Notifikationer

Markér alle som læst Log ud

devilinheaven Nybegynder

15. oktober 2005 - 20:17 Der er 5 kommentarer og
1 løsning

Er det her en risikabel Logfile?

Hej her en lige en logfile af en af mine venners computer som der har været virus på.... er denne her logfile meget risikabel eller hvad

Synes godt om

devilinheaven Nybegynder

15. oktober 2005 - 20:18 #1

ups her er logfilen....

Ad-Aware SE Build 1.06r1
Logfile Created on:15. oktober 2005 20:09:30
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R70 12.10.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
AdShooter(TAC index:6):7 total references
BlazeFind(TAC index:5):3 total references
Claria(TAC index:7):71 total references
EzuLa(TAC index:6):189 total references
Possible Browser Hijack attempt(TAC index:3):2 total references
Redirected hostfile entry(TAC index:4):1 total references
ReplaceSearch.BHO(TAC index:5):9 total references
Softomate Toolbar(TAC index:9):1 total references
Tracking Cookie(TAC index:3):118 total references
WhenU(TAC index:3):51 total references
WhenU.SaveNow(TAC index:10):1 total references
Win32.P2P-Worm.Alcan.a(TAC index:8):8 total references
WindUpdates(TAC index:8):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects

15-10-2005 20:09:30 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 464
ThreadCreationTime : 15-10-2005 13:21:44
BasePriority : Normal

#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 520
ThreadCreationTime : 15-10-2005 13:21:45
BasePriority : Normal

#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 544
ThreadCreationTime : 15-10-2005 13:21:46
BasePriority : High

#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 588
ThreadCreationTime : 15-10-2005 13:21:47
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operativsystem
CompanyName : Microsoft Corporation
FileDescription : Tjenester og controllerprogrammer
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle rettigheder forbeholdes.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 600
ThreadCreationTime : 15-10-2005 13:21:47
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [ati2evxx.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 752
ThreadCreationTime : 15-10-2005 13:21:48
BasePriority : Normal

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 768
ThreadCreationTime : 15-10-2005 13:21:48
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 828
ThreadCreationTime : 15-10-2005 13:21:48
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 896
ThreadCreationTime : 15-10-2005 13:21:48
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 944
ThreadCreationTime : 15-10-2005 13:21:48
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1036
ThreadCreationTime : 15-10-2005 13:21:48
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:12 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1320
ThreadCreationTime : 15-10-2005 13:21:50
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operativsystem
CompanyName : Microsoft Corporation
FileDescription : Windows Stifinder
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Alle rettigheder forbeholdes.
OriginalFilename : EXPLORER.EXE

EzuLa Object Recognized!
Type : Process
Data : CHCON.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

#:13 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1432
ThreadCreationTime : 15-10-2005 13:21:50
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:14 [atiptaxx.exe]
FilePath : C:\Programmer\ATI Technologies\ATI Control Panel\
ProcessID : 1504
ThreadCreationTime : 15-10-2005 13:21:50
BasePriority : Normal
FileVersion : 6.14.10.5046
ProductVersion : 6.14.10.5046
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright (C) 1998-2002 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe

EzuLa Object Recognized!
Type : Process
Data : CHCON.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

#:15 [cmesys.exe]
FilePath : C:\Programmer\Fælles filer\CMEII\
ProcessID : 1512
ThreadCreationTime : 15-10-2005 13:21:50
BasePriority : Normal
FileVersion : 6.0.4.1
ProductVersion : 6.0.4.1
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : CMESys.exe
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : CMESys.exe

Claria Object Recognized!
Type : Process
Data : CMESys.exe
TAC Rating : 7
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\Programmer\Fælles filer\CMEII\
FileVersion : 6.0.4.1
ProductVersion : 6.0.4.1
ProductName : CME
CompanyName : GAIN Publishing
FileDescription : CME II Client Application
InternalName : CMESys.exe
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : CMESys.exe

