Spyware Problem - ComputerProblems.org Free Computer Support & Technology Discussion

gahue · #1 (**permalink**) 06-23-2004, 09:19 AM

Help! Whenever I´m on the internet I keep getting these pop up ads saying that I have spyware and should click on their link to get rid of the spyware. All the ads that I´ve been receiving come from http://c1dcon.ewizard.cc

I ran “Ad-aware 6.0, latest update 01R324 22.06.2004, and it told me that I have 12 objects infected. I ran Ad-aware several times but don´t be able to get rid of these entries in the registry. In the registry reference is always made to: c:\windows\temp\sp.html. Even deleting this file from the c:\windows\temp it always appears again. Furthermore my start-up address of the IE had been changed to “about:blank”. I ran Ad-aware several times but without any success.

I need help finding this spyware and I would really appreciate if someone could help me. Many thanks in advance. I´m sending the log file from today.

My platform:
Windows Me
IE Vers. 5.50.4134.0600IC

Lavasoft Ad-aware Personal Build 6.181
Logdatei erzeugt am :Mittwoch, 23. Juni 2004 09:13:29
Created with Ad-aware Personal, free for private use.
Benutze Referenzdatei :01R324 22.06.2004
__________________________________________________ ____

Reffile status:
=========================
Referenzdatei geladen:
Reference Number : 01R324 22.06.2004
Internal build : 256
File location : D:\PROGRAMME\LAVASOFT AD-AWARE\AD-AWARE 6\reflist.ref
Total size : 1265402 Bytes
Signature data size : 1244925 Bytes
Reference data size : 20413 Bytes
Signatures total : 27677
Target categories : 10
Target families : 506

Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:36 %
Total physical memory:261560 kb
Available physical memory:4780 kb
Total page file size:1835588 kb
Available on page file:1710688 kb
Total virtual memory:2093056 kb
Available virtual memory:2049536 kb
OS:Windows (ME)

Ad-aware Settings
=========================
Aktiviert : Intensive Dateiprüfung aktivieren
Aktiviert : Sicherheitsmodus (immer nachfragen)
Aktiviert : Prüfe laufende Prozesse
Aktiviert : Prüfe Registrierung
Aktiviert : Erweiterte Registrierungsprüfung
Aktiviert : IE Favoriten überprüfen
Aktiviert : Scan my Hosts file

23.06.2004 09:13:29 - Scan started. (Custom mode)

Liste der geladenen Prozesse
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

#:1 [kernel32.dll]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4291787265
Threads : 5
Priority : High
FileSize : 540 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1991-2000
CompanyName : Microsoft Corporation
FileDescription : Kernkomponente des Win32-Kernel
InternalName : KERNEL32
OriginalFilename : KERNEL32.DLL
ProductName : Betriebssystem Microsoft(R) Windows(R) Millennium
Created on : 01.01.1601
Last accessed : 22.06.2004 22:00:00
Last modified : 08.06.2000 15:00:00

#:2 [msgsrv32.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294947437
Threads : 1
Priority : Normal
FileSize : 11 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1992-1998
CompanyName : Microsoft Corporation
FileDescription : Windows 32-Bit-VxD-Meldungsserver
InternalName : MSGSRV32
OriginalFilename : MSGSRV32.EXE
ProductName : Betriebssystem Microsoft(R) Windows(R) Millennium
Created on : 01.01.1601
Last accessed : 22.06.2004 22:00:00
Last modified : 08.06.2000 15:00:00

#:3 [mmtask.tsk]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294955693
Threads : 1
Priority : Normal
FileSize : 1 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
OriginalFilename : mmtask.tsk
ProductName : Microsoft Windows
Created on : 01.01.1601
Last accessed : 22.06.2004 22:00:00
Last modified : 08.06.2000 15:00:00

