Help - Search - Members - Calendar
Full Version: Pop-Up 'System Alert!'
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Resolved/Inactive General Support Issues
G_Mach234
Mar 2 2007, 03:09 PM
wink.gif Its a bit of a blurr now, coz ive been off the ocmputer now, but im getting a 'System Alert!' pop-up stating; that i have a number of spyware applications that may impact the performance on the computer,
and when clicked, takes me to a link about and to download spydawn~ which was on my computer for a brief while, along with some other security programs, unsure, i tried scanning with my original scanner, sophos, which didnt work, but thats not a problem at the moment, i ended up deleting the strange new programs including spydawn, then the pop up started appearing, ive restored pretty much everything back to normal, cept for that pop-up. mad.gif

HiJackThis log; full scan; mellow.gif


Logfile of HijackThis v1.99.1
Scan saved at 13:34:08, on 02/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\AGEIA Technologies\TrayIcon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\spywarebegone\SpywareBeGone.exe
C:\Program Files\Sophos\AutoUpdate\ALMon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\DELL\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www1.euro.dell.com/content/default....;l=en&s=gen
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Encarta Web Companion Helper Object - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Encarta Web Companion - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Spyware Begone] "C:\spywarebegone\SpywareBeGone.exe" -FastScan
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\DELL\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/200612...ex/qtplugin.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows...ggPublisher.exe
O16 - DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} (BewitchedGameClass Control) - http://download.games.yahoo.com/games/web_...itched/main.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedownlo...GPlugin9USA.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_...aploader_v6.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: didynamia - {8329660f-e248-4872-98cc-fb9c4fec7ba8} - C:\WINDOWS\system32\xkrdk.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sophos Anti-Virus status reporter (SAVAdminService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
O23 - Service: Sophos Anti-Virus (SAVService) - Sophos Plc - C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe
O23 - Service: Sophos AutoUpdate Service - Sophos Plc - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
G_Mach234
Mar 2 2007, 03:14 PM
and,
Ad-Aware SE Personal log; full scan (+ low risk files) mellow.gif




Ad-Aware SE Build 1.06r1
Logfile Created on:02 March 2007 13:36:27
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R155 26.02.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):35 total references
Possible Browser Hijack attempt(TAC index:3):8 total references
SpyDawn(TAC index:3):18 total references
Starware Toolbar(TAC index:5):4 total references
Tracking Cookie(TAC index:3):75 total references
Win32.Trojandownloader.Zlob(TAC index:10):18 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


02-03-2007 13:36:27 - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\DELL\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\DELL\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\office\10.0\common\open find\microsoft powerpoint\settings\insert picture\file name mru
Description : list of recent pictured inserted in microsoft powerpoint


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\office\10.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\office\10.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\office\10.0\excel\recent files
Description : list of recent files used by microsoft excel


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-1630991506-1555798824-406382136-1006\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 556
ThreadCreationTime : 02-03-2007 12:54:24
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 608
ThreadCreationTime : 02-03-2007 12:54:25
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 632
ThreadCreationTime : 02-03-2007 12:54:26
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 676
ThreadCreationTime : 02-03-2007 12:54:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 688
ThreadCreationTime : 02-03-2007 12:54:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 856
ThreadCreationTime : 02-03-2007 12:54:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 932
ThreadCreationTime : 02-03-2007 12:54:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1028
ThreadCreationTime : 02-03-2007 12:54:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [savservice.exe]
FilePath : C:\Program Files\Sophos\Sophos Anti-Virus\
ProcessID : 1076
ThreadCreationTime : 02-03-2007 12:54:27
BasePriority : Normal
FileVersion : 1.0.0.1060
ProductVersion : 6.0.6
ProductName : Sophos Anti-Virus
CompanyName : Sophos Plc
FileDescription : Performs virus scanning and disinfection functions
InternalName : Infrastructure.dll
LegalCopyright : © 1989-2006 Sophos Plc, www.sophos.com
OriginalFilename : Infrastructure.dll

#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1292
ThreadCreationTime : 02-03-2007 12:54:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1400
ThreadCreationTime : 02-03-2007 12:54:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:12 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1444
ThreadCreationTime : 02-03-2007 12:54:28
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:13 [vsmon.exe]
FilePath : C:\WINDOWS\system32\ZoneLabs\
ProcessID : 1456
ThreadCreationTime : 02-03-2007 12:54:28
BasePriority : Normal
FileVersion : 6.5.737.000
ProductVersion : 6.5.737.000
ProductName : TrueVector Service
CompanyName : Zone Labs, LLC
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2006, Zone Labs, LLC
OriginalFilename : vsmon.exe

