 Total PC Protection?, virus problem? |
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Resolved/Inactive General Support Issues  |
 Oct 2 2006, 08:02 PM
Post
#1
|
|
|
Newbie  Group: Members Posts: 3 Joined: 2-October 06 Member No.: 12,721  |
I went out of town over the weekend and when I came back I found out the kids had played with the PC. It said that I have 12 viruses, I did my scans, etc. and still have one "item" that requires urgent attention. Everytime I scan for it though, it still remains.
I am getting little info bubbled popping up in the lower right corner of my screen and when I click on them it directs me to a www.total-pc-protection.com which I have never heard of. It is wanting me to download their spyware protection, etc. The computer "issues" are that it thinks today is November 1 and the hour is one hour behind from actual time. When I go to the settings to change this I get the menu and tabs but am unable to click on any of the buttons to change the settings, nor can I get collapsible menus? I was also unable to delete cookies in my Tools file because it would accept me clicking on the button. Same with downloading updates from windows. I am a total rookie at this, but must fix it ASAP....please help! |
 |
 
|
|
Oct 3 2006, 04:05 PM
Post
#2
|
|
 Advanced Member Group: Volunteer Security Advisor Posts: 3,077 Joined: 18-June 06 From: Auckland, New Zealand Member No.: 4,454 |
Hi algwhite.
In order for the log-reading experts to assist you, please post logs from both Ad-Aware and a program called HijackThis (if necessary, try running them in SafeMode, if they won't play nice in normal mode). See my post in this thread for log-posting instructions: Unable to remove spywares Boran.g et Smitfraud-C It is Post #2 Once the logs are posted, please be patient and don't "bump" your post - due to the heavy demand for help, it could be a day or three before someone gets to your logs  Regards, Spike |
|
|
|
|
Oct 3 2006, 04:25 PM
Post
#3
|
|
|
Newbie Group: Members Posts: 3 Joined: 2-October 06 Member No.: 12,721 |
Thank you for the reply....Here is my log from the HijackThis scan:
Logfile of HijackThis v1.99.1 Scan saved at 4:03:40 PM, on 11/1/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\sumsw32.exe C:\Program Files\Common Files\Symantec Shared\ccProxy.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS C:\WINDOWS\system32\svchost.exe C:\Program Files\Digital Media Reader\shwiconem.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\VTTimer.exe C:\WINDOWS\system32\VTtrayp.exe C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\PROGRA~1\COMMON~1\AOL\112263~1\EE\AOLHOS~1.EXE C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe C:\PROGRA~1\COMMON~1\AOL\112263~1\EE\AOLServiceHost.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\BigFix\BigFix.exe C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/ O2 - BHO: (no name) - {00000000-59D4-4008-9058-080011001200} - (no file) O2 - BHO: (no name) - {00000000-C1EC-0345-6EC2-4D0300000000} - (no file) O2 - BHO: (no name) - {00000000-F09C-02B4-6EC2-AD0300000000} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {3ceff6cd-6f08-4e4d-bccd-ff7415288c3b} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {77701e16-9bfe-4b63-a5b4-7bd156758a37} - (no file) O2 - BHO: (no name) - {7b55bb05-0b4d-44fd-81a6-b136188f5deb} - (no file) O2 - BHO: (no name) - {8333c319-0669-4893-a418-f56d9249fca6} - (no file) O2 - BHO: (no name) - {9c691a33-7dda-4c2f-be4c-c176083f35cf} - (no file) O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: (no name) - {e52dedbb-d168-4bdb-b229-c48160800e81} - (no file) O2 - BHO: (no name) - {ffd2825e-0785-40c5-9a41-518f53a8261f} - (no file) O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [SunKistEM] C:\Program Files\Digital Media Reader\shwiconem.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [VTTimer] VTTimer.exe O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [Reminder] %WINDIR%\Creator\Remind_XP.exe O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1122639952\EE\AOLHostManager.exe O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Adware.Srv32] C:\WINDOWS\system32\runsrv32.exe O4 - HKLM\..\Run: [Transponder] C:\WINDOWS\system32\susp.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {230C3D02-DA27-11D2-8612-00A0C93EEA3C} (SAXFile FileUpload ActiveX Control) - http://www.winkflash.com/photo/loaders/SAXFile.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.snapfish.com/SnapfishActivia.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by106fd.bay106.hotmail.msn.com/resources/MsnPUpld.cab O16 - DPF: {4FAE30E1-EE9C-477D-8D06-BF8D3429B60F} (WebIQ Technology Client) - http://webiq001.webiqonline.com/WebIQ/bin/WebIQ.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1162400359000 O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} (WoF Control) - http://www.worldwinner.com/games/v45/wof/wof.cab O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/ampx/ampx2.6.1.11_en_dl.cab O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://download.games.yahoo.com/games/web_...e/gpcontrol.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://download.games.yahoo.com/games/web_...aploader_v6.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe I will post the Ad-Aware log with a new reply. |
|
|
|
|
Oct 3 2006, 04:45 PM
Post
#4
|
|
|
Newbie Group: Members Posts: 3 Joined: 2-October 06 Member No.: 12,721 |
And the Ad-Aware scan....breaking it into a couple chunks....