#:4 [mprexe.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294956177
Threads : 2
Priority : Normal
FileSize : 28 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1993-2000
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
OriginalFilename : MPREXE.EXE
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 01.01.1601
Last accessed : 22.06.2004 22:00:00
Last modified : 08.06.2000 15:00:00

#:5 [mstask.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294845785
Threads : 2
Priority : Normal
FileSize : 128 KB
FileVersion : 4.71.2721.1
ProductVersion : 4.71.2721.1
Copyright : Copyright (C) Microsoft Corp. 1997
CompanyName : Microsoft Corporation
FileDescription : Taskplaner-Engine
InternalName : TaskScheduler
OriginalFilename : mstask.exe
ProductName : Taskplaner f
Created on : 01.01.1601
Last accessed : 22.06.2004 22:00:00
Last modified : 08.06.2000 15:00:00

#:6 [ssdpsrv.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294840817
Threads : 4
Priority : Normal
FileSize : 55 KB
FileVersion : 4.90.3002.0
ProductVersion : 4.90.3002.0
Copyright : Copyright (C) Microsoft Corp. 1981-2000
CompanyName : Microsoft Corporation
FileDescription : SSDP Service on Windows Millennium
InternalName : ssdpsrv.exe
OriginalFilename : ssdpsrv.exe
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 09.06.2003 15:17:05
Last accessed : 22.06.2004 22:00:00
Last modified : 28.09.2001 15:53:22

#:7 [stimon.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294884717
Threads : 5
Priority : Normal
FileSize : 28 KB
FileVersion : 4.90.3000.1
ProductVersion : 4.90.3000.1
Copyright : Copyright (C) Microsoft Corp. 1981-2000
CompanyName : Microsoft Corporation
FileDescription : Standbildger
InternalName : STIMON
OriginalFilename : STIMON.EXE
ProductName : Betriebssystem Microsoft(R) Windows(R) Millennium
Created on : 01.01.1601
Last accessed : 22.06.2004 22:00:00
Last modified : 08.06.2000 15:00:00

#:8 [mdm.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294878229
Threads : 2
Priority : Normal
FileSize : 121 KB
FileVersion : 6.00.8424
ProductVersion : 6.00.8424
Copyright : Copyright (C) Microsoft Corp. 1997-1998
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
OriginalFilename : mdm.exe
ProductName : Microsoft (R) Visual Studio
Created on : 15.11.1999 18:46:12
Last accessed : 22.06.2004 22:00:00
Last modified : 15.11.1999 18:46:12

#:9 [vsmon.exe]
FilePath : C:\WINDOWS\SYSTEM\ZONELABS\
ProcessID : 4294875089
Threads : 17
Priority : Normal
FileSize : 805 KB
FileVersion : 4.5.594.000
ProductVersion : 4.5.594.000
Copyright : Copyright
CompanyName : Zone Labs Inc.
FileDescription : TrueVector Service
InternalName : vsmon
OriginalFilename : vsmon.exe
ProductName : TrueVector Service
Created on : 05.06.2004 07:51:35
Last accessed : 22.06.2004 22:00:00
Last modified : 01.04.2004 09:13:36

#:10 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294878621
Threads : 22
Priority : Normal
FileSize : 220 KB
FileVersion : 5.50.4134.100
ProductVersion : 5.50.4134.100
Copyright : Copyright (C) Microsoft Corp. 1981-2000
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Betriebssystem Microsoft(R) Windows (R) 2000
Created on : 08.06.2000 15:00:00
Last accessed : 22.06.2004 22:00:00
Last modified : 08.06.2000 15:00:00

#:11 [stmgr.exe]
FilePath : C:\WINDOWS\SYSTEM\RESTORE\
ProcessID : 4294721913
Threads : 4
Priority : Normal
FileSize : 60 KB
FileVersion : 4.90.0.2533
ProductVersion : 4.90.0.2533
Copyright : Copyright (C) Microsoft Corp. 1981-2000
CompanyName : Microsoft Corporation
FileDescription : Microsoft (R) PC State Manager
InternalName : StateMgr.exe
OriginalFilename : StateMgr.exe
ProductName : Microsoft (r) PCHealth
Created on : 01.01.1601
Last accessed : 22.06.2004 22:00:00
Last modified : 08.06.2000 15:00:00

