Jump to content


Photo

Url.cpvfeed.com


  • Please log in to reply
No replies to this topic

#1 Ant709

Ant709

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 23 June 2007 - 06:57 AM

this is my hijack this page
Logfile of HijackThis v1.99.1
Scan saved at 1:56:43 AM, on 6/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\psyjkmdd.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\AOL\1151761591\ee\aolsoftware.exe
C:\WINDOWS\retadpu1000106.exe
C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Intuit\QuickBooks Pro\Components\QBAgent\QBDAgent.exe
C:\WINDOWS\system32\mrtMngr.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com...de_srchlft.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\en-us\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1151761591\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\retadpu1000106.exe 61A847B5BBF72813329B385772FF01F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe"
O4 - HKLM\..\Run: [GPLv3] rundll32.exe "C:\WINDOWS\system32\ubktvglk.dll",realset
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [WinPop] C:\Program Files\WinPop\winpop.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: QuickBooks Delivery Agent.lnk = C:\Program Files\Intuit\QuickBooks Pro\Components\QBAgent\QBDAgent.exe
O4 - Global Startup: Service Manager.norun
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebse...?p=ZUxdm265YYUS
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.co...tup1.0.0.15.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: DomainService - - C:\WINDOWS\system32\psyjkmdd.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

AND THIS IS MY ADAWARE SCAN WHAT SHOULD I HIJACK PLEASE HELP
Ad-Aware SE Build 1.05
Logfile Created on:Saturday, June 23, 2007 1:15:37 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R8 13.09.2004
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
iWon(TAC index:5):120 total references
MRU List(TAC index:0):27 total references
Tracking Cookie(TAC index:3):12 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


6-23-2007 1:15:37 AM - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\office\11.0\common\open find\microsoft office word\settings\open\file name mru
Description : list of recent documents opened by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\office\11.0\common\open find\microsoft office powerpoint\settings\save as\file name mru
Description : list of recent documents saved by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\office\11.0\powerpoint\recent file list
Description : list of recent files used by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\office\11.0\common\open find\microsoft office word\settings\new from existing document\file name mru
Description : list of "new from existing document" files used by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\office\11.0\common\open find\microsoft office word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\office\11.0\powerpoint\recent templates
Description : list of recent templates used by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\office\11.0\word\recent templates
Description : list of recent templates used by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\office\11.0\powerpoint\recenttemplatelist
Description : list of recent templates used by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio
Description : information on the last station listened to using musicmatch radio


MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv
Description : file conversion location settings in musicmatch jukebox


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : C:\Documents and Settings\almira kasemi\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\almira kasemi\recent
Description : list of recently opened documents


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 912
ThreadCreationTime : 6-23-2007 5:00:59 AM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 964
ThreadCreationTime : 6-23-2007 5:01:03 AM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 988
ThreadCreationTime : 6-23-2007 5:01:03 AM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1032
ThreadCreationTime : 6-23-2007 5:01:03 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1044
ThreadCreationTime : 6-23-2007 5:01:03 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1224
ThreadCreationTime : 6-23-2007 5:01:04 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1288
ThreadCreationTime : 6-23-2007 5:01:04 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1328
ThreadCreationTime : 6-23-2007 5:01:04 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [evteng.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1376
ThreadCreationTime : 6-23-2007 5:01:04 AM
BasePriority : Normal
FileVersion : 9, 0, 1, 12
ProductVersion : 9, 0, 0, 0
ProductName : EvtEng Module
CompanyName : Intel Corporation
FileDescription : EvtEng Module
InternalName : EvtEng
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : EvtEng.EXE

#:10 [s24evmon.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1492
ThreadCreationTime : 6-23-2007 5:01:06 AM
BasePriority : Normal
FileVersion : 9, 0, 1, 41
ProductVersion : 9, 0, 0, 0
ProductName : Mobile Unit Support Service
CompanyName : Intel Corporation
FileDescription : Event Monitor - Supports driver extensions to NIC Driver for wireless adapters.
InternalName : S24EvMon
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : S24EvMon.exe