#:14 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1816
ThreadCreationTime : 02-03-2007 12:54:32
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:15 [atkkbservice.exe]
FilePath : C:\WINDOWS\
ProcessID : 1992
ThreadCreationTime : 02-03-2007 12:54:38
BasePriority : Normal
FileVersion : 1, 0, 1, 0
ProductVersion : 1, 0, 1, 0
ProductName : ASUS Keyboard Service
CompanyName : ASUSTeK COMPUTER INC.
FileDescription : ASUS Keyboard Service
InternalName : ATKKBService
LegalCopyright : Copyright © 2004 @ASUSTeK COMPUTER INC.
OriginalFilename : ATKKBService.exe

#:16 [sqlservr.exe]
FilePath : C:\Program Files\Microsoft SQL Server\MSSQL\Binn\
ProcessID : 2036
ThreadCreationTime : 02-03-2007 12:54:38
BasePriority : Normal
FileVersion : 2000.080.0194.00
ProductVersion : 8.00.194
ProductName : Microsoft SQL Server
CompanyName : Microsoft Corporation
FileDescription : SQL Server Windows NT
InternalName : SQLSERVR
LegalCopyright : © 1988-2000 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation. Windows™ is a trademark of Microsoft Corporation
OriginalFilename : SQLSERVR.EXE
Comments : NT INTEL X86

#:17 [nvsvc32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 188
ThreadCreationTime : 02-03-2007 12:54:41
BasePriority : Normal
FileVersion : 6.14.10.9147
ProductVersion : 6.14.10.9147
ProductName : NVIDIA Driver Helper Service, Version 91.47
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 91.47
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:18 [savadminservice.exe]
FilePath : C:\Program Files\Sophos\Sophos Anti-Virus\
ProcessID : 212
ThreadCreationTime : 02-03-2007 12:54:41
BasePriority : Normal
FileVersion : 1.0.0.1060
ProductVersion : 6.0.6
ProductName : Sophos Anti-Virus
CompanyName : Sophos Plc
FileDescription : Sophos Administrator Service
InternalName : SavAdminService.exe
LegalCopyright : © 1989-2006 Sophos Plc, www.sophos.com
OriginalFilename : SavAdminService.exe

#:19 [alsvc.exe]
FilePath : C:\Program Files\Sophos\AutoUpdate\
ProcessID : 248
ThreadCreationTime : 02-03-2007 12:54:41
BasePriority : Normal
FileVersion : 3.7.18.129
ProductVersion : 2.1.1
ProductName : Sophos AutoUpdate
CompanyName : Sophos Plc
FileDescription : Sophos AutoUpdate Service.
InternalName : ALSvc.exe
LegalCopyright : © 2003-2006 Sophos Plc, www.sophos.com
OriginalFilename : ALSvc.exe

#:20 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 308
ThreadCreationTime : 02-03-2007 12:54:41
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:21 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 144
ThreadCreationTime : 02-03-2007 12:54:44
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:22 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.5.0_10\bin\
ProcessID : 360
ThreadCreationTime : 02-03-2007 12:54:46
BasePriority : Normal


#:23 [stsystra.exe]
FilePath : C:\WINDOWS\
ProcessID : 1968
ThreadCreationTime : 02-03-2007 12:54:46
BasePriority : Normal
FileVersion : 1.0.5143.0 nd491 cp1
ProductVersion : 1.0.5143.0 nd491 cp1
ProductName : C-Major Audio
CompanyName : SigmaTel, Inc.
FileDescription : Sigmatel Audio system tray application
InternalName : stsystray.exe
LegalCopyright : Copyright © 2004-2006, SigmaTel, Inc.
OriginalFilename : stsystray.exe

#:24 [dmxlauncher.exe]
FilePath : C:\Program Files\Dell\Media Experience\
ProcessID : 1652
ThreadCreationTime : 02-03-2007 12:54:46
BasePriority : Normal