And here is the Ad-Aware scan log... Ad-Aware SE Build 1.06r1 Logfile Created on:Thursday, November 02, 2006 9:28:54 AM Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R124 19.09.2006 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Adware.Admess(TAC index:5):6 total references Alexa(TAC index:5):17 total references CoolWebSearch(TAC index:10):2 total references DailyToolbar(TAC index:5):13 total references FakeAlert(TAC index:5):23 total references Tracking Cookie(TAC index:3):17 total references Transponder(TAC index:10):1 total references Win32.Trojan.ComputerHijacker(TAC index:10):14 total references WinFavorites(TAC index:6):7 total references VX2(TAC index:10):1 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for low-risk threats Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 11-2-2006 9:28:54 AM - Scan started. (Full System Scan) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 460 ThreadCreationTime : 11-1-2006 6:31:12 PM BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 508 ThreadCreationTime : 11-1-2006 6:31:18 PM BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 532 ThreadCreationTime : 11-1-2006 6:31:19 PM BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 576 ThreadCreationTime : 11-1-2006 6:31:22 PM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Services and Controller app InternalName : services.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 588 ThreadCreationTime : 11-1-2006 6:31:22 PM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 724 ThreadCreationTime : 11-1-2006 6:31:28 PM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 816 ThreadCreationTime : 11-1-2006 6:31:30 PM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 900 ThreadCreationTime : 11-1-2006 6:31:31 PM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 976 ThreadCreationTime : 11-1-2006 6:31:31 PM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1072 ThreadCreationTime : 11-1-2006 6:31:33 PM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [ccsetmgr.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1356 ThreadCreationTime : 11-1-2006 6:31:35 PM BasePriority : Normal FileVersion : 104.0.8.3 ProductVersion : 104.0.8.3 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec Settings Manager Service InternalName : ccSetMgr LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved. OriginalFilename : ccSetMgr.exe #:12 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 1472 ThreadCreationTime : 11-1-2006 6:31:37 PM BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : EXPLORER.EXE #:13 [ccevtmgr.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1532 ThreadCreationTime : 11-1-2006 6:31:41 PM BasePriority : Normal FileVersion : 104.0.8.3 ProductVersion : 104.0.8.3 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec Event Manager Service InternalName : ccEvtMgr LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved. OriginalFilename : ccEvtMgr.exe #:14 [sumsw32.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1556 ThreadCreationTime : 11-1-2006 6:31:41 PM BasePriority : Normal FileVersion : 1.00.0002 ProductVersion : 1.00.0002 ProductName : desk_n_ball InternalName : Desk_n_Ball OriginalFilename : Desk_n_Ball.exe #:15 [ccproxy.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1652 ThreadCreationTime : 11-1-2006 6:31:45 PM BasePriority : Normal FileVersion : 104.0.11.1 ProductVersion : 104.0.11.1 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec Network Proxy Service InternalName : ccProxy LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved. OriginalFilename : ccProxy.exe #:16 [sndsrvc.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1712 ThreadCreationTime : 11-1-2006 6:31:45 PM BasePriority : Normal FileVersion : 6.0.4.402 ProductVersion : 6.0 ProductName : Symantec Security Drivers CompanyName : Symantec Corporation FileDescription : Network Driver Service InternalName : SndSrvc LegalCopyright : Copyright 2002 - 2006 Symantec Corporation OriginalFilename : SndSrvc.exe #:17 [spbbcsvc.