Nach Trojaner arbeitet mein Rechner nur noch sehr langsam

arky · 31.05.2007, 17:11

Teil 1:

Ad-Aware SE Build 1.06r1
Logfile Created on

onnerstag, 31. Mai 2007 17:39:45
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R173 29.05.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
BrilliantDigital(TAC index:6):3 total references
H@tKeysH@@k(TAC index:5):1 total references
Lop(TAC index:7):8 total references
MRU List(TAC index:0):28 total references
Tracking Cookie(TAC index:3):30 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects

31.05.2007 17:39:45 - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Dokumente und Einstellungen\Stefan\recent
Description : list of recently opened documents

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\ahead\cover designer\recent file list
Description : list of recently used files in ahead cover designer

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\ahead\nero - burning rom\recent file list
Description : list of recently used files in nero burning rom

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\creative tech\creative wavestudio\settings
Description : list of recently used directories in creative wavestudio

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X

MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\mediaplayer\player\settings
Description : last save as directory used in jasc paint shop pro

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\mediaplayer\preferences
Description : last cd record path used in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\mediaplayer\preferences
Description : last search path used in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\office\11.0\common\general
Description : list of recently used symbols in microsoft office

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 260
ThreadCreationTime : 31.05.2007 15:38:06
BasePriority : Normal

#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 312
ThreadCreationTime : 31.05.2007 15:38:20
BasePriority : Normal

#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 336
ThreadCreationTime : 31.05.2007 15:38:22
BasePriority : High

#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 380
ThreadCreationTime : 31.05.2007 15:38:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Anwendung für Dienste und Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 392
ThreadCreationTime : 31.05.2007 15:38:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 552
ThreadCreationTime : 31.05.2007 15:38:30
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 616
ThreadCreationTime : 31.05.2007 15:38:32
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 672
ThreadCreationTime : 31.05.2007 15:38:33
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 936
ThreadCreationTime : 31.05.2007 15:38:51
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : EXPLORER.EXE

#:10 [ad-aware.exe]
FilePath : C:\Programme\Lavasoft\Ad-Aware SE Personal\
ProcessID : 1064
ThreadCreationTime : 31.05.2007 15:39:16
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Ad-Aware SE Build 1.06r1
Logfile Created on

onnerstag, 31. Mai 2007 17:39:45
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R173 29.05.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
BrilliantDigital(TAC index:6):3 total references
H@tKeysH@@k(TAC index:5):1 total references
Lop(TAC index:7):8 total references
MRU List(TAC index:0):28 total references
Tracking Cookie(TAC index:3):30 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects

31.05.2007 17:39:45 - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Dokumente und Einstellungen\Stefan\recent
Description : list of recently opened documents

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\ahead\cover designer\recent file list
Description : list of recently used files in ahead cover designer

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\ahead\nero - burning rom\recent file list
Description : list of recently used files in nero burning rom

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\creative tech\creative wavestudio\settings
Description : list of recently used directories in creative wavestudio

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X

MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\mediaplayer\player\settings
Description : last save as directory used in jasc paint shop pro

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\mediaplayer\preferences
Description : last cd record path used in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\mediaplayer\preferences
Description : last search path used in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\office\11.0\common\general
Description : list of recently used symbols in microsoft office

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer

MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

MRU List Object Recognized!
Location: : S-1-5-21-527237240-1788223648-725345543-1003\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history

arky · 31.05.2007, 17:12

Teil 2:

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 260
ThreadCreationTime : 31.05.2007 15:38:06
BasePriority : Normal

#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 312
ThreadCreationTime : 31.05.2007 15:38:20
BasePriority : Normal

#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 336
ThreadCreationTime : 31.05.2007 15:38:22
BasePriority : High

#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 380
ThreadCreationTime : 31.05.2007 15:38:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Anwendung für Dienste und Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 392
ThreadCreationTime : 31.05.2007 15:38:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 552
ThreadCreationTime : 31.05.2007 15:38:30
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 616
ThreadCreationTime : 31.05.2007 15:38:32
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 672
ThreadCreationTime : 31.05.2007 15:38:33
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 936
ThreadCreationTime : 31.05.2007 15:38:51
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : EXPLORER.EXE

#:10 [ad-aware.exe]
FilePath : C:\Programme\Lavasoft\Ad-Aware SE Personal\
ProcessID : 1064
ThreadCreationTime : 31.05.2007 15:39:16
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28

Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Lop Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{1aa406ab-f581-42ab-b4d1-31d2e13819ef}

Lop Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a8b0f390-e6bf-4027-a4d4-1e4363f5e27b}

Lop Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a9e33220-0b05-11d7-88d2-444553540000}

Lop Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{e0abbf96-17dc-44ca-96d0-6217064a97ba}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 32

Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 32

Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@ivwbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:12
Value : Cookie:stefan@ivwbox.de/
Expires : 29.05.2008 16:54:04
LastSync : Hits:12
UseCount : 0
Hits : 12

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@adopt.euroclick[3].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:172
Value : Cookie:stefan@adopt.euroclick.com/
Expires : 27.05.2017 19:47:14
LastSync : Hits:172
UseCount : 0
Hits : 172

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@e-2dj6wgkowmc5sgp.stats.esomniture[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:stefan@e-2dj6wgkowmc5sgp.stats.esomniture.com/
Expires : 29.05.2012 14:38:14
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@www.etracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:58
Value : Cookie:stefan@www.etracker.de/
Expires : 28.08.2007 17:57:16
LastSync : Hits:58
UseCount : 0
Hits : 58

