Help - Search - Members - Calendar
Full Version: Maldaware won't go
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Resolved/Inactive General Support Issues
Euan
Sep 10 2006, 11:01 PM
I've run Panda, Hijack this and skitrem and I'm still infected. What can I do? Please halp.

Here are my logs
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:13:41 AM 11/09/2006

+ Scan result:



C:\Documents and Settings\Owner\Cookies\owner@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Owner\Cookies\owner@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
C:\Documents and Settings\Owner\Cookies\owner@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
C:\Documents and Settings\Owner\Cookies\owner@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).


::Report end

Activescan

Incident Status Location

Spyware:Cookie/888 Not disinfected C:\Documents and Settings\Lachlan\Cookies\lachlan@888[1].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Lachlan\Cookies\lachlan@adopt.hbmediapro[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Lachlan\Cookies\lachlan@atwola[1].txt
Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Lachlan\Cookies\lachlan@offeroptimizer[1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Lachlan\Cookies\lachlan@toplist[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Lachlan & Kids\Cookies\lachlan & kids@ad.sensismediasmart.com[1].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Lachlan & Kids\Cookies\lachlan & kids@apmebf[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Lachlan & Kids\Cookies\lachlan & kids@atwola[2].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\Lachlan & Kids\Cookies\lachlan & kids@ccbill[1].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Lachlan & Kids\Cookies\lachlan & kids@cgi-bin[3].txt
Spyware:Cookie/Cgi-bin Not disinfected C:\Documents and Settings\Lachlan & Kids\Cookies\lachlan & kids@cgi-bin[6].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Lachlan & Kids\Cookies\lachlan & kids@drivecleaner[2].txt
Spyware:Cookie/Malwarewipe Not disinfected C:\Documents and Settings\Lachlan & Kids\Cookies\lachlan & kids@malwarewipe[1].txt
Spyware:Cookie/OfferOptimizer Not disinfected C:\Documents and Settings\Lachlan & Kids\Cookies\lachlan & kids@offeroptimizer[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Lachlan & Kids\Cookies\lachlan & kids@realmedia[1].txt
Spyware:Cookie/Dashbar Not disinfected C:\Documents and Settings\Lachlan & Kids\Cookies\lachlan & kids@results.dashbar[1].txt
Spyware:Cookie/Rn11 Not disinfected C:\Documents and Settings\Lachlan & Kids\Cookies\lachlan & kids@rn11[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Lachlan & Kids\Cookies\lachlan & kids@stats.drivecleaner[2].txt
Spyware:Cookie/DriveCleaner

Logfile of HijackThis v1.99.1
Scan saved at 8:49:08 PM, on 10/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Owner\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/...//www.yahoo.com
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O8 - Extra context menu item: MWOL &Dictionary - res://C:\WINDOWS\_MWOLTB.DLL/23/219
O8 - Extra context menu item: MWOL &Thesaurus - res://C:\WINDOWS\_MWOLTB.DLL/23/220
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: BigPond Broadband Cable Login (bpcService) - Unknown owner - C:\Program Files\Telstra\Cable Login\bpcService.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Ad Astra
Sep 11 2006, 08:36 PM
Hi

Could you post a log from a scan with Ad-Aware SE please. Ensure you have the latest defintions file update.

1) Start Ad-Aware SE

2) Click on the link "Check for updates now" press the connect button and follow the prompts to ensure you are up to date.

3) Press the start button and in the Preparing System Scan window select the option "Perform full system scan", click on "Search for negligible risk entries" so that it shows a red cross i.e. is deselected and click on "Search for low-risk threats" so that is shows green tick i.e. is selected.

4) Click the next button to start the full scan, when the scan finishes click on the show logfile button. In the log window right mouse click and select "Select all..." then right mouse click again and select "Copy to clipboard" then paste in a reply to this thread.
Euan
Sep 14 2006, 03:12 PM
Here is the first half of my my log from AdAware.

I'll post the second half later

Should I quarantine the things it found?

Thanks very much for your help.