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\ ProcessID : 1796 ThreadCreationTime : 11-1-2006 6:31:46 PM BasePriority : Normal FileVersion : 2.1.0.4 ProductVersion : 2.1.0.4 ProductName : SPBBC CompanyName : Symantec Corporation FileDescription : SPBBC Service InternalName : SPBBCSvc LegalCopyright : Copyright © 2004, 2005 Symantec Corporation. All rights reserved. OriginalFilename : SPBBCSvc.exe #:18 [symlcsvc.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\ ProcessID : 1860 ThreadCreationTime : 11-1-2006 6:31:47 PM BasePriority : Normal FileVersion : 1.9.1.826 ProductVersion : 1.9.1.826 ProductName : Symantec Core Component CompanyName : Symantec Corporation FileDescription : Symantec Core Component InternalName : symlcsvc LegalCopyright : Copyright © 2003 OriginalFilename : symlcsvc.exe #:19 [lexbces.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1992 ThreadCreationTime : 11-1-2006 6:31:51 PM BasePriority : Normal FileVersion : 9.35 ProductVersion : 9.35 ProductName : MarkVision for Windows (32 bit) CompanyName : Lexmark International, Inc. FileDescription : LexBce Service InternalName : LexBce Service LegalCopyright : © 1993 - 2003 Lexmark International, Inc. OriginalFilename : LexBceS.exe #:20 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2016 ThreadCreationTime : 11-1-2006 6:31:51 PM BasePriority : Normal FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) ProductVersion : 5.1.2600.2696 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:21 [lexpps.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2040 ThreadCreationTime : 11-1-2006 6:31:51 PM BasePriority : Normal FileVersion : 9.35 ProductVersion : 9.35 ProductName : MarkVision for Windows (32 bit) CompanyName : Lexmark International, Inc. FileDescription : LEXPPS.EXE InternalName : LEXPPS LegalCopyright : © 1993 - 2003 Lexmark International, Inc. OriginalFilename : LEXPPS.EXE Comments : MarkVision for Windows '95 New P2P Server (32-bit) #:22 [aolacsd.exe] FilePath : C:\Program Files\Common Files\AOL\ACS\ ProcessID : 880 ThreadCreationTime : 11-1-2006 6:31:57 PM BasePriority : Normal FileVersion : 3.0.0.1 ProductVersion : 3.0.0.1 ProductName : AOL Connectivity Service CompanyName : America Online FileDescription : AOL Connectivity Service InternalName : AOLacsd LegalCopyright : Copyright © 2004 America Online OriginalFilename : AOLacsd.exe #:23 [aoltsmon.exe] FilePath : C:\Program Files\Common Files\AOL\TopSpeed\2.0\ ProcessID : 892 ThreadCreationTime : 11-1-2006 6:31:57 PM BasePriority : Normal FileVersion : 2, 0, 0, 0 ProductVersion : 2, 0, 0, 0 ProductName : AOL TopSpeed™ Monitor CompanyName : America Online, Inc FileDescription : AOL TopSpeed™ Monitor InternalName : AOL TopSpeed™ Monitor LegalCopyright : Copyright © 2004 America Online, Inc. OriginalFilename : aoltsmon.exe #:24 [aoltpspd.exe] FilePath : C:\Program Files\Common Files\AOL\TopSpeed\2.0\ ProcessID : 968 ThreadCreationTime : 11-1-2006 6:31:58 PM BasePriority : Normal FileVersion : 2, 0, 0, 0 ProductVersion : 2, 0, 0, 0 ProductName : AOL TopSpeed™ CompanyName : America Online Inc FileDescription : AOL TopSpeed™ InternalName : AOL TopSpeed™ Loader LegalCopyright : Copyright © 2003-2004 LegalTrademarks : AOL TopSpeed™ OriginalFilename : aoltpspd.exe #:25 [aluschedulersvc.exe] FilePath : C:\Program Files\Symantec\LiveUpdate\ ProcessID : 952 ThreadCreationTime : 11-1-2006 6:31:58 PM BasePriority : Normal FileVersion : 3.0.0.171 ProductVersion : 3.0.0.171 ProductName : LiveUpdate CompanyName : Symantec Corporation FileDescription : Automatic LiveUpdate Scheduler Service InternalName : Automatic LiveUpdate Scheduler Service LegalCopyright : Copyright © 1996-2005 Symantec Corporation OriginalFilename : ALUSchedulerSvc.exe #:26 [navapsvc.exe] FilePath : C:\Program Files\Norton Internet Security\Norton AntiVirus\ ProcessID : 796 ThreadCreationTime : 11-1-2006 6:31:59 PM BasePriority : Normal FileVersion : 12.2.0.13 ProductVersion : 12.2.0 ProductName : Norton AntiVirus CompanyName : Symantec Corporation FileDescription : Norton AntiVirus Auto-Protect Service InternalName : NAVAPSVC LegalCopyright : Norton AntiVirus 2006 for Windows 2000/XP Copyright © 2005 Symantec Corporation. All rights reserved. OriginalFilename : NAVAPSVC.EXE #:27 [prismxl.sys] FilePath : C:\Program Files\Common Files\New Boundary\PrismXL\ ProcessID : 1156 ThreadCreationTime : 11-1-2006 6:32:00 PM BasePriority : Normal FileVersion : 6.0.1.22 ProductVersion : 6.0.1.22 ProductName : PrismXL Software Family CompanyName : New Boundary Technologies, Inc. FileDescription : PrismXL Service InternalName : PrismXL Service LegalCopyright : © 1997-2004 New Boundary Technologies OriginalFilename : PrismXL.sys #:28 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1224 ThreadCreationTime : 11-1-2006 6:32:03 PM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:29 [wdfmgr.