#:12 [taskmon.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294757777
Threads : 1
Priority : Normal
FileSize : 28 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1998
CompanyName : Microsoft Corporation
FileDescription : Task Monitor
InternalName : TaskMon
OriginalFilename : TASKMON.EXE
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 01.01.1601
Last accessed : 22.06.2004 22:00:00
Last modified : 08.06.2000 15:00:00

#:13 [systray.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294654541
Threads : 2
Priority : Normal
FileSize : 36 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1993-2000
CompanyName : Microsoft Corporation
FileDescription : System Tray-Applet
InternalName : SYSTRAY
OriginalFilename : SYSTRAY.EXE
ProductName : Betriebssystem Microsoft(R) Windows(R) Millennium
Created on : 01.01.1601
Last accessed : 22.06.2004 22:00:00
Last modified : 08.06.2000 15:00:00

#:14 [avgctrl.exe]
FilePath : D:\PROGRAMME\AVPERSONAL\
ProcessID : 4294662157
Threads : 2
Priority : Normal
FileSize : 80 KB
FileVersion : 6.24.01.01
ProductVersion : 6.24.01.01
Copyright : Copyright
CompanyName : H+BEDV Datentechnik GmbH
FileDescription : AntiVir Guard/9x Control Program
InternalName : AVGCtrl
OriginalFilename : AVGCTRL.EXE
ProductName : AntiVir Guard Control Program
Created on : 26.04.2004 06:53:58
Last accessed : 22.06.2004 22:00:00
Last modified : 26.04.2004 06:53:58

#:15 [incd.exe]
FilePath : D:\PROGRAMME\AHEAD\INCD\
ProcessID : 4294656533
Threads : 4
Priority : Normal
FileSize : 1228 KB
FileVersion : 4, 1, 5, 10
ProductVersion : 4, 1, 5, 10
Copyright : Copyright 1995-2004 Ahead Software AG and its licensors. All Rights Reserved.
CompanyName : Ahead Software AG
FileDescription : InCD
InternalName : InCD
OriginalFilename : InCD.exe
ProductName : Ahead Software AG InCD
Created on : 02.06.2004 09:46:47
Last accessed : 22.06.2004 22:00:00
Last modified : 27.02.2004 14:09:12

#:16 [em_exec.exe]
FilePath : C:\LOGITECH\MOUSE\SYSTEM\
ProcessID : 4294684361
Threads : 2
Priority : Normal
FileSize : 35 KB
FileVersion : 8.20.572
ProductVersion : 8.20
Copyright : Copyright
CompanyName : Logitech Inc.
FileDescription : Control Center
InternalName : EM_EXEC
OriginalFilename : EM_EXEC.CPP
ProductName : MouseWare
Created on : 17.04.2004 05:45:59
Last accessed : 22.06.2004 22:00:00
Last modified : 24.09.1998 06:20:00

#:17 [itouch.exe]
FilePath : C:\LOGITECH\ITOUCH\
ProcessID : 4294674249
Threads : 2
Priority : Normal
FileSize : 196 KB
FileVersion : 1.82.566
ProductVersion : 1.82
Copyright : Copyright
CompanyName : Logitech Inc.
FileDescription : iTouch Application
InternalName : iTouch
OriginalFilename : iTouch.exe
ProductName : iTouch
Created on : 17.04.2004 06:32:30
Last accessed : 22.06.2004 22:00:00
Last modified : 11.10.2001 23:59:00