Ad-Aware SE Build 1.06r1
Logfile Created on:Thursday, 14 September 2006 9:39:16 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R122 08.09.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.Pop(TAC index:3):5 total references
CoolWebSearch(TAC index:10):31 total references
Coulomb Dialer(TAC index:5):1 total references
MRU List(TAC index:0):52 total references
Possible Browser Hijack attempt(TAC index:3):5 total references
Search Relevancy(TAC index:5):5 total references
SpySpotter(TAC index:3):3 total references
Tracking Cookie(TAC index:3):61 total references
Win32.Trojan.Downloader(TAC index:10):9 total references
WindUpdates(TAC index:8):3 total references
VX2(TAC index:10):5 total references
Zango(TAC index:6):6 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


14-09-2006 9:39:16 PM - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\Owner\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\Owner\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\google\navclient\1.1\history
Description : list of recently used search terms in the google toolbar


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\mediaplayer\player\settings
Description : last save as directory used in jasc paint shop pro


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\mediaplayer\preferences
Description : last cd record path used in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\office\10.0\clip organizer\search\last query
Description : last query in microsoft clip organizer


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\office\10.0\common\general
Description : list of recently used symbols in microsoft office


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\office\10.0\common\open find\microsoft powerpoint\settings\insert picture\file name mru
Description : list of recent pictured inserted in microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\office\10.0\common\open find\microsoft powerpoint\settings\save as\file name mru
Description : list of recent documents saved by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\office\10.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\office\10.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\office\10.0\excel\recent files
Description : list of recent files used by microsoft excel


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\office\10.0\powerpoint\recent file list
Description : list of recent files used by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\office\10.0\powerpoint\recent templates
Description : list of recent templates used by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\office\10.0\powerpoint\recent typeface list
Description : list of recently used typefaces in microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\office\10.0\powerpoint\recenttemplatelist
Description : list of recent templates used by microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\office\8.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\office\8.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\office\8.0\excel\recent file list
Description : list of recent files used by microsoft excel


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\nvidia corporation\global\nview\windowmanagement
Description : nvidia nview cached application window positions


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 636
ThreadCreationTime : 14-09-2006 5:46:33 AM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 688
ThreadCreationTime : 14-09-2006 5:46:36 AM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 728
ThreadCreationTime : 14-09-2006 5:46:38 AM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 772
ThreadCreationTime : 14-09-2006 5:46:38 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 784
ThreadCreationTime : 14-09-2006 5:46:38 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 960
ThreadCreationTime : 14-09-2006 5:46:39 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1008
ThreadCreationTime : 14-09-2006 5:46:39 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1100
ThreadCreationTime : 14-09-2006 5:46:40 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1200
ThreadCreationTime : 14-09-2006 5:46:40 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1260
ThreadCreationTime : 14-09-2006 5:46:40 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1528
ThreadCreationTime : 14-09-2006 5:46:41 AM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1928
ThreadCreationTime : 14-09-2006 5:46:47 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:13 [pmsngr.exe]
FilePath : C:\Program Files\iCodecPack\
ProcessID : 188
ThreadCreationTime : 14-09-2006 5:46:54 AM
BasePriority : Normal


Win32.Trojan.Downloader Object Recognized!
Type : Process
Data : pmsngr.exe
TAC Rating : 10
Category : Malware
Comment : pmsngr.exe.dmp
Object : C:\Program Files\iCodecPack\


Warning! Win32.Trojan.Downloader Object found in memory(C:\Program Files\iCodecPack\pmsngr.exe)

"C:\Program Files\iCodecPack\pmsngr.exe"Process terminated successfully
"C:\Program Files\iCodecPack\pmsngr.exe"Process terminated successfully

#:14 [rise.exe]
FilePath : C:\Program Files\Microsoft Games\Rise of Nations\
ProcessID : 1784
ThreadCreationTime : 14-09-2006 5:47:12 AM
BasePriority : Normal
FileVersion : 01.13.04.1801
ProductVersion : 01.13.04.1801
ProductName : Rise of Nations
CompanyName : Big Huge Games, Inc.
FileDescription : Rise of Nations
InternalName : RON Patcher
LegalCopyright : Copyright © 2003 Big Huge Games, Inc. Portions Copyright © 2003 Microsoft Corporation.
OriginalFilename : rise.exe