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1272 ThreadCreationTime : 11-1-2006 6:32:03 PM BasePriority : Normal FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act) ProductVersion : 5.2.3790.1230 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows User Mode Driver Manager InternalName : WdfMgr LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : WdfMgr.exe #:30 [alg.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 2272 ThreadCreationTime : 11-1-2006 6:32:12 PM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:31 [shwiconem.exe] FilePath : C:\Program Files\Digital Media Reader\ ProcessID : 2352 ThreadCreationTime : 11-1-2006 6:32:14 PM BasePriority : Idle FileVersion : 1, 4, 0, 8 ProductVersion : 1, 4, 0, 8 ProductName : Multimedia Card Reader CompanyName : Alcor Micro, Corp. LegalCopyright : Copyright c 2002 Comments : Alcor 9360 4/4.5 Slot XP #:32 [pdvdserv.exe] FilePath : C:\Program Files\CyberLink\PowerDVD\ ProcessID : 2376 ThreadCreationTime : 11-1-2006 6:32:15 PM BasePriority : Normal FileVersion : 6.00.1027 ProductVersion : 6.00.1027 ProductName : PowerDVD CompanyName : Cyberlink Corp. FileDescription : PowerDVD RC Service InternalName : PowerDVD RC Service LegalCopyright : Copyright © CyberLink Corp. 1997-2004 OriginalFilename : PDVDSERV.EXE #:33 [vttimer.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2400 ThreadCreationTime : 11-1-2006 6:32:15 PM BasePriority : Normal FileVersion : 2.00.01-0307 ProductVersion : 2.00.01-0307 ProductName : S3 Graphics, Inc. Utilities CompanyName : S3 Graphics, Inc. InternalName : S3Timer LegalCopyright : Copyright © 2001-2005 S3 Graphics, Inc. LegalTrademarks : S3 is a registered trademark of S3 Incorporated #:34 [vttrayp.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2420 ThreadCreationTime : 11-1-2006 6:32:15 PM BasePriority : Normal FileVersion : 2.00.36-0308B ProductVersion : 2.00.36-0308B ProductName : Part of S3 Screen Toys CompanyName : S3 Graphics Co., Ltd. FileDescription : s3contrl (32-bit) InternalName : s3contrl LegalCopyright : Copyright © 2004-2005 S3 Graphics Co., Ltd. LegalTrademarks : S3 is a registered trademark of S3 Incorporated Comments : S3TrayPlus tray icon utility (32-bit) #:35 [aolsp scheduler.exe] FilePath : C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\ ProcessID : 2792 ThreadCreationTime : 11-1-2006 6:32:19 PM BasePriority : Normal FileVersion : 1, 0, 0, 74 ProductVersion : 1, 0, 0, 74 ProductName : AOLSP Scheduler FileDescription : AOLSP Scheduler InternalName : AOLSP Scheduler LegalCopyright : Copyright © America Online, Inc. 2004 OriginalFilename : AOLSP Scheduler.exe #:36 [soundman.exe] FilePath : C:\WINDOWS\ ProcessID : 2800 ThreadCreationTime : 11-1-2006 6:32:19 PM BasePriority : Normal FileVersion : 5.1.0.29 ProductVersion : 5.1.0.29 ProductName : Realtek Sound Manager CompanyName : Realtek Semiconductor Corp. FileDescription : Realtek Sound Manager InternalName : ALSMTray LegalCopyright : Copyright © 2001-2004 Realtek Semiconductor Corp. OriginalFilename : ALSMTray.exe Comments : Realtek AC97 Audio Sound Manager #:37 [qttask.exe] FilePath : C:\Program Files\QuickTime\ ProcessID : 2820 ThreadCreationTime : 11-1-2006 6:32:20 PM BasePriority : Normal FileVersion : 6.5 ProductVersion : QuickTime 6.5 ProductName : QuickTime CompanyName : Apple Computer, Inc. InternalName : QuickTime Task LegalCopyright : © Apple Computer, Inc. 2001-2004 OriginalFilename : QTTask.exe #:38 [realplay.exe] FilePath : C:\Program Files\Real\RealPlayer\ ProcessID : 2872 ThreadCreationTime : 11-1-2006 6:32:22 PM BasePriority : Normal FileVersion : 