#:18 [backweb-8876480.exe]
FilePath : C:\LOGITECH\DESKTOP MESSENGER\8876480\PROGRAM\
ProcessID : 4294700545
Threads : 4
Priority : Normal
FileSize : 16 KB
Created on : 17.04.2004 06:34:05
Last accessed : 22.06.2004 22:00:00
Last modified : 17.04.2004 06:34:04

#:19 [tomcat.exe]
FilePath : C:\T-ONLINE\BSW4\ISDN SPEEDMANAGER\
ProcessID : 4294650977
Threads : 2
Priority : Normal
FileSize : 360 KB
FileVersion : 1, 4, 21131, 1
ProductVersion : 1, 3, 0, 0
CompanyName : T-Nova Deutsche Telekom Innovationsgesellschaft mbH
FileDescription : ISDN SpeedManager
InternalName : TOMCAT
OriginalFilename : TOMCAT.EXE
ProductName : ISDN SpeedManager
Created on : 11.01.2004 17:57:48
Last accessed : 22.06.2004 22:00:00
Last modified : 11.05.2001 13:19:26

#:20 [zlclient.exe]
FilePath : D:\PROGRAMME\ZONE LABS\ZONEALARM\
ProcessID : 4294689893
Threads : 6
Priority : Normal
FileSize : 677 KB
FileVersion : 4.5.594.000
ProductVersion : 4.5.594.000
Copyright : Copyright
CompanyName : Zone Labs Inc.
FileDescription : Zone Labs Client
InternalName : zlclient
OriginalFilename : zlclient.exe
ProductName : Zone Labs Client
Created on : 05.06.2004 07:51:37
Last accessed : 22.06.2004 22:00:00
Last modified : 01.04.2004 09:13:44

#:21 [rundll.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294578209
Threads : 1
Priority : Normal
FileSize : 5 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1991-1998
CompanyName : Microsoft Corporation
FileDescription : Eine DLL-Datei als Anwendung ausf
InternalName : rundll
OriginalFilename : RUNDLL.EXE
ProductName : Betriebssystem Microsoft(R) Windows(R) Millennium
Created on : 01.01.1601
Last accessed : 22.06.2004 22:00:00
Last modified : 08.06.2000 15:00:00

#:22 [hotsync.exe]
FilePath : C:\PALM\
ProcessID : 4294610089
Threads : 2
Priority : Normal
FileSize : 292 KB
FileVersion : 4.0
ProductVersion : 4.0
Copyright : Copyright
CompanyName : Palm, Inc.
FileDescription : HotSync
InternalName : HotSync
OriginalFilename : Hotsync.exe
ProductName : HotSync
Created on : 14.04.2004 06:44:28
Last accessed : 22.06.2004 22:00:00
Last modified : 06.04.2001 14:01:00

#:23 [counter2001.exe]
FilePath : C:\PROGRAMME\ONLINE-COUNTER 2001\
ProcessID : 4294511917
Threads : 1
Priority : Normal
FileSize : 490 KB
FileVersion : 3.2.2.5
ProductVersion : 3.22
Copyright : (c)2001-2002 by Philipp Weispfenning
CompanyName : Philipp Weispfenning
FileDescription : Erfassung der Internet-Geb
InternalName : Counter
OriginalFilename : Counter2001.exe
ProductName : Online-Counter 2001
Created on : 04.06.2002 14:32:05
Last accessed : 22.06.2004 22:00:00
Last modified : 04.06.2002 14:32:06

#:24 [wmiexe.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294764649
Threads : 3
Priority : Normal
FileSize : 16 KB
FileVersion : 4.90.2452.1
ProductVersion : 4.90.2452.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : WMI service exe housing
InternalName : wmiexe
OriginalFilename : wmiexe.exe
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 01.01.1601
Last accessed : 22.06.2004 22:00:00
Last modified : 08.06.2000 15:00:00