#:25 [issch.exe]
FilePath : C:\Program Files\Common Files\InstallShield\UpdateService\
ProcessID : 2064
ThreadCreationTime : 02-03-2007 12:54:46
BasePriority : Normal
FileVersion : 4, 50, 100, 33433
ProductVersion : 4, 50
ProductName : InstallShield Update Service
CompanyName : InstallShield Software Corporation
FileDescription : InstallShield Update Service Scheduler
InternalName : Scheduler
LegalCopyright : Copyright © 1990-2004 InstallShield Software Corporation
OriginalFilename : issch.exe

#:26 [dlactrlw.exe]
FilePath : C:\WINDOWS\System32\DLA\
ProcessID : 2076
ThreadCreationTime : 02-03-2007 12:54:46
BasePriority : Normal
FileVersion : 5.20.08a
CompanyName : Sonic Solutions
FileDescription : Drive Letter Access Component
LegalCopyright : Copyright © 2004 Sonic Solutions

#:27 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2104
ThreadCreationTime : 02-03-2007 12:54:46
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE

#:28 [zlclient.exe]
FilePath : C:\Program Files\Zone Labs\ZoneAlarm\
ProcessID : 2136
ThreadCreationTime : 02-03-2007 12:54:46
BasePriority : Normal
FileVersion : 6.5.737.000
ProductVersion : 6.5.737.000
ProductName : Zone Labs Client
CompanyName : Zone Labs, LLC
FileDescription : Zone Labs Client
InternalName : zlclient
LegalCopyright : Copyright © 1998-2006, Zone Labs, LLC
OriginalFilename : zlclient.exe

#:29 [trayicon.exe]
FilePath : C:\Program Files\AGEIA Technologies\
ProcessID : 2144
ThreadCreationTime : 02-03-2007 12:54:46
BasePriority : Normal


#:30 [ituneshelper.exe]
FilePath : C:\Program Files\iTunes\
ProcessID : 2164
ThreadCreationTime : 02-03-2007 12:54:46
BasePriority : Normal
FileVersion : 7.0.2.16
ProductVersion : 7.0.2.16
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe

#:31 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 2208
ThreadCreationTime : 02-03-2007 12:54:46
BasePriority : Normal
FileVersion : 7.1.5a38
ProductVersion : QuickTime 7.1.5a38
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
FileDescription : QuickTime Task
InternalName : QuickTime Task
LegalCopyright : Copyright Apple Computer, Inc. 1989-2007
OriginalFilename : QTTask.exe

#:32 [dsagnt.exe]
FilePath : C:\Program Files\Dell Support\
ProcessID : 2240
ThreadCreationTime : 02-03-2007 12:54:47
BasePriority : Below Normal
FileVersion : 2, 1, 3, 173
ProductVersion : 2, 1, 3, 173
ProductName : Dell Support
CompanyName : Gteko Ltd.
FileDescription : Dell Support
InternalName : AUAgent
LegalCopyright : Copyright © 2000 - 2006 Gteko Ltd.
OriginalFilename : AUAgent.exe

#:33 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2276
ThreadCreationTime : 02-03-2007 12:54:47
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:34 [googletoolbarnotifier.exe]
FilePath : C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\
ProcessID : 2300
ThreadCreationTime : 02-03-2007 12:54:47
BasePriority : Normal
FileVersion : 1, 2, 908, 5008
ProductVersion : 1, 2, 908, 5008
ProductName : GoogleToolbarNotifier
CompanyName : Google Inc.
FileDescription : GoogleToolbarNotifier
LegalCopyright : Copyright © 2005-2006
OriginalFilename : GoogleToolbarNotifier.exe

#:35 [spywarebegone.exe]
FilePath : C:\spywarebegone\
ProcessID : 2332
ThreadCreationTime : 02-03-2007 12:54:47
BasePriority : Normal
FileVersion : 9.20.1.2
ProductVersion : Version 9
ProductName : Spyware BeGone!
CompanyName : MicroSmarts LLC.
FileDescription : Locate Spies and Adware Then Clean It.
InternalName : Spyware BeGone!
LegalCopyright : MicroSmarts LLC.
LegalTrademarks : Spyware BeGone!
OriginalFilename : SpywareBeGone.exe
Comments : Program By Tarek Hussein.