6.0.9.584 ProductVersion : 6.0.9.584 ProductName : RealPlayer (32-bit) CompanyName : RealNetworks, Inc. FileDescription : RealPlayer InternalName : REALPLAY LegalCopyright : Copyright © RealNetworks, Inc. 1995-2000 LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc. OriginalFilename : REALPLAY.EXE #:39 [aolhos~1.exe] FilePath : C:\PROGRA~1\COMMON~1\AOL\112263~1\EE\ ProcessID : 2912 ThreadCreationTime : 11-1-2006 6:32:23 PM BasePriority : Normal FileVersion : 1.0.0.6 ProductVersion : 1.0.0.6 ProductName : AOL Service Libraries CompanyName : America Online, Inc. FileDescription : AOLHostManager Service InternalName : AOLHostManager LegalCopyright : © 2004 America Online, Inc. OriginalFilename : AOLHostManager.exe #:40 [mm_tray.exe] FilePath : C:\Program Files\Musicmatch\Musicmatch Jukebox\ ProcessID : 2956 ThreadCreationTime : 11-1-2006 6:32:23 PM BasePriority : Normal FileVersion : 10.00.4033 ProductVersion : 10.00.4033 ProductName : Musicmatch Jukebox CompanyName : Musicmatch, Inc. FileDescription : mm_tray InternalName : mm_tray LegalCopyright : Copyright © Musicmatch 1998-2004 LegalTrademarks : OriginalFilename : mm_tray.exe #:41 [aolservicehost.exe] FilePath : C:\PROGRA~1\COMMON~1\AOL\112263~1\EE\ ProcessID : 2964 ThreadCreationTime : 11-1-2006 6:32:24 PM BasePriority : Normal FileVersion : 1.0.0.6 ProductVersion : 1.0.0.6 ProductName : AOL Service Libraries CompanyName : America Online, Inc. FileDescription : AOLServiceHost Service InternalName : AOLServiceHost LegalCopyright : © 2004 America Online, Inc. OriginalFilename : AOLServiceHost.exe #:42 [jusched.exe] FilePath : C:\Program Files\Java\jre1.5.0_06\bin\ ProcessID : 2984 ThreadCreationTime : 11-1-2006 6:32:25 PM BasePriority : Normal #:43 [ccapp.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 2996 ThreadCreationTime : 11-1-2006 6:32:25 PM BasePriority : Normal FileVersion : 104.0.8.3 ProductVersion : 104.0.8.3 ProductName : Client and Host Security Platform CompanyName : Symantec Corporation FileDescription : Symantec User Session InternalName : ccApp LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved. OriginalFilename : ccApp.exe #:44 [mmdiag.exe] FilePath : C:\PROGRA~1\MUSICM~1\MUSICM~1\ ProcessID : 3072 ThreadCreationTime : 11-1-2006 6:32:26 PM BasePriority : Normal FileVersion : 10.00.4033 ProductVersion : 10.00.4033 ProductName : Musicmatch Jukebox CompanyName : Musicmatch, Inc. FileDescription : Logging and tracing manager InternalName : MMTraceExe LegalCopyright : Copyright © Musicmatch 1998-2004 LegalTrademarks : OriginalFilename : MMTraceExe.EXE #:45 [msmsgs.exe] FilePath : C:\Program Files\Messenger\ ProcessID : 3076 ThreadCreationTime : 11-1-2006 6:32:26 PM BasePriority : Normal FileVersion : 4.7.3001 ProductVersion : Version 4.7.3001 ProductName : Messenger CompanyName : Microsoft Corporation FileDescription : Windows Messenger InternalName : msmsgs LegalCopyright : Copyright © Microsoft Corporation 2004 LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries. OriginalFilename : msmsgs.exe #:46 [bigfix.exe] FilePath : C:\Program Files\BigFix\ ProcessID : 3208 ThreadCreationTime : 11-1-2006 6:32:31 PM BasePriority : Normal FileVersion : 1, 7, 6, 0 ProductVersion : 1, 7, 6, 0 ProductName : BigFix CompanyName : BigFix Inc. FileDescription : BigFix Client Application InternalName : BigFix LegalCopyright : Copyright © 2002 OriginalFilename : BigFix.exe #:47 [mim.exe] FilePath : C:\Program Files\Musicmatch\Musicmatch Jukebox\ ProcessID : 3264 ThreadCreationTime : 11-1-2006 6:32:32 PM BasePriority : Normal FileVersion : 10.00.4033 ProductVersion : 10.00.4033 ProductName : Musicmatch Jukebox CompanyName : Musicmatch, Inc. FileDescription : mim InternalName : mim LegalCopyright : Copyright © Musicmatch 1998-2004 LegalTrademarks : OriginalFilename : mim.exe #:48 [nscsrvce.