#:25 [iwatch.exe]
FilePath : D:\PROGRAMME\FRITZ!\
ProcessID : 4294534001
Threads : 2
Priority : Normal
FileSize : 224 KB
FileVersion : 2.00.09
ProductVersion : 2.00.09
Copyright : Copyright
CompanyName : AVM Berlin
FileDescription : ISDNWatch Monitor
InternalName : ISDNWatch
OriginalFilename : IWatch.exe
ProductName : ISDNWatch
Created on : 11.01.2004 16:50:47
Last accessed : 22.06.2004 22:00:00
Last modified : 14.07.2003 01:04:02

#:26 [tapisrv.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294490177
Threads : 5
Priority : Normal
FileSize : 120 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1994-1998
CompanyName : Microsoft Corporation
FileDescription : Microsoft
InternalName : Telefoniedienst
OriginalFilename : TAPISRV.EXE
ProductName : Betriebssystem Microsoft(R) Windows(R) Millennium
Created on : 01.01.1601
Last accessed : 22.06.2004 22:00:00
Last modified : 08.06.2000 15:00:00

#:27 [ad-aware.exe]
FilePath : D:\PROGRAMME\LAVASOFT AD-AWARE\AD-AWARE 6\
ProcessID : 4294197753
Threads : 3
Priority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 22.10.2003 11:43:34
Last accessed : 22.06.2004 22:00:00
Last modified : 12.07.2003 20:00:20

#:28 [mozilla.exe]
FilePath : D:\PROGRAMME\MOZILLA.ORG\MOZILLA\
ProcessID : 4294438245
Threads : 4
Priority : Normal
FileSize : 98 KB
FileVersion : 1.7: 2004061609
ProductVersion : 1.7: 2004061609
Copyright : License: MPL 1.1/GPL 2.0/LGPL 2.1
CompanyName : Mozilla Foundation
FileDescription : Mozilla
InternalName : apprunner
OriginalFilename : mozilla.exe
ProductName : Mozilla
Created on : 22.06.2004 06:53:17
Last accessed : 22.06.2004 22:00:00
Last modified : 16.06.2004 09:18:00

Ergebnis der Speicherprüfung:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Neue Objekte: 0
Objekte insgesamt bis jetzt identifiziert 0

Starte Prüfung der Registrierung
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Ergebnis der Registrierungsprüfung:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Neue Objekte: 0
Objekte insgesamt bis jetzt identifiziert 0

Starte erweiterte Registrierungsprüfung
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Möglicher Browser-Hijack Versuch : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank

Possible Browser Hijack attempt Objekt identifiziert!
Typ : Reg.Daten
Daten : "about:blank"
Kategorie : Data Miner
Kommentar : Möglicher Browser-Hijack Versuch
Rootkey : HKEY_CURRENT_USER
Objekt : Software\Microsoft\Internet Explorer\Main
Wert : Start Page
Daten : "about:blank"

Möglicher Browser-Hijack Versuch : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank

Possible Browser Hijack attempt Objekt identifiziert!
Typ : Reg.Daten
Daten : "about:blank"
Kategorie : Data Miner
Kommentar : Möglicher Browser-Hijack Versuch
Rootkey : HKEY_LOCAL_MACHINE
Objekt : Software\Microsoft\Internet Explorer\Main
Wert : Start Page
Daten : "about:blank"

Möglicher Browser-Hijack Versuch : .Default\Software\Microsoft\Internet Explorer\MainStart Pageabout:blank

Possible Browser Hijack attempt Objekt identifiziert!
Typ : Reg.Daten
Daten : "about:blank"
Kategorie : Data Miner
Kommentar : Möglicher Browser-Hijack Versuch
Rootkey : HKEY_USERS
Objekt : .Default\Software\Microsoft\Internet Explorer\Main
Wert : Start Page
Daten : "about:blank"

Möglicher Browser-Hijack Versuch : Software\Microsoft\Internet Explorer\MainSearch Pagetemp\sp.html