Warning! Claria Object found in memory(C:\Programmer\Fælles filer\CMEII\CMESys.exe)

"C:\Programmer\Fælles filer\CMEII\CMESys.exe"Process terminated successfully
"C:\Programmer\Fælles filer\CMEII\CMESys.exe"Process terminated successfully

#:16 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1520
ThreadCreationTime : 15-10-2005 13:21:50
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operativsystem
CompanyName : Microsoft Corporation
FileDescription : Kør en DLL som et program
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Alle rettigheder forbeholdes.
OriginalFilename : RUNDLL.EXE

#:17 [htpatch.exe]
FilePath : C:\WINDOWS\
ProcessID : 1528
ThreadCreationTime : 15-10-2005 13:21:50
BasePriority : Normal

EzuLa Object Recognized!
Type : Process
Data : CHCON.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

"C:\WINDOWS\htpatch.exe"Process terminated successfully

#:18 [bearshare.exe]
FilePath : C:\Programmer\BearShare\
ProcessID : 1544
ThreadCreationTime : 15-10-2005 13:21:50
BasePriority : Normal
FileVersion : 4.6.3.4
ProductVersion : 4.6.3
ProductName : BearShare
CompanyName : Free Peers, Inc.
FileDescription : BearShare
InternalName : BearShare 4.6.3.4
LegalCopyright : Copyright © 2003 Free Peers, Inc. All Rights Reserved Worldwide.
OriginalFilename : BearShare.exe

EzuLa Object Recognized!
Type : Process
Data : CHCON.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

"C:\Programmer\BearShare\BearShare.exe"Process terminated successfully

#:19 [save.exe]
FilePath : C:\Programmer\Save\
ProcessID : 1552
ThreadCreationTime : 15-10-2005 13:21:50
BasePriority : Normal
FileVersion : 2, 6, 4, 7
ProductVersion : 2, 6, 4, 7
ProductName : Save!
CompanyName : WhenU.com, Inc.
FileDescription : Save!
InternalName : WhenUSave
LegalCopyright : Copyright 2001
OriginalFilename : Save.exe

WhenU Object Recognized!
Type : Process
Data : Save.exe
TAC Rating : 3
Category : Misc
Comment : (CSI MATCH)
Object : C:\Programmer\Save\
FileVersion : 2, 6, 4, 7
ProductVersion : 2, 6, 4, 7
ProductName : Save!
CompanyName : WhenU.com, Inc.
FileDescription : Save!
InternalName : WhenUSave
LegalCopyright : Copyright 2001
OriginalFilename : Save.exe

Warning! WhenU Object found in memory(C:\Programmer\Save\Save.exe)

"C:\Programmer\Save\Save.exe"Process terminated successfully
"C:\Programmer\Save\Save.exe"Process terminated successfully

#:20 [avgemc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1568
ThreadCreationTime : 15-10-2005 13:21:50
BasePriority : Normal
FileVersion : 7,1,0,338
ProductVersion : 7.1.0.338
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgemc.exe

EzuLa Object Recognized!
Type : Process
Data : CHCON.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

#:21 [jusched.exe]
FilePath : C:\Programmer\Java\jre1.5.0_02\bin\
ProcessID : 1580
ThreadCreationTime : 15-10-2005 13:21:50
BasePriority : Normal

#:22 [lvcomsx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1588
ThreadCreationTime : 15-10-2005 13:21:51
BasePriority : Normal
FileVersion : 8.4.1.1092
ProductVersion : 8.4.1.1092
ProductName : Logitech QuickCam
CompanyName : Logitech Inc.
FileDescription : LVCom Server
InternalName : LVComS.exe
LegalCopyright : (c) 1996-2004 Logitech. All rights reserved.
OriginalFilename : LVComS.exe