#:15 [nations.exe]
FilePath : C:\Program Files\Microsoft Games\Rise of Nations\
ProcessID : 1788
ThreadCreationTime : 14-09-2006 5:47:12 AM
BasePriority : Normal
FileVersion : 02.03.11.0302
ProductVersion : 02.03.11.0302
ProductName : Rise of Nations
CompanyName : Big Huge Games, Inc.
FileDescription : Rise of Nations
InternalName : RON
LegalCopyright : Copyright © 2003 Big Huge Games, Inc. Portions Copyright © 2003 Microsoft Corporation.
OriginalFilename : nations.exe

#:16 [~f1d055.tmp]
FilePath : C:\DOCUME~1\Owner\LOCALS~1\Temp\
ProcessID : 1796
ThreadCreationTime : 14-09-2006 5:47:13 AM
BasePriority : Normal


#:17 [avgamsvr.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1840
ThreadCreationTime : 14-09-2006 5:47:16 AM
BasePriority : Normal
FileVersion : 7,1,0,365
ProductVersion : 7.1.0.365
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE

#:18 [avgupsvc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 2000
ThreadCreationTime : 14-09-2006 5:47:16 AM
BasePriority : Normal
FileVersion : 7,1,0,349
ProductVersion : 7.1.0.349
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE

#:19 [guard.exe]
FilePath : C:\Program Files\ewido anti-spyware 4.0\
ProcessID : 2044
ThreadCreationTime : 14-09-2006 5:47:16 AM
BasePriority : Normal
FileVersion : 4, 0, 0, 172
ProductVersion : 4, 0, 0, 172
ProductName : ewido anti-spyware
CompanyName : Anti-Malware Development a.s.
FileDescription : ewido anti-spyware guard
InternalName : ewido anti-spywareguard
LegalCopyright : Copyright © 2005 Anti-Malware Development a.s.
OriginalFilename : guard.exe

#:20 [nvsvc32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 164
ThreadCreationTime : 14-09-2006 5:47:16 AM
BasePriority : Normal
FileVersion : 6.14.10.9131
ProductVersion : 6.14.10.9131
ProductName : NVIDIA Driver Helper Service, Version 91.31
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 91.31
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:21 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 324
ThreadCreationTime : 14-09-2006 5:47:16 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:22 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 400
ThreadCreationTime : 14-09-2006 5:47:16 AM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:23 [symwsc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\Security Center\
ProcessID : 620
ThreadCreationTime : 14-09-2006 5:47:17 AM
BasePriority : Normal
FileVersion : 2005.1.00.111
ProductVersion : 2005.1
ProductName : Norton Security Center
CompanyName : Symantec Corporation
FileDescription : Norton Security Center Service
InternalName : SymWSC.exe
LegalCopyright : Copyright © 1997-2004 Symantec Corporation
OriginalFilename : SymWSC.exe

#:24 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1332
ThreadCreationTime : 14-09-2006 5:47:24 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:25 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3864
ThreadCreationTime : 14-09-2006 8:34:13 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:26 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1972
ThreadCreationTime : 14-09-2006 8:39:29 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:27 [wuauclt.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3796
ThreadCreationTime : 14-09-2006 11:35:22 AM
BasePriority : Normal
FileVersion : 5.8.0.2469 built by: lab01_n(wmbla)
ProductVersion : 5.8.0.2469
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe

#:28 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 1480
ThreadCreationTime : 14-09-2006 11:38:37 AM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 53


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adware.Pop Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca}

Adware.Pop Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe}

Adware.Pop Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1}

Search Relevancy Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{300fa067-9b94-45cf-a30b-cb5221eeb0c3}

Search Relevancy Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{65a6bb6d-78d0-4e0a-824d-2de1e0d154af}

WindUpdates Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\mediagateway.exe

VX2 Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{3fa866ac-40d7-4fe6-babf-78ee854a4325}

VX2 Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a42c0ef4-1c76-43cc-989f-eadc7e4b755d}

SpySpotter Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1196681160-2767934328-3952483597-1003\software\vb and vba program settings\spyspotter