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\Security Console\ ProcessID : 3824 ThreadCreationTime : 11-1-2006 6:32:52 PM BasePriority : Normal FileVersion : 2006.1.6.2 ProductVersion : 2006.1.6 ProductName : Norton Security Console CompanyName : Symantec Corporation FileDescription : Norton Security Console Norton Protection Center Service InternalName : NSCService LegalCopyright : Norton Security Console 2006 for Windows 2000/XP Copyright © 2005 Symantec Corporation. All rights reserved. OriginalFilename : NSCSrvce.exe #:49 [iexplore.exe] FilePath : C:\Program Files\Internet Explorer\ ProcessID : 3004 ThreadCreationTime : 11-1-2006 9:25:19 PM BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : iexplore LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : IEXPLORE.EXE #:50 [wuauclt.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 376 ThreadCreationTime : 11-2-2006 2:39:36 PM BasePriority : Normal FileVersion : 5.8.0.2469 built by: lab01_n(wmbla) ProductVersion : 5.8.0.2469 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Automatic Updates InternalName : wuauclt.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : wuauclt.exe #:51 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\ ProcessID : 3720 ThreadCreationTime : 11-2-2006 3:26:50 PM BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Adware.Admess Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : appid\{f6bdb4e5-d6aa-4d1f-8b67-bcb0f2246e21} Adware.Admess Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : appid\wstart.dll Adware.Admess Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{9896231a-c487-43a5-8369-6ec9b0a96cc0} Adware.Admess Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : wstart.whttphelper Adware.Admess Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : wstart.whttphelper.1 Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : alxtb.bho Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{f1fabe79-25fc-46de-8c5a-2c6db9d64333} Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{0bbb0424-e98e-4405-9a94-481854765c80} Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{0f3332b5-bc98-48af-9fac-05fec94ebe73} Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{3e60160f-0ed6-4dcc-b6b6-850cde4fd217} Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{a69107cc-bec8-4a34-b474-211b0f46a764} Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{b7b84995-8b92-46bf-94aa-fa2f3dd23b84} Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{fa77ad79-09cf-41fb-b171-cc856f9e737f} Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : popmenu.menu Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : popup.popupkiller Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : typelib\{547ab549-4dd8-4ea0-b070-f6ea062148ff} Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{a6a68cbd-6673-41b1-b997-3f83a25b45b0} Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{b71c7d9a-da43-4e8b-bb98-1684ac2af324} DailyToolbar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Misc Comment : Rootkey : HKEY_CLASSES_ROOT Object : appid\dailytoolbar.dll DailyToolbar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Misc Comment : Rootkey : HKEY_CLASSES_ROOT Object : appid\{951b3138-ae8e-4676-a05a-250a5f111631} DailyToolbar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Misc Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{58f9b276-e1cc-458e-8159-21cbc021874b} DailyToolbar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Misc Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{8333c319-0669-4893-a418-f56d9249fca6} and the second part.... DailyToolbar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Misc Comment : Rootkey : HKEY_CLASSES_ROOT Object : dailytoolbar.ieband DailyToolbar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Misc Comment : Rootkey : HKEY_CLASSES_ROOT Object : dailytoolbar.sysmgr DailyToolbar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Misc Comment : Rootkey : HKEY_CLASSES_ROOT Object : ietoolbar.affiliatectl DailyToolbar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Misc Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{10195311-e434-47a9-adba-48839e3f7e4e} DailyToolbar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Misc Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{abafa0b4-f78d-42e5-8c31-1a441d01c1df} FakeAlert Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{60e2e76b-60e2e76b-60e2e76b-60e2e76b-60e2e76b} FakeAlert Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{e52dedbb-d168-4bdb-b229-c48160800e81} Win32.Trojan.ComputerHijacker