#:23 [logitray.exe]
FilePath : C:\Programmer\Logitech\Video\
ProcessID : 1620
ThreadCreationTime : 15-10-2005 13:21:51
BasePriority : Normal
FileVersion : 8.4.1.1092
ProductVersion : 8.4.1.1092
ProductName : Logitech QuickCam
CompanyName : Logitech Inc.
FileDescription : ImageStudio Tray Application
InternalName : LogiTray.exe
LegalCopyright : (c) 1996-2004 Logitech. All rights reserved.
OriginalFilename : LogiTray.exe

EzuLa Object Recognized!
Type : Process
Data : CHCON.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

"C:\Programmer\Logitech\Video\LogiTray.exe"Process terminated successfully

#:24 [ituneshelper.exe]
FilePath : C:\Programmer\iTunes\
ProcessID : 1632
ThreadCreationTime : 15-10-2005 13:21:51
BasePriority : Normal
FileVersion : 4.9.0.17
ProductVersion : 4.9.0.17
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2005 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe

#:25 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1644
ThreadCreationTime : 15-10-2005 13:21:51
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:26 [mmod.exe]
FilePath : C:\PROGRA~1\ezula\
ProcessID : 1668
ThreadCreationTime : 15-10-2005 13:21:51
BasePriority : Normal
FileVersion : 2, 0, 70, 00
ProductVersion : 1, 0, 0, 1
ProductName : mmod Module
CompanyName : EARNSearchForitInt
FileDescription : mmod Module
InternalName : mmod
LegalCopyright : Copyright 2000
OriginalFilename : mmod.EXE

EzuLa Object Recognized!
Type : Process
Data : seng.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 2, 0, 70, 00
ProductVersion : 1, 0, 0, 1
ProductName : seng Module
CompanyName : EARNSearchForitInt
FileDescription : seng Module
InternalName : seng
LegalCopyright : Copyright 2000
OriginalFilename : seng.DLL

EzuLa Object Recognized!
Type : Process
Data : CHCON.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

"C:\PROGRA~1\ezula\mmod.exe"Process terminated successfully

#:27 [sfita.exe]
FilePath : C:\WINDOWS\
ProcessID : 1676
ThreadCreationTime : 15-10-2005 13:21:51
BasePriority : Normal

EzuLa Object Recognized!
Type : Process
Data : CHCON.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

"C:\WINDOWS\sfita.exe"Process terminated successfully

#:28 [steam.exe]
FilePath : C:\Valve\Steam\
ProcessID : 1684
ThreadCreationTime : 15-10-2005 13:21:51
BasePriority : Normal
FileVersion : 1.0.0.0
ProductVersion : 1.0.0.0
ProductName : Steam
CompanyName : Valve Corporation
FileDescription : Steam
LegalCopyright : © Copyright 2000-2003 Valve Corporation All rights reserved.
OriginalFilename : Steam.exe

#:29 [jucheck.exe]
FilePath : C:\Programmer\Java\jre1.5.0_02\bin\
ProcessID : 1692
ThreadCreationTime : 15-10-2005 13:21:51
BasePriority : Normal
FileVersion : 5.0.20.9
ProductVersion : 5.0.20.9
ProductName : Java(TM) 2 Platform Standard Edition 5.0 Update 2
CompanyName : Sun Microsystems, Inc.
FileDescription : Java(TM) Update Checker
InternalName : Java(TM) Update Checker
LegalCopyright : Copyright © 2004
OriginalFilename : jucheck.exe

#:30 [psfree.exe]
FilePath : C:\PROGRA~1\PANICW~1\POP-UP~1\
ProcessID : 1700
ThreadCreationTime : 15-10-2005 13:21:52
BasePriority : Normal
FileVersion : 3, 1, 0, 1010
ProductVersion : 1, 0, 0, 1
ProductName : Pop-Up Stopper Free Edition
CompanyName : Panicware, Inc.
FileDescription : Pop-Up Stopper Free Edition
InternalName : Pop-Up Stopper Free Edition
LegalCopyright : Copyright (C) 2002-2003
OriginalFilename : PSFree.exe