CoolWebSearch Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment : "{0E1230F8-EA50-42A9-983C-D22ABC2EED3B}"
Rootkey : HKEY_USERS
Object : S-1-5-21-1196681160-2767934328-3952483597-1003\software\microsoft\internet explorer\toolbar\webbrowser
Value : {0E1230F8-EA50-42A9-983C-D22ABC2EED3B}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 10
Objects found so far: 63


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Possible Browser Hijack attempt Object Recognized!
Type : Regkey
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\NaverToolbar "http://toolbar.naver.com"
TAC Rating : 10
Category : Malware
Comment : (http://toolbar.naver.com)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\NaverToolbar

Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\NaverToolbar "http://toolbar.naver.com"
TAC Rating : 10
Category : Malware
Comment : (http://toolbar.naver.com)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\NaverToolbar
Value : DisplayName

Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\NaverToolbar "http://toolbar.naver.com"
TAC Rating : 10
Category : Malware
Comment : (http://toolbar.naver.com)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\NaverToolbar
Value : HelpLink

Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\NaverToolbar "http://toolbar.naver.com"
TAC Rating : 10
Category : Malware
Comment : (http://toolbar.naver.com)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\NaverToolbar
Value : Publisher

Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\NaverToolbar "http://toolbar.naver.com"
TAC Rating : 10
Category : Malware
Comment : (http://toolbar.naver.com)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\NaverToolbar
Value : UninstallString

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 5
Objects found so far: 68


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@tripod[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:owner@tripod.com/
Expires : 13-09-2007 4:15:14 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@bs.serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:owner@bs.serving-sys.com/
Expires : 1-01-2038 8:00:00 AM
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@media.fastclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:owner@media.fastclick.net/
Expires : 15-09-2006 6:51:16 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:owner@realmedia.com/
Expires : 1-01-2021 10:00:00 AM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@statcounter[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:owner@statcounter.com/
Expires : 12-09-2011 3:52:10 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@2o7[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:13
Value : Cookie:owner@2o7.net/
Expires : 12-09-2011 3:53:32 PM
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@fastclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:48
Value : Cookie:owner@fastclick.net/
Expires : 13-09-2008 7:08:02 PM
LastSync : Hits:48
UseCount : 0
Hits : 48

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@as-us.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:54
Value : Cookie:owner@as-us.falkag.net/
Expires : 14-09-2007 7:08:00 PM
LastSync : Hits:54
UseCount : 0
Hits : 54

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@overture[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:owner@overture.com/
Expires : 11-09-2016 8:26:44 PM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@perf.overture[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:owner@perf.overture.com/
Expires : 12-09-2010 4:09:40 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@serving-sys[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:77
Value : Cookie:owner@serving-sys.com/
Expires : 1-01-2038 8:00:00 AM
LastSync : Hits:77
UseCount : 0
Hits : 77

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 11
Objects found so far: 79



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : lachlan@tripod[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Lachlan\Cookies\lachlan@tripod[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : lachlan@xml.bravenetmedianetwork[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Lachlan\Cookies\lachlan@xml.bravenetmedianetwork[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nikki@adrevolver[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Nikki\Cookies\nikki@adrevolver[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nikki@adserver.adreactor[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Nikki\Cookies\nikki@adserver.adreactor[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nikki@domainsponsor[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Nikki\Cookies\nikki@domainsponsor[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nikki@landing.domainsponsor[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Nikki\Cookies\nikki@landing.domainsponsor[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nikki@maxserving[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Nikki\Cookies\nikki@maxserving[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : nikki@realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Nikki\Cookies\nikki@realmedia[2].txt

Coulomb Dialer Object Recognized!
Type : File
Data : Groove.x32
TAC Rating : 5
Category : Dialer
Comment :
Object : C:\Documents and Settings\Owner\Application Data\Macromedia\Shockwave Player\xtras\download\TheGrooveAlliance\3DGrooveXtrav181\
FileVersion : 1, 8, 1, 0
ProductVersion : 1, 8, 1, 0
ProductName : GROOVE
FileDescription : GROOVE
InternalName : GROOVE
LegalCopyright : Copyright 2001
OriginalFilename : GROOVE.x32
Euan
Sep 14 2006, 03:14 PM
Here is the second half of my log file

