depending on connection speed and other factors).
Name (optional):
Email Address:
Submission File:
C:\windows\system32\eliteuzw32.exe
C:\WINDOWS\TEMP\tmp9099.tmp
C:\windows\system\elitenun32.exe
C:\WINDOWS\EliteToolBar
C:\WINDOWS\SYSTEM\eliteerror32.dat
mich interessiert auch, ob die Nachrivht kommt, dass es gefunden/nicht gefunden wurde.
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von mister_tt am 09.02.2005, 17:58
Joa, hab das gemacht, aber das erneute Update von Adaware war fürn ***... Hat gesagt das keine neuen Updates verfügbar wären.
Was soll ich jetzt machen?
Was soll ich jetzt machen?
- mister_tt
- Beiträge: 290
- Registriert: 08.02.2005, 23:06
- Wohnort: Frankfurt am Main