#:31 [hotkey.exe]
FilePath : C:\Programmer\HotKey\
ProcessID : 1720
ThreadCreationTime : 15-10-2005 13:21:52
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
CompanyName : Unitek
LegalCopyright : Unitek Copyright (C) 2001
OriginalFilename : Hotkeydrv.exe

#:32 [fxsvr2.exe]
FilePath : C:\Programmer\Logitech\Video\
ProcessID : 128
ThreadCreationTime : 15-10-2005 13:21:55
BasePriority : Normal
FileVersion : 8.4.1.1092
ProductVersion : 8.4.1.1092
ProductName : Logitech QuickCam
CompanyName : Logitech Inc.
FileDescription : QuickCam Framework Server
InternalName : FxSvr.EXE
LegalCopyright : (c) 1996-2004 Logitech. All rights reserved.
OriginalFilename : FxSvr.EXE

EzuLa Object Recognized!
Type : Process
Data : CHCON.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\PROGRA~1\ezula\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
LegalCopyright : Copyright 2000

"C:\Programmer\Logitech\Video\FxSvr2.exe"Process terminated successfully

#:33 [avgamsvr.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 424
ThreadCreationTime : 15-10-2005 13:22:08
BasePriority : Normal
FileVersion : 7,1,0,321
ProductVersion : 7.1.0.321
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE

#:34 [avgupsvc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 440
ThreadCreationTime : 15-10-2005 13:22:08
BasePriority : Normal
FileVersion : 7,1,0,321
ProductVersion : 7.1.0.321
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE

#:35 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1032
ThreadCreationTime : 15-10-2005 13:22:11
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:36 [ipodservice.exe]
FilePath : C:\Programmer\iPod\bin\
ProcessID : 2124
ThreadCreationTime : 15-10-2005 13:22:19
BasePriority : Normal
FileVersion : 4.9.0.17
ProductVersion : 4.9.0.17
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2005 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:37 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2280
ThreadCreationTime : 15-10-2005 13:22:20
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:38 [gmt.exe]
FilePath : C:\Programmer\Fælles filer\GMT\
ProcessID : 2612
ThreadCreationTime : 15-10-2005 13:22:20
BasePriority : Normal
FileVersion : 6.0.4.1
ProductVersion : 6.0.4.1
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : GAIN Application
InternalName : GMT.exe
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GMT.exe

Claria Object Recognized!
Type : Process
Data : EGNSEngine.dll
TAC Rating : 7
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\Programmer\Fælles filer\GMT\
FileVersion : 6.0.4.1
ProductVersion : 6.0.4.1
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : EGNSEngine Dynamic Link Library
InternalName : EGNSEngine dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : EGNSEngine dll

Warning! Claria Object found in memory(C:\Programmer\Fælles filer\GMT\EGNSEngine.dll)

Claria Object Recognized!
Type : Process
Data : EGIEProcess.DLL
TAC Rating : 7
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\Programmer\Fælles filer\GMT\
FileVersion : 6.0.4.1
ProductVersion : 6.0.4.1
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : EGIEProcess Dynamic Link Library
InternalName : EGIEProcess dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : EGIEProcess dll

Warning! Claria Object found in memory(C:\Programmer\Fælles filer\GMT\EGIEProcess.DLL)

Claria Object Recognized!
Type : Process
Data : EGGCEngine.dll
TAC Rating : 7
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\Programmer\Fælles filer\GMT\
FileVersion : 6.0.4.1
ProductVersion : 6.0.4.1
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : EGGCEngine Dynamic Link Library
InternalName : EGGCEngine dll
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : EGGCEngine dll

Warning! Claria Object found in memory(C:\Programmer\Fælles filer\GMT\EGGCEngine.dll)