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@ads.addynamix[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@ads.addynamix[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@ads.pointroll[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@ads.pointroll[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@ads.track[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@ads.track[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@adtech[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@advertising[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@as-us.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@as-us.falkag[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@atdmt[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@casalemedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@casalemedia[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@counter.hitslink[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@counter.hitslink[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@counter1.sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@counter1.sextracker[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@counter15.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@counter15.sextracker[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@counter16.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@counter16.sextracker[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@counter5.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@counter5.sextracker[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@counter9.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@counter9.sextracker[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@cs.sexcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@cs.sexcounter[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@edge.ru4[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@edge.ru4[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@ehg-metainterfacesllc.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@ehg-metainterfacesllc.hitbox[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@estat[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@estat[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@fastclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@fastclick[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@hg1.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@hg1.hitbox[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@hitbox[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@hotlog[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@hotlog[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@landing.domainsponsor[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@landing.domainsponsor[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@list[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@list[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@mediaplex[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@overture[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@overture[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@paycounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@paycounter[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@questionmarket[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@questionmarket[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@realmedia[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@sexlist[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@sexlist[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@sextracker[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@stat.onestat[2].txt
TAC Rating : 3
Category : Data Miner
Comment : www.searchtraffic.com
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@stat.onestat[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@statcounter[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@statcounter[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@statse.webtrendslive[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@statse.webtrendslive[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@test.coremetrics[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@test.coremetrics[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@tradedoubler[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@tradedoubler[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@tribalfusion[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@tribalfusion[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@tripod[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@tripod[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@vad.mainentrypoint[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@vad.mainentrypoint[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@xxxcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@xxxcounter[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : the all mighty corey@zedo[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\The All Mighty COREY\Cookies\the all mighty corey@zedo[1].txt

Search Relevancy Object Recognized!
Type : File
Data : SearchRelevant.xml
TAC Rating : 5
Category : Misc
Comment :
Object : C:\Program Files\SearchRelevant\



Search Relevancy Object Recognized!
Type : File
Data : uninstall.exe
TAC Rating : 5
Category : Misc
Comment :
Object : C:\Program Files\SearchRelevant\



Zango Object Recognized!
Type : File
Data : A0202207.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{DC206A7E-AC67-4C3F-AC42-580132BE718D}\RP436\
FileVersion : 8.5.63.0
ProductVersion : 8.5.63.0
ProductName : Zango
CompanyName : 180solutions, Inc.
FileDescription : Zango
InternalName : ClientHook
LegalCopyright : Copyright © 2005, 180solutions Inc.
OriginalFilename : ClientHook.dll


Zango Object Recognized!
Type : File
Data : A0202527.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{DC206A7E-AC67-4C3F-AC42-580132BE718D}\RP444\
FileVersion : 8.5.63.0
ProductVersion : 8.5.63.0
ProductName : Zango
CompanyName : 180solutions, Inc.
FileDescription : Zango
InternalName : ClientHook
LegalCopyright : Copyright © 2005, 180solutions Inc.
OriginalFilename : ClientHook.dll


Zango Object Recognized!
Type : File
Data : A0210522.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{DC206A7E-AC67-4C3F-AC42-580132BE718D}\RP461\
FileVersion : 1.0.0.1
ProductVersion : 1.0.0.1
ProductName : Zango Toolbar
CompanyName : Zango
FileDescription : Zango Toolbar lets you search directly from a browser toolbar
InternalName : Zango Toolbar.dll
LegalCopyright : © Zango. All rights reserved.
OriginalFilename : Zango Toolbar.dll


Zango Object Recognized!
Type : File
Data : A0211219.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{DC206A7E-AC67-4C3F-AC42-580132BE718D}\RP463\
FileVersion : 8.5.63.0
ProductVersion : 8.5.63.0
ProductName : Zango
CompanyName : 180solutions, Inc.
FileDescription : Zango
InternalName : ClientHook
LegalCopyright : Copyright © 2005, 180solutions Inc.
OriginalFilename : ClientHook.dll