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@indextools[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:stefan@indextools.com/
Expires : 29.05.2008 17:19:40
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@revsci[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:stefan@revsci.net/
Expires : 26.05.2027 17:23:12
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@adultfriendfinder[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:stefan@adultfriendfinder.com/
Expires : 29.06.2007 17:21:36
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@media.adrevolver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:stefan@media.adrevolver.com/adrevolver/
Expires : 21.02.2010 04:21:24
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@tradedoubler[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:stefan@tradedoubler.com/
Expires : 26.05.2027 17:34:16
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@zedo[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:13
Value : Cookie:stefan@zedo.com/
Expires : 28.05.2017 17:23:08
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@doubleclick[3].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:13
Value : Cookie:stefan@doubleclick.net/
Expires : 29.05.2010 17:00:44
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@partners.webmasterplan[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:stefan@partners.webmasterplan.com/
Expires : 30.05.2017
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@e-2dj6wjkywpdjchp.stats.esomniture[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:stefan@e-2dj6wjkywpdjchp.stats.esomniture.com/
Expires : 29.05.2012 14:38:32
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@bs.serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:16
Value : Cookie:stefan@bs.serving-sys.com/
Expires : 01.01.2038
LastSync : Hits:16
UseCount : 0
Hits : 16

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:70
Value : Cookie:stefan@serving-sys.com/
Expires : 01.01.2038
LastSync : Hits:70
UseCount : 0
Hits : 70

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@adtech[3].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:14
Value : Cookie:stefan@adtech.de/
Expires : 27.05.2017 15:46:30
LastSync : Hits:14
UseCount : 0
Hits : 14

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@ice.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:stefan@ice.112.2o7.net/
Expires : 28.05.2012 17:58:18
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@ad.yieldmanager[3].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:526
Value : Cookie:stefan@ad.yieldmanager.com/
Expires : 30.05.2009 17:25:30
LastSync : Hits:526
UseCount : 0
Hits : 526

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@e-2dj6wjloqhdjmep.stats.esomniture[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:stefan@e-2dj6wjloqhdjmep.stats.esomniture.com/
Expires : 29.05.2012 14:37:58
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@rambler[3].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:stefan@rambler.ru/
Expires : 01.01.2009 02:00:00
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@adrevolver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:stefan@adrevolver.com/
Expires : 30.05.2008 01:01:38
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@com[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:stefan@com.com/
Expires : 30.05.2017 17:23:14
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:stefan@2o7.net/
Expires : 29.05.2012 14:58:44
LastSync : Hits:9
UseCount : 0
Hits : 9

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@ad.yieldmanager[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Stefan\Cookies\stefan@ad.yieldmanager[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@adopt.euroclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Stefan\Cookies\stefan@adopt.euroclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Stefan\Cookies\stefan@adtech[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@apmebf[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Stefan\Cookies\stefan@apmebf[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Stefan\Cookies\stefan@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@ivwbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Stefan\Cookies\stefan@ivwbox[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : stefan@rambler[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Dokumente und Einstellungen\Stefan\Cookies\stefan@rambler[2].txt

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 30
Objects found so far: 62

Deep scanning and examining files (C

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

BrilliantDigital Object Recognized!
Type : File
Data : 31CE108F-3B29-4A02-BC0B-25C4A0
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\Programme\Sunbelt Software\CounterSpy Client\Quarantine\51AC2303-5F5E-457F-9A0F-3286DE\
FileVersion : 1, 0, 1, 9
ProductVersion : 1, 0, 0, 0
ProductName : BDEData Module
CompanyName : Brilliant Digital Entertainment
FileDescription : BDEData (Release)
InternalName : BDEDATA
LegalCopyright : Copyright 1999
OriginalFilename : BDEDATA2.DLL

Lop Object Recognized!
Type : File
Data : A0249208.exe
TAC Rating : 7
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{10C7AEAA-8CA2-49DC-826B-DF5D6952A258}\RP527\
FileVersion : 1.20.1.0
ProductVersion : 1.20.1.0
ProductName : NetPumper
CompanyName : Icenet LLC
FileDescription : IExplore 4.x-6.x URL monitor
InternalName : NetPumperIEProxy
LegalCopyright : Copyright © 2002 WakeNet AB
OriginalFilename : NetPumperIEProxy.exe

BrilliantDigital Object Recognized!
Type : File
Data : A0250177.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{10C7AEAA-8CA2-49DC-826B-DF5D6952A258}\RP529\
FileVersion : 1, 0, 1, 9
ProductVersion : 1, 0, 0, 0
ProductName : BDEData Module
CompanyName : Brilliant Digital Entertainment
FileDescription : BDEData (Release)
InternalName : BDEDATA
LegalCopyright : Copyright 1999
OriginalFilename : BDEDATA2.DLL

H@tKeysH@@k Object Recognized!
Type : File
Data : H@tKeysH@@k.DLL
TAC Rating : 5
Category : Data Miner
Comment :
Object : C:\WINDOWS\system32\

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 66

Deep scanning and examining files (E

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for E:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 66

Deep scanning and examining files (F

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for F:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 66

Deep scanning and examining files (G

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for G:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 66

Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
73 entries scanned.
New critical objects:0
Objects found so far: 66

Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Lop Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : netpumper.addurl

Lop Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\uninstall

Lop Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\netpumper

BrilliantDigital Object Recognized!
Type : File
Data : bdeinsta.inf
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\WINDOWS\downloaded program files\

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 70

17:58:59 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:19:14.844
Objects scanned:175480
Objects identified:42
Objects ignored:0
New critical objects:42

Nach Trojaner arbeitet mein Rechner nur noch sehr langsam

Log-Analyse und Auswertung: Nach Trojaner arbeitet mein Rechner nur noch sehr langsam

Nach Trojaner arbeitet mein Rechner nur noch sehr langsam

Nach Trojaner arbeitet mein Rechner nur noch sehr langsam

Ähnliche Themen: Nach Trojaner arbeitet mein Rechner nur noch sehr langsam