#:36 [almon.exe]
FilePath : C:\Program Files\Sophos\AutoUpdate\
ProcessID : 2604
ThreadCreationTime : 02-03-2007 12:54:49
BasePriority : Normal
FileVersion : 3.8.49.127
ProductVersion : 2.1.0
ProductName : Sophos AutoUpdate
CompanyName : Sophos Plc
FileDescription : Component to show AutoUpdate's GUI elements.
InternalName : ALMon.exe
LegalCopyright : © 2003-2006 Sophos Plc, www.sophos.com
OriginalFilename : ALMon.exe

#:37 [ipodservice.exe]
FilePath : C:\Program Files\iPod\bin\
ProcessID : 2628
ThreadCreationTime : 02-03-2007 12:54:49
BasePriority : Normal
FileVersion : 7.0.2.16
ProductVersion : 7.0.2.16
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:38 [sqlmangr.exe]
FilePath : C:\Program Files\Microsoft SQL Server\80\Tools\Binn\
ProcessID : 2656
ThreadCreationTime : 02-03-2007 12:54:50
BasePriority : Normal
FileVersion : 2000.080.0194.00
ProductVersion : 8.00.194
ProductName : Microsoft SQL Server
CompanyName : Microsoft Corporation
FileDescription : SQL Server Service Manager
InternalName : SQLMANGR
LegalCopyright : © 1988-2000 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation. Windows™ is a trademark of Microsoft Corporation
OriginalFilename : SQLMANGR.exe
Comments : NT INTEL X86

#:39 [itunes.exe]
FilePath : C:\Program Files\iTunes\
ProcessID : 3936
ThreadCreationTime : 02-03-2007 13:07:45
BasePriority : Normal
FileVersion : 7.0.2.16
ProductVersion : 7.0.2.16
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunes
InternalName : iTunes
LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunes.exe

#:40 [lastfm.exe]
FilePath : C:\Program Files\Last.fm\
ProcessID : 2472
ThreadCreationTime : 02-03-2007 13:07:49
BasePriority : Normal


#:41 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 1152
ThreadCreationTime : 02-03-2007 13:27:07
BasePriority : Normal
FileVersion : 7.00.6000.16414 (vista_gdr.070108-1520)
ProductVersion : 7.00.6000.16414
ProductName : Windows® Internet Explorer
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:42 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2688
ThreadCreationTime : 02-03-2007 13:35:45
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 35


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{189518df-7eba-4d31-a7e1-73b5bb60e8d5}

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{23d627fe-3f02-44cf-9ee1-7b9e44bd9e13}

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{43cfefbe-8ae4-400e-bbe4-a2b61bb140fb}

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{5790b963-23c5-43c1-bcf5-01c9b5a3e44e}

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{5d42ddf4-81eb-4668-9951-819a1d5befc8}

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{76d06077-d5d3-40ca-b32d-6a67a7ff3f06}

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{86c7e6c3-ec47-44e5-aa08-ee0d0a25895f}

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{9283dac1-43f5-4580-bf86-841f22af2335}

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{ae90cafc-09d4-47f0-9e11-ce621c424f08}

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{ba397e39-f67f-423f-bc6e-65939450093a}

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{bec8a83d-01d4-4f15-b8a9-4b4ab24253a7}

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{c4eedc19-992d-409a-b323-ed57d511afa5}

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{dd90f677-d205-4f70-9014-659614aabcb2}

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{e3df91f3-f24f-441e-9001-d61f36024322}

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{f459eadb-5903-48d5-864c-2b7b46ab1424}

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{fc4edf66-0547-4f1a-ae96-7cfcad711c90}

Starware Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{45a4902e-4479-4eae-a186-8d0f7e4c78de}

Starware Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Adware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{9a7d6ad2-0881-451f-bb27-f5e2ee2c5b14}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{84938242-5c5b-4a55-b6b9-a1507543b418}

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{67982bb7-0f95-44c5-92dc-e3af3dc19d6d}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 20
Objects found so far: 55


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Possible Browser Hijack attempt Object Recognized!
Type : Regkey
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Super TextTwist "http://www.gamehouse.com/"
TAC Rating : 10
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Super TextTwist

Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Super TextTwist "http://www.gamehouse.com/"
TAC Rating : 10
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Super TextTwist
Value : UninstallString

Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Super TextTwist "http://www.gamehouse.com/"
TAC Rating : 10
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Super TextTwist
Value : HelpLink

Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Super TextTwist "http://www.gamehouse.com/"
TAC Rating : 10
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Super TextTwist
Value : Publisher

Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Super TextTwist "http://www.gamehouse.com/"
TAC Rating : 10
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Super TextTwist
Value : URLInfoAbout

Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Super TextTwist "http://www.gamehouse.com/"
TAC Rating : 10
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Super TextTwist
Value : Contact

Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Super TextTwist "http://www.gamehouse.com/"
TAC Rating : 10
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Super TextTwist
Value : Comments

Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data : Software\Microsoft\Windows\CurrentVersion\Uninstall\Super TextTwist "http://www.gamehouse.com/"
TAC Rating : 10
Category : Malware
Comment : (http://www.gamehouse.com/)
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\Super TextTwist
Value : DisplayIcon

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 8
Objects found so far: 63

Win32.Trojandownloader.Zlob Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1630991506-1555798824-406382136-1006\software\microsoft\internet explorer\toolbar\Webbrowser
Value : {84938242-5c5b-4a55-b6b9-a1507543b418}


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@zedo[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:dell@zedo.com/
Expires : 27-02-2017 13:26:10
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@ads.pointroll[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:dell@ads.pointroll.com/
Expires : 01-01-2010
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@ad.yieldmanager[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:343
Value : Cookie:dell@ad.yieldmanager.com/
Expires : 14-08-2017
LastSync : Hits:343
UseCount : 0
Hits : 343

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@adopt.euroclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:dell@adopt.euroclick.com/
Expires : 25-02-2017 19:18:44
LastSync : Hits:2
UseCount : 0
Hits : 2
G_Mach234
Mar 2 2007, 03:15 PM
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@counter9.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:dell@counter9.sextracker.com/
Expires : 22-02-2007 08:46:52
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@perf.overture[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:dell@perf.overture.com/
Expires : 31-01-2011 19:57:16
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@videoegg.adbureau[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:22
Value : Cookie:dell@videoegg.adbureau.net/
Expires : 28-02-2008
LastSync : Hits:22
UseCount : 0
Hits : 22

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@media.adrevolver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:dell@media.adrevolver.com/adrevolver/
Expires : 18-11-2009 07:28:08
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@counter12.sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:dell@counter12.sextracker.com/
Expires : 01-03-2007 08:49:18
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@content.ipro[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:dell@content.ipro.com/
Expires : 12-02-2012 14:44:58
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@insightexpressai[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:12
Value : Cookie:dell@insightexpressai.com/
Expires : 20-02-2012 22:07:16
LastSync : Hits:12
UseCount : 0
Hits : 12

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@tribalfusion[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:31
Value : Cookie:dell@tribalfusion.com/
Expires : 29-02-2008 13:01:30
LastSync : Hits:31
UseCount : 0
Hits : 31

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@stat.onestat[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:dell@stat.onestat.com/
Expires : 25-02-2017
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@overture[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:dell@overture.com/
Expires : 26-02-2017 12:47:20
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:15
Value : Cookie:dell@hitbox.com/
Expires : 29-02-2008 12:50:26
LastSync : Hits:15
UseCount : 0
Hits : 15

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@fortunecity[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:dell@fortunecity.com/
Expires : 01-01-2021
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@about[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:18
Value : Cookie:dell@about.com/
Expires : 01-01-1601
LastSync : Hits:18
UseCount : 0
Hits : 18

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@xxxcounter[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:dell@xxxcounter.com/
Expires : 01-11-2007 16:31:38
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@casalemedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:34
Value : Cookie:dell@casalemedia.com/
Expires : 20-02-2008 18:47:42
LastSync : Hits:34
UseCount : 0
Hits : 34

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@revsci[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:dell@revsci.net/
Expires : 25-02-2027 13:00:44
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@clickbank[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:dell@clickbank.net/
Expires : 03-08-2007 20:42:16
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@tacoda[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:40
Value : Cookie:dell@tacoda.net/
Expires : 24-02-2008 22:37:34
LastSync : Hits:40
UseCount : 0
Hits : 40

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@citi.bridgetrack[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:dell@citi.bridgetrack.com/
Expires : 07-02-2008 05:00:00
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@ad.uk.tangozebra[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:dell@ad.uk.tangozebra.com/a
Expires : 01-01-2035
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@advertising[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:25
Value : Cookie:dell@advertising.com/
Expires : 28-02-2012 21:54:58
LastSync : Hits:25
UseCount : 0
Hits : 25