Possible Browser Hijack attempt Objekt identifiziert!
Typ : Reg.Daten
Daten : "file://C:\WINDOWS\TEMP\sp.html"
Kategorie : Data Miner
Kommentar : Möglicher Browser-Hijack Versuch
Rootkey : HKEY_CURRENT_USER
Objekt : Software\Microsoft\Internet Explorer\Main
Wert : Search Page
Daten : "file://C:\WINDOWS\TEMP\sp.html"

Möglicher Browser-Hijack Versuch : Software\Microsoft\Internet Explorer\MainSearch Bartemp\sp.html

Possible Browser Hijack attempt Objekt identifiziert!
Typ : Reg.Daten
Daten : "file://C:\WINDOWS\TEMP\sp.html"
Kategorie : Data Miner
Kommentar : Möglicher Browser-Hijack Versuch
Rootkey : HKEY_CURRENT_USER
Objekt : Software\Microsoft\Internet Explorer\Main
Wert : Search Bar
Daten : "file://C:\WINDOWS\TEMP\sp.html"

Möglicher Browser-Hijack Versuch : Software\Microsoft\Internet Explorer\SearchSearchAssistanttemp\sp.html

Possible Browser Hijack attempt Objekt identifiziert!
Typ : Reg.Daten
Daten : "file://C:\WINDOWS\TEMP\sp.html"
Kategorie : Data Miner
Kommentar : Möglicher Browser-Hijack Versuch
Rootkey : HKEY_CURRENT_USER
Objekt : Software\Microsoft\Internet Explorer\Search
Wert : SearchAssistant
Daten : "file://C:\WINDOWS\TEMP\sp.html"

Möglicher Browser-Hijack Versuch : Software\Microsoft\Internet Explorer\MainSearch Pagetemp\sp.html

Possible Browser Hijack attempt Objekt identifiziert!
Typ : Reg.Daten
Daten : "file://C:\WINDOWS\TEMP\sp.html"
Kategorie : Data Miner
Kommentar : Möglicher Browser-Hijack Versuch
Rootkey : HKEY_LOCAL_MACHINE
Objekt : Software\Microsoft\Internet Explorer\Main
Wert : Search Page
Daten : "file://C:\WINDOWS\TEMP\sp.html"

Möglicher Browser-Hijack Versuch : Software\Microsoft\Internet Explorer\MainSearch Bartemp\sp.html

Possible Browser Hijack attempt Objekt identifiziert!
Typ : Reg.Daten
Daten : "file://C:\WINDOWS\TEMP\sp.html"
Kategorie : Data Miner
Kommentar : Möglicher Browser-Hijack Versuch
Rootkey : HKEY_LOCAL_MACHINE
Objekt : Software\Microsoft\Internet Explorer\Main
Wert : Search Bar
Daten : "file://C:\WINDOWS\TEMP\sp.html"

Möglicher Browser-Hijack Versuch : Software\Microsoft\Internet Explorer\SearchSearchAssistanttemp\sp.html

Possible Browser Hijack attempt Objekt identifiziert!
Typ : Reg.Daten
Daten : "file://C:\WINDOWS\TEMP\sp.html"
Kategorie : Data Miner
Kommentar : Möglicher Browser-Hijack Versuch
Rootkey : HKEY_LOCAL_MACHINE
Objekt : Software\Microsoft\Internet Explorer\Search
Wert : SearchAssistant
Daten : "file://C:\WINDOWS\TEMP\sp.html"

Möglicher Browser-Hijack Versuch : .Default\Software\Microsoft\Internet Explorer\MainSearch Pagetemp\sp.html

Possible Browser Hijack attempt Objekt identifiziert!
Typ : Reg.Daten
Daten : "file://C:\WINDOWS\TEMP\sp.html"
Kategorie : Data Miner
Kommentar : Möglicher Browser-Hijack Versuch
Rootkey : HKEY_USERS
Objekt : .Default\Software\Microsoft\Internet Explorer\Main
Wert : Search Page
Daten : "file://C:\WINDOWS\TEMP\sp.html"