Zango Object Recognized!
Type : File
Data : A0211509.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{DC206A7E-AC67-4C3F-AC42-580132BE718D}\RP466\
FileVersion : 1.0.0.1
ProductVersion : 1.0.0.1
ProductName : Zango Toolbar
CompanyName : Zango
FileDescription : Zango Toolbar lets you search directly from a browser toolbar
InternalName : Zango Toolbar.dll
LegalCopyright : © Zango. All rights reserved.
OriginalFilename : Zango Toolbar.dll


Zango Object Recognized!
Type : File
Data : A0211512.dll
TAC Rating : 6
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{DC206A7E-AC67-4C3F-AC42-580132BE718D}\RP466\
FileVersion : 8.5.63.0
ProductVersion : 8.5.63.0
ProductName : Zango
CompanyName : 180solutions, Inc.
FileDescription : Zango
InternalName : ClientHook
LegalCopyright : Copyright © 2005, 180solutions Inc.
OriginalFilename : ClientHook.dll


Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 138


Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 138


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 138




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Win32.Trojan.Downloader Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\activedesktop

Win32.Trojan.Downloader Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\activedesktop
Value : NoComponents

Win32.Trojan.Downloader Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\activedesktop
Value : NoDeletingComponents

Win32.Trojan.Downloader Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\activedesktop
Value : NoEditingComponents

Win32.Trojan.Downloader Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\activedesktop
Value : NoCloseDragDropBands

Win32.Trojan.Downloader Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\activedesktop
Value : NoMovingBands

Win32.Trojan.Downloader Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\activedesktop
Value : NoHTMLWallPaper

Win32.Trojan.Downloader Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\activedesktop
Value : NoChangingWallPaper

Adware.Pop Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : popcaploader.popcaploaderctrl2

Adware.Pop Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : popcaploader.popcaploaderctrl2.1

Search Relevancy Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : updater.bho

WindUpdates Object Recognized!
Type : RegData
Data : no
TAC Rating : 8
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main
Value : Error Dlg Details Pane Open
Data : no

WindUpdates Object Recognized!
Type : Folder
TAC Rating : 8
Category : Malware
Comment : WindUpdates
Object : C:\Program Files\Windows AdControl

VX2 Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\vendor\xml

VX2 Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\vendor

VX2 Object Recognized!
Type : File
Data : localNrd.inf
TAC Rating : 10
Category : Malware
Comment :
Object : C:\WINDOWS\inf\



SpySpotter Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tabdlg.sstab

SpySpotter Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tabdlg.sstab.1

CoolWebSearch Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main
Value : Use Custom Search URL

CoolWebSearch Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main
Value : Enable Browser Extensions

CoolWebSearch Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main
Value : Search Bar

CoolWebSearch Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\new windows
Value : PopupMgr

CoolWebSearch Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\search\searchproperties\en-us
Value : SingleProvider

CoolWebSearch Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\system
Value : NoDispBackgroundPage

CoolWebSearch Object Recognized!
Type : RegData
Data : about:blank
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\main
Value : Start Page
Data : about:blank

CoolWebSearch Object Recognized!
Type : Folder
TAC Rating : 10
Category : Malware
Comment : CoolWebSearch
Object : C:\Documents and Settings\Owner\application data\SBSoft

CoolWebSearch Object Recognized!
Type : File
Data : barlinks.ini
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : dating.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : dating1.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : desk.ini
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : finance.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : gambling.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : home.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : hot.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : kliksrch.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : links.ini
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : mortgages.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : pharmaci.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : pharmacy.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : poker.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : privacy1.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : realest.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : search.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : sport.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : spyware.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : switch.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : toolbar.ini
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\



CoolWebSearch Object Recognized!
Type : File
Data : travel1.ico
TAC Rating : 10
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner\application data\sbsoft\

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 48
Objects found so far: 186

10:08:48 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:29:32.484
Objects scanned:293274
Objects identified:134
Objects ignored:0
New critical objects:134
LS CalamityJane
Sep 19 2006, 10:52 PM
*Bump*

I think Ad Astra may have missed your last reply. We had some problems with the forum software that helpers were not getting notices of replies to threads they were helping in. This should now reach him smile.gif
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2010 Invision Power Services, Inc.