Object Recognized! Type : Regkey Data : TAC Rating : 10 Category : Hijacker Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{80bb7465-a638-43b5-9827-8e8fe38dfcc1} Win32.Trojan.ComputerHijacker Object Recognized! Type : Regkey Data : TAC Rating : 10 Category : Hijacker Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{4fdbdbad-fefe-4c4c-9cc1-1181052afb12} Win32.Trojan.ComputerHijacker Object Recognized! Type : Regkey Data : TAC Rating : 10 Category : Hijacker Comment : Rootkey : HKEY_CLASSES_ROOT Object : typelib\{c094876d-1b0e-46fa-b6a6-7ffc0f970c27} WinFavorites Object Recognized! Type : Regkey Data : TAC Rating : 6 Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : bridge.brdg WinFavorites Object Recognized! Type : Regkey Data : TAC Rating : 6 Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : jao.jao Adware.Admess Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\wsoft Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\alexa internet CoolWebSearch Object Recognized! Type : Regkey Data : TAC Rating : 10 Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{7b55bb05-0b4d-44fd-81a6-b136188f5deb} DailyToolbar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Misc Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\dailytoolbar DailyToolbar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Misc Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\nix solutions\dailytoolbar Transponder Object Recognized! Type : Regkey Data : TAC Rating : 10 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\transponder Win32.Trojan.ComputerHijacker Object Recognized! Type : Regkey Data : TAC Rating : 10 Category : Hijacker Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-59d4-4008-9058-080011001200} Win32.Trojan.ComputerHijacker Object Recognized! Type : Regkey Data : TAC Rating : 10 Category : Hijacker Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-c1ec-0345-6ec2-4d0300000000} Win32.Trojan.ComputerHijacker Object Recognized! Type : Regkey Data : TAC Rating : 10 Category : Hijacker Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-f09c-02b4-6ec2-ad0300000000} Win32.Trojan.ComputerHijacker Object Recognized! Type : Regkey Data : TAC Rating : 10 Category : Hijacker Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{3ceff6cd-6f08-4e4d-bccd-ff7415288c3b} Win32.Trojan.ComputerHijacker Object Recognized! Type : Regkey Data : TAC Rating : 10 Category : Hijacker Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{8333c319-0669-4893-a418-f56d9249fca6} Win32.Trojan.ComputerHijacker Object Recognized! Type : Regkey Data : TAC Rating : 10 Category : Hijacker Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{9c691a33-7dda-4c2f-be4c-c176083f35cf} Win32.Trojan.ComputerHijacker Object Recognized! Type : Regkey Data : TAC Rating : 10 Category : Hijacker Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{e52dedbb-d168-4bdb-b229-c48160800e81} Win32.Trojan.ComputerHijacker Object Recognized! Type : Regkey Data : TAC Rating : 10 Category : Hijacker Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{ffd2825e-0785-40c5-9a41-518f53a8261f} WinFavorites Object Recognized! Type : Regkey Data : TAC Rating : 6 Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\classes\clsid\{80bb7465-a638-43b5-9827-8e8fe38dfcc1} WinFavorites Object Recognized! Type : Regkey Data : TAC Rating : 6 Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\classes\interface\{4fdbdbad-fefe-4c4c-9cc1-1181052afb12} WinFavorites Object Recognized! Type : Regkey Data : TAC Rating : 6 Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\classes\typelib\{c094876d-1b0e-46fa-b6a6-7ffc0f970c27} VX2 Object Recognized! Type : Regkey Data : TAC Rating : 10 Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\respondmiter Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 52 Objects found so far: 52 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 52 