Möglicher Browser-Hijack Versuch : .Default\Software\Microsoft\Internet Explorer\MainSearch Bartemp\sp.html

Possible Browser Hijack attempt Objekt identifiziert!
Typ : Reg.Daten
Daten : "file://C:\WINDOWS\TEMP\sp.html"
Kategorie : Data Miner
Kommentar : Möglicher Browser-Hijack Versuch
Rootkey : HKEY_USERS
Objekt : .Default\Software\Microsoft\Internet Explorer\Main
Wert : Search Bar
Daten : "file://C:\WINDOWS\TEMP\sp.html"

Möglicher Browser-Hijack Versuch : .Default\Software\Microsoft\Internet Explorer\SearchSearchAssistanttemp\sp.html

Possible Browser Hijack attempt Objekt identifiziert!
Typ : Reg.Daten
Daten : "file://C:\WINDOWS\TEMP\sp.html"
Kategorie : Data Miner
Kommentar : Möglicher Browser-Hijack Versuch
Rootkey : HKEY_USERS
Objekt : .Default\Software\Microsoft\Internet Explorer\Search
Wert : SearchAssistant
Daten : "file://C:\WINDOWS\TEMP\sp.html"

Ergebnis der erweiterten Registrierungsprüfung:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Neue Objekte: 12
Objekte insgesamt bis jetzt identifiziert 12

Ergebnis der Dateiprüfung für C:\_RESTORE\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Neue Objekte: 0
Objekte insgesamt bis jetzt identifiziert 12

Ergebnis der Dateiprüfung für C:\Recycled\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Neue Objekte: 0
Objekte insgesamt bis jetzt identifiziert 12

Ergebnis der Dateiprüfung für C:\WINDOWS\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Neue Objekte: 0
Objekte insgesamt bis jetzt identifiziert 12

Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Neue Objekte: 0
Objekte insgesamt bis jetzt identifiziert 12

09:26:26 Systemprüfung beendet.

Zussamenfassung der Überprüfung
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Gesamte Zeit für Systemüberprüfung :00:12:55:760
Objekte überprüft:61271
Objekte identifiziert:12
Objekte ignoriert:0
Neue Objekte:12

computergeek · #2 (**permalink**) 06-23-2004, 10:06 AM

Looks like a quick run of the cwshreeder program should fix your issue. Someone recently has the same issue. You can download the program and instructions in this thread: CoolWebShredder 1.40

gahue · #3 (**permalink**) 06-24-2004, 03:05 AM

Many thanks to all. The CWShredder program did the job! I really appreciate your help. Thank you once more.

SICS · #4 (**permalink**) 06-24-2004, 08:56 AM

glad to see you are back up and running

dwingit · #5 (**permalink**) 07-09-2004, 01:14 PM

I too had this same problem and was sure pleased when I read this entry. I immediately ran the shredder and VIOLA!!! Thanks guys for helping with this nuissance. I now have you on favorites.

computergeek · #6 (**permalink**) 07-10-2004, 12:02 PM

Glad to hear it fixed your problem too dwingit

Ninja87 · #7 (**permalink**) 08-01-2004, 10:22 PM

OMG THAT WAS AWESOME, ive been putting up with those d@nm popups and that about:blank crap for forever. from running one program after the next, nothing was working. jeez, cwshredder took care of that like it was nothing. thanks a ton u guys. u know your stuff

SICS · #8 (**permalink**) 08-01-2004, 10:31 PM

Hi Ninja, glad to see your problem was fixed!

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Welcome to the ComputerProblems.org Free Computer Support & Technology Discussion.
Welcome to ComputerProblems.Org, your source for PC technical help and information! You are currently viewing our boards as a guest which gives you limited access to view most discussions. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, access our arcade and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact contact support.