Claria Object Recognized!
Type : Process
Data : GatorRes.dll
TAC Rating : 7
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\Programmer\Fælles filer\GMT\
FileVersion : 6.0.4.1
ProductVersion : 6.0.4.1
ProductName : GAIN
CompanyName : GAIN Publishing
FileDescription : GatorRes Dynamic Link Library
InternalName : GatorRes DLL
LegalCopyright : Copyright © 1999-2004 GAIN Publishing
OriginalFilename : GatorRes DLL

Warning! Claria Object found in memory(C:\Programmer\Fælles filer\GMT\GatorRes.dll)

#:39 [limewire.exe]
FilePath : C:\Programmer\LimeWire\
ProcessID : 1140
ThreadCreationTime : 15-10-2005 18:02:21
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : LimeWire
CompanyName : Lime Wire, LLC
FileDescription : LimeWire
InternalName : LimeWire
LegalCopyright : Copyright (C) 2004
OriginalFilename : LimeWire.exe
Comments : The most advanced file sharing program on the planet.

#:40 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
ProcessID : 1336
ThreadCreationTime : 15-10-2005 18:09:06
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 16

Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

AdShooter Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{c109664b-ceb1-420b-b353-d55a561536dd}

Claria Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : uets

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GEF

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : GMI

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : LastInstall

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : PAK

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : SSeq

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : SEvt

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : SiSeq

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}
Value : SiH

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07f0a543-47ba-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07f0a545-47ba-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{19dfb2cb-9b27-11d4-b192-0050dab79376}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2079884b-6ef3-11d4-8a74-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2babd334-5c3f-11d4-b184-0050dab79376}

EzuLa Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2babd334-5c3f-11d4-b184-0050dab79376}
Value : AppID

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{3d7247e8-5db8-11d4-8a72-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{58359010-bf36-11d3-99a2-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{c4fee4a7-4b8b-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{d290d6e7-bf9d-42f0-9c1b-3bc8ae769b57}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.ezulactrlhost

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.ezulactrlhost.1

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.plugprot

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.plugprot.1

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulamain.ezulasearchpipe

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulamain.ezulasearchpipe.1

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{07f0a536-47ba-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{58359011-bf36-11d3-99a2-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{8a044396-5da2-11d4-b185-0050dab79376}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{8a044397-5da2-11d4-b185-0050dab79376}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{c0335198-6755-11d4-8a73-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\ezulamain.exe

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2306abe4-4d42-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{b1dd8a69-1b96-11d4-b175-0050dab79376}

EzuLa Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{b1dd8a69-1b96-11d4-b175-0050dab79376}
Value : AppID

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{c03351a4-6755-11d4-8a73-0050da2ee1be}

EzuLa Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{c03351a4-6755-11d4-8a73-0050da2ee1be}
Value : AppID

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.ieobject

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulaagent.ieobject.1

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulabootexe.installctrl

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulabootexe.installctrl.1

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulacode

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulacode.1

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulahash

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulahash.1

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulasearch

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.ezulasearch.1

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.popupdisplay

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.popupdisplay.1

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.resulthelper

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.resulthelper.1

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.searchhelper

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulafsearcheng.searchhelper.1

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulamain.trayiconm

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ezulamain.trayiconm.1

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{8a0443a2-5da2-11d4-b185-0050dab79376}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{c03351a3-6755-11d4-8a73-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{083fa8f4-84f4-11d4-8a77-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{c0335197-6755-11d4-8a73-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{07f0a542-47ba-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{07f0a544-47ba-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{1823bc4b-a253-4767-9cfc-9aca62a6b136}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{19dfb2ca-9b27-11d4-b192-0050dab79376}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{27bc6871-4d5a-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{3d7247f1-5db8-11d4-8a72-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{4fd8645f-9b3e-46c1-9727-9837842a84ab}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{58359012-bf36-11d3-99a2-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{7edc96e1-5dd3-11d4-b185-0050dab79376}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{8ebb1743-9a2f-11d4-8a7e-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{c4fee4a6-4b8b-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{ef0372dc-f552-11d3-8528-0050dab79376}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{ef0372de-f552-11d3-8528-0050dab79376}