#:11 [wlkeeper.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1536
ThreadCreationTime : 6-23-2007 5:01:09 AM
BasePriority : Normal
FileVersion : 9, 0, 1, 14
ProductVersion : 1, 0, 0, 1
ProductName : SSOFSet Service
CompanyName : Intel® Corporation
FileDescription : WLKEEPER
InternalName : WLKEEPER
LegalCopyright : Copyright © 2004
OriginalFilename : WLKEEPER.exe

#:12 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1636
ThreadCreationTime : 6-23-2007 5:01:10 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:13 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1776
ThreadCreationTime : 6-23-2007 5:01:13 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:14 [ccproxy.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 148
ThreadCreationTime : 6-23-2007 5:01:15 AM
BasePriority : Normal
FileVersion : 103.5.0.90
ProductVersion : 103.5.0.90
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Network Proxy Service
InternalName : ccProxy
LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved.
OriginalFilename : ccProxy.exe

#:15 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 188
ThreadCreationTime : 6-23-2007 5:01:16 AM
BasePriority : Normal
FileVersion : 103.5.0.90
ProductVersion : 103.5.0.90
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:16 [issvc.exe]
FilePath : C:\Program Files\Norton Internet Security\
ProcessID : 220
ThreadCreationTime : 6-23-2007 5:01:16 AM
BasePriority : Normal
FileVersion : 8.2.0.34
ProductVersion : 8.2
ProductName : Norton Internet Security
CompanyName : Symantec Corporation
FileDescription : IS Service
InternalName : ISSVC.exe
LegalCopyright : Copyright © 2005 Symantec Corporation. All rights reserved.
OriginalFilename : ISSVC.exe

#:17 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 264
ThreadCreationTime : 6-23-2007 5:01:18 AM
BasePriority : Normal
FileVersion : 5.5.0.60
ProductVersion : 5.5
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:18 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 460
ThreadCreationTime : 6-23-2007 5:01:20 AM
BasePriority : Normal
FileVersion : 103.5.0.90
ProductVersion : 103.5.0.90
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:19 [zcfgsvc.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1932
ThreadCreationTime : 6-23-2007 5:01:34 AM
BasePriority : Normal
FileVersion : 9, 0, 1, 45
ProductVersion : 1, 0, 0, 2
ProductName : ZeroCfgSvc Application
CompanyName : Intel Corporation
FileDescription : ZeroCfgSvc MFC Application
InternalName : ZeroCfgSvc
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : ZeroCfgSvc.EXE

#:20 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 324
ThreadCreationTime : 6-23-2007 5:01:38 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:21 [1xconfig.exe]
FilePath : C:\PROGRA~1\Intel\Wireless\Bin\
ProcessID : 560
ThreadCreationTime : 6-23-2007 5:01:43 AM
BasePriority : Normal
FileVersion : 9, 0, 1, 33
ProductVersion : 9, 0, 0, 0
ProductName : 8021XConfig Module
CompanyName : Intel
FileDescription : 8021XConfig Module
InternalName : 8021XConfig
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : 1XConfig.EXE
Comments : Wrapper for MH. (Service COM)

#:22 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 780
ThreadCreationTime : 6-23-2007 5:02:11 AM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:23 [aolacsd.exe]
FilePath : C:\PROGRA~1\COMMON~1\AOL\ACS\
ProcessID : 896
ThreadCreationTime : 6-23-2007 5:02:22 AM
BasePriority : Normal


#:24 [psyjkmdd.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 628
ThreadCreationTime : 6-23-2007 5:02:26 AM
BasePriority : Normal


#:25 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\
ProcessID : 1924
ThreadCreationTime : 6-23-2007 5:02:29 AM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:26 [navapsvc.exe]
FilePath : C:\Program Files\Norton Internet Security\Norton AntiVirus\
ProcessID : 1836
ThreadCreationTime : 6-23-2007 5:02:33 AM
BasePriority : Normal
FileVersion : 11.5.0.44
ProductVersion : 11.5.0
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2005 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:27 [jusched.exe]
FilePath : C:\Program Files\Java\j2re1.4.2_03\bin\
ProcessID : 492
ThreadCreationTime : 6-23-2007 5:02:33 AM
BasePriority : Normal


#:28 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 488
ThreadCreationTime : 6-23-2007 5:02:36 AM
BasePriority : Normal
FileVersion : 7.10.11 13May04
ProductVersion : 7.10.11 13May04
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright © Synaptics, Inc. 1996-2004
OriginalFilename : SynTPLpr.exe

#:29 [hpzipm12.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 764
ThreadCreationTime : 6-23-2007 5:02:36 AM
BasePriority : Normal
FileVersion : 10, 1, 1, 2
ProductVersion : 10, 1, 1, 2
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-Packard Company
OriginalFilename : PmlDrv.exe

#:30 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 380
ThreadCreationTime : 6-23-2007 5:02:36 AM
BasePriority : Normal
FileVersion : 7.10.11 13May04
ProductVersion : 7.10.11 13May04
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright © Synaptics, Inc. 1996-2004
OriginalFilename : SynTPEnh.exe

#:31 [ifrmewrk.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 880
ThreadCreationTime : 6-23-2007 5:02:37 AM
BasePriority : Normal
FileVersion : 9, 0, 1, 19
ProductVersion : 9, 0, 0, 0
ProductName : Intel PROSet/Wireless
CompanyName : Intel Corporation
FileDescription : Intel Framework MFC Application
InternalName : Framework
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : iFramewrk.exe

#:32 [regsrvc.exe]
FilePath : C:\Program Files\Intel\Wireless\Bin\
ProcessID : 1524
ThreadCreationTime : 6-23-2007 5:02:38 AM
BasePriority : Normal
FileVersion : 9, 0, 1, 10
ProductVersion : 9, 0, 0, 0
ProductName : RegSrvc Module
CompanyName : Intel Corporation
FileDescription : RegSrvc Module
InternalName : RegSrvc
LegalCopyright : Copyright © Intel Corporation 1999-2004
OriginalFilename : RegSrvc.EXE
Comments : Registry Interface for Intel Wireless Products

#:33 [dvdlauncher.exe]
FilePath : C:\Program Files\CyberLink\PowerDVD\
ProcessID : 1556
ThreadCreationTime : 6-23-2007 5:02:39 AM
BasePriority : Normal
FileVersion : 3.00.0000
ProductVersion : 3.00.0000
ProductName : Cyberlink PowerCinema 3.0
CompanyName : CyberLink Corp.
FileDescription : CyberLink PowerCinema Resident Program
InternalName : CyberLink PowerCinema Resident Program
LegalCopyright : Copyright © 2003 CyberLink Corp.
OriginalFilename : DVDLauncher.EXE

#:34 [mm_tray.exe]
FilePath : C:\Program Files\Musicmatch\Musicmatch Jukebox\
ProcessID : 1716
ThreadCreationTime : 6-23-2007 5:02:40 AM
BasePriority : Normal
FileVersion : 9.00.2053
ProductVersion : 9.00.2053
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : mm_tray
InternalName : mm_tray
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : mm_tray.exe

#:35 [mmtask.exe]
FilePath : C:\Program Files\Musicmatch\Musicmatch Jukebox\
ProcessID : 1164
ThreadCreationTime : 6-23-2007 5:02:41 AM
BasePriority : Normal
FileVersion : 9.0.0.1
ProductVersion : 9.0.0.1
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch Inc.
FileDescription : <Musicmatch System Tray Application>
InternalName : mmtask.exe
LegalCopyright : © Musicmatch Inc.. All rights reserved.
OriginalFilename : mmtask.exe

#:36 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1956
ThreadCreationTime : 6-23-2007 5:02:41 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:37 [realplay.exe]
FilePath : C:\Program Files\Real\RealPlayer\
ProcessID : 2084
ThreadCreationTime : 6-23-2007 5:02:43 AM
BasePriority : Normal
FileVersion : 6.0.9.584
ProductVersion : 6.0.9.584
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealPlayer
InternalName : REALPLAY
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2000
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : REALPLAY.EXE

#:38 [tfswctrl.exe]
FilePath : C:\WINDOWS\system32\dla\
ProcessID : 2172
ThreadCreationTime : 6-23-2007 5:02:46 AM
BasePriority : Normal
FileVersion : 1.04.08a
CompanyName : Sonic Solutions
FileDescription : Drive Letter Access Component
LegalCopyright : Copyright © 2004 Sonic Solutions

#:39 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2192
ThreadCreationTime : 6-23-2007 5:02:47 AM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:40 [dmxlauncher.exe]
FilePath : C:\Program Files\Dell\Media Experience\
ProcessID : 2228
ThreadCreationTime : 6-23-2007 5:02:48 AM
BasePriority : Normal


#:41 [wanmpsvc.exe]
FilePath : C:\WINDOWS\
ProcessID : 2264
ThreadCreationTime : 6-23-2007 5:02:50 AM
BasePriority : Normal
FileVersion : 9, 0, 0, 0
ProductVersion : 9, 0, 0, 0
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : Wan Miniport (ATW) Service
InternalName : WanMPSvc
LegalCopyright : Copyright © 2001 America Online, Inc.
OriginalFilename : WanMPSvc.exe

#:42 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 2300
ThreadCreationTime : 6-23-2007 5:02:51 AM
BasePriority : Normal
FileVersion : 103.5.0.90
ProductVersion : 103.5.0.90
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:43 [fxssvc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2348
ThreadCreationTime : 6-23-2007 5:02:52 AM
BasePriority : Normal
FileVersion : 5.2.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.2.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Fax Service
InternalName : FXSSVC.EXE
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : FXSSVC.EXE

#:44 [symwsc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\Security Center\
ProcessID : 2456
ThreadCreationTime : 6-23-2007 5:02:55 AM
BasePriority : Normal
FileVersion : 2005.1.00.111
ProductVersion : 2005.1
ProductName : Norton Security Center
CompanyName : Symantec Corporation
FileDescription : Norton Security Center Service
InternalName : SymWSC.exe
LegalCopyright : Copyright © 1997-2004 Symantec Corporation
OriginalFilename : SymWSC.exe

#:45 [mwsoemon.exe]
FilePath : C:\PROGRA~1\MYWEBS~1\bar\1.bin\
ProcessID : 2480
ThreadCreationTime : 6-23-2007 5:02:55 AM
BasePriority : Normal
FileVersion : 1,2,2,4
ProductVersion : 2,0,1,0
ProductName : My Web Search Bar for Internet Explorer, email clients, and messenger clients
CompanyName : MyWebSearch.com
FileDescription : My Web Search Plugin Loader
InternalName : mwsoemon
LegalCopyright : Copyright © 2003-2006 MyWebSearch.com
OriginalFilename : mwsoemon.exe

#:46 [hkcmd.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2752
ThreadCreationTime : 6-23-2007 5:03:02 AM
BasePriority : Normal
FileVersion : 3.0.0.4396
ProductVersion : 7.0.0.4396
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : HKCMD.EXE

#:47 [igfxpers.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2840
ThreadCreationTime : 6-23-2007 5:03:08 AM
BasePriority : Normal
FileVersion : 3.0.0.4396
ProductVersion : 7.0.0.4396
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : persistence Module
InternalName : PERSISTENCE
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : IGFXPERS.EXE

#:48 [igfxsrvc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2888
ThreadCreationTime : 6-23-2007 5:03:09 AM
BasePriority : Normal
FileVersion : 3.0.0.4396
ProductVersion : 7.0.0.4396
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : igfxsrvc Module
InternalName : IGFXSRVC
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : IGFXSRVC.EXE

#:49 [aolsoftware.exe]
FilePath : C:\Program Files\Common Files\AOL\1151761591\ee\
ProcessID : 2904
ThreadCreationTime : 6-23-2007 5:03:10 AM
BasePriority : Normal
FileVersion : 1.5.6.1
ProductVersion : 1.5.6.1
ProductName : AOL Service Libraries
CompanyName : America Online, Inc.
FileDescription : AOL
InternalName : AOLSoftware
LegalCopyright : © 2006 America Online, Inc.
OriginalFilename : AOLSoftware.exe

#:50 [retadpu1000106.exe]
FilePath : C:\WINDOWS\
ProcessID : 3296
ThreadCreationTime : 6-23-2007 5:03:12 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 6
ProductVersion : 1, 0, 0, 6
FileDescription : updater
InternalName : retadpu
LegalCopyright : Copyright © 2007
OriginalFilename : retadpu.exe