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@adlegend[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:dell@adlegend.com/
Expires : 01-03-2017 06:37:06
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@server.iad.liveperson[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:dell@server.iad.liveperson.net/hc/42100763
Expires : 01-03-2008 12:49:44
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@247realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:dell@247realmedia.com/
Expires : 01-01-2021
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@aerlingus.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:dell@aerlingus.122.2o7.net/
Expires : 01-02-2012 17:12:12
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@metacafe.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:16
Value : Cookie:dell@metacafe.122.2o7.net/
Expires : 03-02-2012 00:56:56
LastSync : Hits:16
UseCount : 0
Hits : 16

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@bs.serving-sys[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:dell@bs.serving-sys.com/
Expires : 31-12-2037 22:00:00
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:dell@atdmt.com/
Expires : 28-02-2012
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@hotlog[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:dell@hotlog.ru/
Expires : 28-02-2008 19:12:12
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@adviva[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:dell@adviva.net/
Expires : 15-01-2012 14:59:34
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@ehg-idgentertainment.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:dell@ehg-idgentertainment.hitbox.com/
Expires : 22-02-2008 19:55:48
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@msnportal.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:dell@msnportal.112.2o7.net/
Expires : 19-02-2012 22:04:20
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@adrevolver[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:dell@adrevolver.com/
Expires : 22-02-2008 06:43:32
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@indexstats[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:44
Value : Cookie:dell@indexstats.com/
Expires : 02-02-2008 17:24:54
LastSync : Hits:44
UseCount : 0
Hits : 44

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@rotator.adjuggler[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:dell@rotator.adjuggler.com/
Expires : 26-02-2017 22:37:02
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@counter8.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:dell@counter8.sextracker.com/
Expires : 01-03-2007 08:39:18
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@revenue[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:dell@revenue.net/
Expires : 10-06-2022 05:05:42
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:152
Value : Cookie:dell@2o7.net/
Expires : 28-02-2012 22:45:26
LastSync : Hits:152
UseCount : 0
Hits : 152

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@ehg-pcsecurityshield.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:dell@ehg-pcsecurityshield.hitbox.com/
Expires : 29-02-2008 12:50:26
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@counter4.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:dell@counter4.sextracker.com/
Expires : 07-02-2007 14:06:06
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@fastclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:dell@fastclick.net/
Expires : 28-02-2009 15:47:28
LastSync : Hits:9
UseCount : 0
Hits : 9

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:dell@adtech.de/
Expires : 26-02-2017 12:45:22
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@ehg-sonycomputer.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:dell@ehg-sonycomputer.hitbox.com/
Expires : 24-04-2007 18:58:14
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@thestreet.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:dell@thestreet.112.2o7.net/
Expires : 20-02-2012 18:03:16
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@ehg-globalgamingleague.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:dell@ehg-globalgamingleague.hitbox.com/
Expires : 23-02-2008 18:54:02
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@trafficmp[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:85
Value : Cookie:dell@trafficmp.com/
Expires : 29-02-2008 16:52:40
LastSync : Hits:85
UseCount : 0
Hits : 85

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:dell@doubleclick.net/
Expires : 28-02-2010 12:45:20
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@questionmarket[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:dell@questionmarket.com/
Expires : 20-04-2008 11:15:36
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@mediaplex[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:dell@mediaplex.com/
Expires : 22-06-2009
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@server.iad.liveperson[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:dell@server.iad.liveperson.net/
Expires : 01-03-2008 12:49:40
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@linksynergy[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:dell@linksynergy.com/
Expires : 26-01-2027 23:43:02
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@bluestreak[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:dell@bluestreak.com/
Expires : 26-02-2017 10:57:06
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@opodo.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:dell@opodo.122.2o7.net/
Expires : 04-02-2012 23:29:42
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@media.fastclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:dell@media.fastclick.net/
Expires : 01-03-2007 16:50:00
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@www.angelfire[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:dell@www.angelfire.com/
Expires : 19-02-2007 21:32:22
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@cz7.clickzs[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:13
Value : Cookie:dell@cz7.clickzs.com/
Expires : 25-02-2008 17:18:12
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@statcounter[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:dell@statcounter.com/
Expires : 28-02-2012 13:52:20
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@gms.adbureau[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:dell@gms.adbureau.net/
Expires : 28-02-2008
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@serving-sys[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:27
Value : Cookie:dell@serving-sys.com/
Expires : 31-12-2037 22:00:00
LastSync : Hits:27
UseCount : 0
Hits : 27

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@pro-market[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:dell@pro-market.net/
Expires : 01-06-2030
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@ehg-zoom.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:dell@ehg-zoom.hitbox.com/
Expires : 21-02-2008 18:08:50
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@adbrite[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:64
Value : Cookie:dell@adbrite.com/
Expires : 29-02-2008 23:48:04
LastSync : Hits:64
UseCount : 0
Hits : 64

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:dell@realmedia.com/
Expires : 01-01-2021
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:dell@sextracker.com/
Expires : 01-03-2007 16:49:18
LastSync : Hits:8
UseCount : 0
Hits : 8

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@sexlist[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:dell@sexlist.com/
Expires : 28-02-2008 22:28:30
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@counter2.hitslink[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:dell@counter2.hitslink.com/
Expires : 18-01-2038 05:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@landing.domainsponsor[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:13
Value : Cookie:dell@landing.domainsponsor.com/
Expires : 23-02-2009 18:05:36
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@ero-advertising[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:dell@ero-advertising.com/
Expires : 26-02-2007 17:09:10
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@trafic[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:dell@trafic.ro/
Expires : 11-01-2037 14:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@tradedoubler[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:dell@tradedoubler.com/
Expires : 24-02-2027 15:54:54
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dell@paycounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:dell@paycounter.com/
Expires : 30-03-2007 16:47:22
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 75
Objects found so far: 139



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 139


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 139




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

SpyDawn Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\spydawn

SpyDawn Object Recognized!
Type : Folder
TAC Rating : 3
Category : Misc
Comment : SpyDawn
Object : C:\Program Files\SpyDawn

Starware Toolbar Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main
Value : Use Custom Search URL

Starware Toolbar Object Recognized!
Type : RegData
Data : no
TAC Rating : 5
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main
Value : Use Search Asst
Data : no

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : vaxobject.chl

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\internet security

Win32.Trojandownloader.Zlob Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\internet security
Value : Path

Win32.Trojandownloader.Zlob Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\internet security
Value : Removable

Win32.Trojandownloader.Zlob Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\internet security
Value : 65003

Win32.Trojandownloader.Zlob Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\internet security
Value : 65005

Win32.Trojandownloader.Zlob Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\internet security
Value : 65007

Win32.Trojandownloader.Zlob Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\internet security
Value : 65006

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\internet security add-on

Win32.Trojandownloader.Zlob Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\internet security add-on
Value : UninstallString

Win32.Trojandownloader.Zlob Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\internet explorer security plugin 2006

Win32.Trojandownloader.Zlob Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\internet explorer security plugin 2006
Value : UninstallString

Win32.Trojandownloader.Zlob Object Recognized!
Type : Folder
TAC Rating : 10
Category : Malware
Comment : Win32.Trojandownloader.Zlob
Object : C:\Program Files\Video Access ActiveX Object

Win32.Trojandownloader.Zlob Object Recognized!
Type : File
Data : Security Troubleshooting.url
TAC Rating : 10
Category : Malware
Comment :
Object : c:\documents and settings\all users\start menu\



Win32.Trojandownloader.Zlob Object Recognized!
Type : File
Data : Online Security Guide.url
TAC Rating : 10
Category : Malware
Comment :
Object : c:\documents and settings\all users\start menu\



Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 19
Objects found so far: 158

13:51:33 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:15:06.657
Objects scanned:223277
Objects identified:123
Objects ignored:0
New critical objects:123




hope thats what u needed, will co-operate to get the job done happy.gif
G_Mach234
Mar 4 2007, 05:02 PM
lkkkjhgfd.... sorry my finger slipped~
Ai_Tak
Mar 9 2007, 05:25 AM
Download http://swandog46.geekstogo.com/avenger.exe to your desktop run avenger.exe from your desktop

copy the bold text below:


FILES TO DELETE:
C:\WINDOWS\system32\xkrdk.dll



then choose "input script manually"

next click on the Magnifying Glass

then paste the bold text you copied in there (ctrl+v) and click done

then click the traffic light button and allow it to reboot your computer.


post the log from C:\avenger.txt then post a new hijackthis log.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2010 Invision Power Services, Inc.