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@ads.pointroll[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@ads.pointroll[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@advertising[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@advertising[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@atdmt[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@casalemedia[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@casalemedia[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@citi.bridgetrack[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@citi.bridgetrack[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@clickbank[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@clickbank[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@ehg-bestbuy.hitbox[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@ehg-bestbuy.hitbox[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@fastclick[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@fastclick[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@hitbox[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@hitbox[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@mediaplex[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@mediaplex[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@questionmarket[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@questionmarket[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@realmedia[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@realmedia[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@server.iad.liveperson[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@server.iad.liveperson[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@trafficmp[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@trafficmp[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@tribalfusion[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@z1.adserver[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@z1.adserver[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@zedo[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@zedo[1].txt Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 17 Objects found so far: 69 Deep scanning and examining files (C:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 69 Deep scanning and examining files (D:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for D:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 69 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 69 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\alexa toolbar Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\alexa toolbar Alexa Object Recognized! Type : File Data : alxres.dll TAC Rating : 5 Category : Data Miner Comment : Object : C:\WINDOWS\system32\ DailyToolbar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Misc Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\nix solutions DailyToolbar Object Recognized! Type : File Data : dailytoolbar.dll TAC Rating : 5 Category : Misc Comment : Object : C:\WINDOWS\system32\ FakeAlert Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Malware Comment : Rootkey : HKEY_CURRENT_USER Object : software\microsoft\windows\currentversion\runonce\srv32 spool service Value : Adware.Srv32 FakeAlert Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\run Value : Transponder FakeAlert Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\run Value : Adware.Srv32 FakeAlert Object Recognized! Type : File Data : alexaie.dll TAC Rating : 5 Category : Malware Comment : Object : C:\WINDOWS\ FakeAlert Object Recognized! Type : File Data : alxtb1.dll TAC Rating : 5 Category : Malware Comment : Object : C:\WINDOWS\ FakeAlert Object Recognized! Type : File Data : alxie328.dll TAC Rating : 5 Category : Malware Comment : Object : C:\WINDOWS\ FakeAlert Object Recognized! Type : File Data : BTGrab.dll TAC Rating : 5 Category : Malware Comment : Object : C:\WINDOWS\ FakeAlert Object Recognized! Type : File Data : dlmax.dll TAC Rating : 5 Category : Malware Comment : Object : C:\WINDOWS\ FakeAlert Object Recognized! Type : File Data : Pynix.dll TAC Rating : 5 Category : Malware Comment : Object : C:\WINDOWS\ FakeAlert Object Recognized! Type : File Data : susp.exe TAC Rating : 5 Category : Malware Comment : Object : C:\WIN |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
|
Lo-Fi Version | Time is now: 31st July 2010 - 11:25 PM |