#:51 [was7mon.exe]
FilePath : C:\Program Files\Common Files\WinAntiSpyware 2007\
ProcessID : 3388
ThreadCreationTime : 6-23-2007 5:03:15 AM
BasePriority : Normal


#:52 [dsagnt.exe]
FilePath : C:\Program Files\DellSupport\
ProcessID : 4036
ThreadCreationTime : 6-23-2007 5:03:19 AM
BasePriority : ?
FileVersion : 3, 0, 0, 197
ProductVersion : 3, 0, 0, 197
ProductName : Dell Support
CompanyName : Gteko Ltd.
FileDescription : Dell Support
InternalName : AUAgent
LegalCopyright : Copyright © 2000 - 2007 Gteko Ltd.
OriginalFilename : AUAgent.exe

#:53 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 1420
ThreadCreationTime : 6-23-2007 5:03:21 AM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:54 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 2648
ThreadCreationTime : 6-23-2007 5:03:28 AM
BasePriority : Normal
FileVersion : 7.5.0324
ProductVersion : 7.5.0324
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright © Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe
Warning! iWon Object found in memory(C:\Program Files\MSN Messenger\RICHED20.dll)

iWon Object Recognized!
Type : Process
Data : RICHED20.dll
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Object : C:\Program Files\MSN Messenger\
FileVersion : 1, 0, 0, 9
ProductVersion : 2, 0, 0, 0
ProductName : Smiley Central
CompanyName : Fun Web Products, Inc.
FileDescription : Smiley Central MSN Rich Edit DLL
InternalName : f3REStub
LegalCopyright : Copyright © 2003,2004
OriginalFilename : f3REStub.dll


#:55 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3168
ThreadCreationTime : 6-23-2007 5:03:33 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:56 [calmain.exe]
FilePath : C:\Program Files\Canon\CAL\
ProcessID : 3116
ThreadCreationTime : 6-23-2007 5:03:49 AM
BasePriority : Normal
FileVersion : 8, 1, 0, 14
ProductVersion : 8, 1, 0, 14
CompanyName : Canon Inc.
FileDescription : Canon Camera Access Library 8
LegalCopyright : Copyright © Canon Inc.
OriginalFilename : CALMAIN.exe

#:57 [dlg.exe]
FilePath : C:\Program Files\Digital Line Detect\
ProcessID : 3916
ThreadCreationTime : 6-23-2007 5:03:59 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : BVRP Software TestLine
CompanyName : BVRP Software
FileDescription : Digital Line Detection
InternalName : TestLine
LegalCopyright : Copyright © 2003
OriginalFilename : TestLine.exe

#:58 [qbdagent.exe]
FilePath : C:\Program Files\Intuit\QuickBooks Pro\Components\QBAgent\
ProcessID : 2740
ThreadCreationTime : 6-23-2007 5:04:03 AM
BasePriority : Normal
FileVersion : 8, 1, 0, 0
ProductVersion : 8, 1, 0, 0
ProductName : QuickBooks
FileDescription : QBDAgent Module
InternalName : QBDAgent
LegalCopyright : Copyright © 1999 by Intuit
LegalTrademarks : QuickBooks® and Quicken® are registered trademarks of Intuit Inc.
OriginalFilename : QBDAgent.EXE

#:59 [mrtmngr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2188
ThreadCreationTime : 6-23-2007 5:04:16 AM
BasePriority : Normal
FileVersion : 2.01
ProductVersion : 1.00
ProductName : Rate Sensing Manager
CompanyName : Marimba Inc.
FileDescription : Rate Sensing Manager
InternalName : mrtMngr.exe
LegalCopyright : Copyright © 1999, Marimba, Inc.
OriginalFilename : mrtMngr.exe

#:60 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3828
ThreadCreationTime : 6-23-2007 5:05:12 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:61 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 3044
ThreadCreationTime : 6-23-2007 5:08:22 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:62 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1480
ThreadCreationTime : 6-23-2007 5:10:06 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE

#:63 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3448
ThreadCreationTime : 6-23-2007 5:14:21 AM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07b18ea1-a523-4961-b6bb-170de4475cca}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07b18ea1-a523-4961-b6bb-170de4475cca}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07b18ea9-a523-4961-b6bb-170de4475cca}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07b18ea9-a523-4961-b6bb-170de4475cca}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07b18eab-a523-4961-b6bb-170de4475cca}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07b18eab-a523-4961-b6bb-170de4475cca}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearch.outlookaddin

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearch.outlookaddin
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearch.outlookaddin.1

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearch.outlookaddin.1
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearchtoolbar.settingsplugin

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearchtoolbar.settingsplugin
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearchtoolbar.settingsplugin.1

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearchtoolbar.settingsplugin.1
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{07b18ea0-a523-4961-b6bb-170de4475cca}

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9}

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{00a6faf1-072e-44cf-8957-5838f569a31d}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{00a6faf1-072e-44cf-8957-5838f569a31d}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07b18ea3-a523-4961-b6bb-170de4475cca}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07b18ea3-a523-4961-b6bb-170de4475cca}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{07b18eac-a523-4961-b6bb-170de4475cca}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{07b18eac-a523-4961-b6bb-170de4475cca}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.popswatterbarbutton

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.popswatterbarbutton
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.popswattersettingscontrol.1

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.popswattersettingscontrol.1
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.popswattersettingscontrol

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.popswattersettingscontrol
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{98d9753d-d73b-42d5-8c85-4469cda897ab}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{98d9753d-d73b-42d5-8c85-4469cda897ab}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.htmlmenu.2

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.htmlmenu.2
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{8e6f1830-9607-4440-8530-13be7c4b1d14}

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{a9571378-68a1-443d-b082-284f960c6d17}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{a9571378-68a1-443d-b082-284f960c6d17}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{f42228fb-e84e-479e-b922-fbbd096e792c}

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{e47caee0-deea-464a-9326-3f2801535a4d}

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{8e6f1832-9607-4440-8530-13be7c4b1d14}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{8e6f1832-9607-4440-8530-13be7c4b1d14}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.htmlmenu

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.htmlmenu
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{9afb8248-617f-460d-9366-d71cdeda3179}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{9afb8248-617f-460d-9366-d71cdeda3179}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.htmlmenu.1

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.htmlmenu.1
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.popswatterbarbutton.1

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.popswatterbarbutton.1
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{07b18eaa-a523-4961-b6bb-170de4475cca}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{07b18eaa-a523-4961-b6bb-170de4475cca}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{adb01e81-3c79-4272-a0f1-7b2be7a782dc}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{adb01e81-3c79-4272-a0f1-7b2be7a782dc}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{938aa51a-996c-4884-98ce-80dd16a5c9da}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{938aa51a-996c-4884-98ce-80dd16a5c9da}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{9ff05104-b030-46fc-94b8-81276e4e27df}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{9ff05104-b030-46fc-94b8-81276e4e27df}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_CLASSES_ROOT
Object : screensavercontrol.screensaverinstaller

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_CLASSES_ROOT
Object : screensavercontrol.screensaverinstaller
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_CLASSES_ROOT
Object : screensavercontrol.screensaverinstaller.1

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_CLASSES_ROOT
Object : screensavercontrol.screensaverinstaller.1
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{29d67d3c-509a-4544-903f-c8c1b8236554}

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{07b18ea1-a523-4961-b6bb-170de4475cca}

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{00a6faf1-072e-44cf-8957-5838f569a31d}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{00a6faf1-072e-44cf-8957-5838f569a31d}
Value : NoExplorer

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-492533919-3165138465-3089621515-1007\software\mywebsearch

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\mywebsearch

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\focusinteractive

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\office\word\addins\mywebsearch.outlookaddin

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\office\word\addins\mywebsearch.outlookaddin
Value : Description

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\office\word\addins\mywebsearch.outlookaddin
Value : FriendlyName

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\office\word\addins\mywebsearch.outlookaddin
Value : LoadBehavior

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\office\outlook\addins\mywebsearch.outlookaddin

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\office\outlook\addins\mywebsearch.outlookaddin
Value : Description

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\office\outlook\addins\mywebsearch.outlookaddin
Value : FriendlyName

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\office\outlook\addins\mywebsearch.outlookaddin
Value : LoadBehavior

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\fun web products

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\fun web products
Value : JpegConversionLib

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\fun web products
Value : CacheDir

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall
Value : DisplayName

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall
Value : HelpLink

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall
Value : Publisher

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall
Value : UninstallString

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall
Value : UrlInfoAbout

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_USERS
Object : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\windows\currentversion\run
Value : MyWebSearch Email Plugin

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\run
Value : MyWebSearch Email Plugin

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 111
Objects found so far: 139


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 139


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : almira kasemi@statse.webtrendslive[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:almira kasemi@statse.webtrendslive.com/
Expires : 6-20-2017 12:52:28 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : almira kasemi@media.fastclick[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:almira kasemi@media.fastclick.net/
Expires : 6-23-2007 2:14:14 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 141



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : almira kasemi@media.fastclick[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\almira kasemi\Cookies\almira kasemi@media.fastclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : almira kasemi@statse.webtrendslive[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\almira kasemi\Cookies\almira kasemi@statse.webtrendslive[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : almira kasemi@2o7[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\almira kasemi\Local Settings\Temp\Cookies\almira kasemi@2o7[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : almira kasemi@advertising[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\almira kasemi\Local Settings\Temp\Cookies\almira kasemi@advertising[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : almira kasemi@atdmt[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\almira kasemi\Local Settings\Temp\Cookies\almira kasemi@atdmt[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : almira kasemi@centrport[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\almira kasemi\Local Settings\Temp\Cookies\almira kasemi@centrport[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : almira kasemi@doubleclick[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\almira kasemi\Local Settings\Temp\Cookies\almira kasemi@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : almira kasemi@ehg-apollogroup.hitbox[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\almira kasemi\Local Settings\Temp\Cookies\almira kasemi@ehg-apollogroup.hitbox[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : almira kasemi@hitbox[2].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\almira kasemi\Local Settings\Temp\Cookies\almira kasemi@hitbox[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : almira kasemi@mediaplex[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\almira kasemi\Local Settings\Temp\Cookies\almira kasemi@mediaplex[1].txt

iWon Object Recognized!
Type : File
Data : riched20.dll
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Object : C:\Program Files\MSN Messenger\
FileVersion : 1, 0, 0, 9
ProductVersion : 2, 0, 0, 0
ProductName : Smiley Central
CompanyName : Fun Web Products, Inc.
FileDescription : Smiley Central MSN Rich Edit DLL
InternalName : f3REStub
LegalCopyright : Copyright © 2003,2004
OriginalFilename : f3REStub.dll


iWon Object Recognized!
Type : File
Data : F3PSSAVR.SCR
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Object : C:\Program Files\MyWebSearch\bar\1.bin\
FileVersion : 1, 0, 2, 0
ProductVersion : 1, 0, 2, 0
ProductName : Popular Screensavers
CompanyName : FunWebProducts.com
FileDescription : Popular Screensavers
InternalName : f3PSSavr
LegalCopyright : Copyright © 2004
OriginalFilename : f3PSSavr.scr


iWon Object Recognized!
Type : File
Data : F3RESTUB.DLL
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Object : C:\Program Files\MyWebSearch\bar\1.bin\
FileVersion : 1, 0, 0, 9
ProductVersion : 2, 0, 0, 0
ProductName : Smiley Central
CompanyName : Fun Web Products, Inc.
FileDescription : Smiley Central MSN Rich Edit DLL
InternalName : f3REStub
LegalCopyright : Copyright © 2003,2004
OriginalFilename : f3REStub.dll


iWon Object Recognized!
Type : File
Data : F3WPHOOK.DLL
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Object : C:\Program Files\MyWebSearch\bar\1.bin\



iWon Object Recognized!
Type : File
Data : f3PSSavr.scr
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 2, 0
ProductVersion : 1, 0, 2, 0
ProductName : Popular Screensavers
CompanyName : FunWebProducts.com
FileDescription : Popular Screensavers
InternalName : f3PSSavr
LegalCopyright : Copyright © 2004
OriginalFilename : f3PSSavr.scr


Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 156


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 156




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{a4730ebe-43a6-443e-9776-36915d323ad3}

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\funwebproducts

iWon Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : C:\Program Files\FunWebProducts

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 3
Objects found so far: 159

1:34:51 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:19:14.430
Objects scanned:126044
Objects identified:131
Objects ignored:0
New critical objects:131




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users