ReplaceSearch.BHO Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{832bebed-c3da-4534-a2c2-b2fff220c820}

ReplaceSearch.BHO Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{faaeb405-b7b0-4749-81de-df36b2d36531}

ReplaceSearch.BHO Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : replacesearch.replacesearchctl

ReplaceSearch.BHO Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : replacesearch.replacesearchctl.1

ReplaceSearch.BHO Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : replacesearch.replacesearchctl.1\clsid

ReplaceSearch.BHO Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : replacesearch.replacesearchctl\clsid

ReplaceSearch.BHO Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{b9c1dd92-b443-4bf1-b4c0-950e41a9f9f7}

WhenU Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wusn.1

AdShooter Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\dr_s

AdShooter Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\dr_s
Value : time

AdShooter Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\dr_s
Value : lastupdate

AdShooter Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\dr_s
Value : w_id

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\ezula

EzuLa Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\ezula
Value : STRUP

EzuLa Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\ezula
Value : MPV

EzuLa Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\ezula
Value : TPV

EzuLa Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\ezula
Value : PPV

EzuLa Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\ezula
Value : PP

EzuLa Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\ezula
Value : NP

EzuLa Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\ezula
Value : ZP

EzuLa Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\ezula
Value : WP

EzuLa Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\ezula
Value : PBV

EzuLa Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\ezula
Value : EP

EzuLa Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\ezula
Value : HP

EzuLa Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\ezula
Value : BP

EzuLa Object Recognized!
Type : RegValue
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\ezula
Value : PBC

Softomate Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 9
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\searchforit

WhenU Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-790525478-1482476501-839522115-1003\software\whenu

BlazeFind Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{15ad4789-cdb4-47e1-a9da-992ee8e6bad6}

Claria Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Data Miner
Comment : PrecisionTime Uninstall
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\precisiontime

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment : PrecisionTime Uninstall
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\precisiontime
Value : UninstallString

Claria Object Recognized!
Type : RegValue
Data :
TAC Rating : 7
Category : Data Miner
Comment : PrecisionTime Uninstall
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\precisiontime
Value : DisplayIcon

Claria Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\gator.com

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\ezulabootexe.exe

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\ezulamain.exe

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\{8a044397-5da2-11d4-b185-0050dab79376}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\appid\{c0335198-6755-11d4-8a73-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{07f0a543-47ba-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{07f0a545-47ba-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{19dfb2cb-9b27-11d4-b192-0050dab79376}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{2079884b-6ef3-11d4-8a74-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{2306abe4-4d42-11d4-8a6d-0050da2ee1be}

EzuLa Object Recognized!
Type : Regkey
Data :

Synes godt om

fromsej Praktikant

15. oktober 2005 - 20:21 #2

Prøv lige at følge denne artikel:
http://exp.dk/artikler/755

Synes godt om

johnstigers Seniormester

15. oktober 2005 - 20:22 #3

Bare fix det hele. Der er en del spyware, men ingen virus.

Synes godt om

devilinheaven Nybegynder

15. oktober 2005 - 20:56 #4

ok tak for hjælpen.... du laver bare et svar John stigers og så får du point

Synes godt om

johnstigers Seniormester

15. oktober 2005 - 21:00 #5

Nej helst ikke - gør lige som fromsej siger. Så vi er sikker på at maskinen bliver ren :)

Synes godt om

johnstigers Seniormester

18. oktober 2005 - 21:44 #6

Smider du den log herind?

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus	22	26/11/202510:42	23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus	8	31/08/202519:08	01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus	10	03/02/202514:20	04/02/202511:05
mulig ukendt virus Af jackie18 i Virus	3	18/01/202514:07	18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus	13	18/01/202511:40	20/01/202517:53

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS