Logfile of HijackThis v1.99.1
Scan saved at 7:42:32 PM, on 1/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Messenger\ypager.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Belkin Wireless\Belkin Wireless Keyboard\MagicKey.exe
C:\Program Files\Belkin Wireless\Belkin Wireless Mouse\MouseAp.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Belkin Wireless\Belkin Wireless Keyboard\OSD.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://news.google.c...hl=en&tab=wn&q=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.0.10:3128
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IPPDetect] C:\PROGRA~1\NewSoft\PRESTO~1.PHO\MrPhoto3\MrPhoto3\IPP4Detect.exe
O4 - HKLM\..\Run: [Smart Start UP] C:\Program Files\NewSoft\Smart Start UP\PnPDetect.exe /Automation
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Enable Belkin Wireless Keyboard Driver.lnk = C:\Program Files\Belkin Wireless\Belkin Wireless Keyboard\MagicKey.exe
O4 - Global Startup: Enable Belkin Wireless Mouse Driver.lnk = C:\Program Files\Belkin Wireless\Belkin Wireless Mouse\MouseAp.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) -
http://help.bellsout...oad/tgctlcm.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.micros...b?1126146856249
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) -
http://zone.msn.com/...mjolauncher.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoft...free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) -
http://cdn2.zone.msn...ro.cab34246.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) -
http://www.windowsec...scan/axscan.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://zone.msn.com/...aploader_v6.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MissDNS logs DNS cache miss hits (Network Monitor) - Unknown owner - C:\Program Files\Network Monitor\MissDNS.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Incident Status Location
Spyware:Cookie/2o7.net Not disinfected C:\Documents and Settings\admin\Cookies\admin@112.2o7[1].txt
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\admin\Cookies\admin@adultfriendfinder[2].txt
Spyware:Cookie/Ask Not disinfected C:\Documents and Settings\admin\Cookies\admin@ask[1].txt
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\admin\Cookies\admin@azjmp[2].txt
Spyware:Cookie/Banner Not disinfected C:\Documents and Settings\admin\Cookies\admin@banner[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\admin\Cookies\admin@belnk[1].txt
Spyware:Cookie/Enhance Not disinfected C:\Documents and Settings\admin\Cookies\admin@c.enhance[1].txt
Spyware:Cookie/GoClick Not disinfected C:\Documents and Settings\admin\Cookies\admin@c.goclick[2].txt
Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\admin\Cookies\admin@ccbill[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\admin\Cookies\admin@dist.belnk[2].txt
Spyware:Cookie/GangbangSquad Not disinfected C:\Documents and Settings\admin\Cookies\admin@gangbangsquad[2].txt
Spyware:Cookie/Gaytrafficbroker Not disinfected C:\Documents and Settings\admin\Cookies\admin@gaytrafficbroker[2].txt
Spyware:Cookie/go Not disinfected C:\Documents and Settings\admin\Cookies\admin@go[2].txt
Spyware:Cookie/MediaTickets Not disinfected C:\Documents and Settings\admin\Cookies\admin@kinghost[1].txt
Spyware:Cookie/Outster Not disinfected C:\Documents and Settings\admin\Cookies\admin@outster[1].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\admin\Cookies\admin@stats1.reliablestats[2].txt
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\admin\Cookies\admin@target[1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\admin\Cookies\admin@toplist[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\admin\Cookies\admin@uol.com[2].txt
Spyware:Cookie/WinFixer Not disinfected C:\Documents and Settings\admin\Cookies\admin@winfixer[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\admin\Cookies\admin@xiti[1].txt
Spyware:Cookie/Yadro Not disinfected C:\Documents and Settings\admin\Cookies\admin@yadro[2].txt
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\admin\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\admin\My Documents\My Received Files\smitRem.exe[Process.exe]
Virus:Trj/Aram.A Disinfected C:\WINDOWS\system32\csndc.exe
Adware:adware/adsmart Not disinfected C:\WINDOWS\system32\vx.tll
Ad-Aware SE Build 1.06r1
Logfile Created on:Friday, January 13, 2006 8:01:50 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R86 11.01.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):29 total references
Tracking Cookie(TAC index:3):102 total references
UnSpyPC(TAC index:6):5 total references
Win32.Backdoor.Agent(TAC index:10):1 total references
Win32.TrojanClicker(TAC index:6):3 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R86 11.01.2006
Internal build : 98
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 580915 Bytes
Total size : 1747823 Bytes
Signature data size : 1713197 Bytes
Reference data size : 34114 Bytes
Signatures total : 48450
CSI Fingerprints total : 1336
CSI data size : 40323 Bytes
Target categories : 15
Target families : 819
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:26 %
Total physical memory:507248 kb
Available physical memory:127628 kb
Total page file size:1186916 kb
Available on page file:858368 kb
Total virtual memory:2097024 kb
Available virtual memory:2042560 kb
OS:Microsoft Windows XP Professional Service Pack 2 (Build 2600)
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Move deleted files to Recycle Bin
Set : Safe mode (always request confirmation)
Set : Don't log streams smaller than 0 Bytes
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
1-13-2006 8:01:50 AM - Scan started. (Full System Scan)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 588
ThreadCreationTime : 1-12-2006 1:43:05 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 656
ThreadCreationTime : 1-12-2006 1:43:06 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 680
ThreadCreationTime : 1-12-2006 1:43:07 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 724
ThreadCreationTime : 1-12-2006 1:43:07 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 736
ThreadCreationTime : 1-12-2006 1:43:07 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 892
ThreadCreationTime : 1-12-2006 1:43:07 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 968
ThreadCreationTime : 1-12-2006 1:43:08 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1064
ThreadCreationTime : 1-12-2006 1:43:08 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1108
ThreadCreationTime : 1-12-2006 1:43:08 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1284
ThreadCreationTime : 1-12-2006 1:43:08 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1540
ThreadCreationTime : 1-12-2006 1:43:09 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:12 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1612
ThreadCreationTime : 1-12-2006 1:43:09 PM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:13 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 1688
ThreadCreationTime : 1-12-2006 1:43:09 PM
BasePriority : Normal
FileVersion : 7.0.3
ProductVersion : QuickTime 7.0.3
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
FileDescription : QuickTime Task
InternalName : QuickTime Task
LegalCopyright : Copyright Apple Computer, Inc. 1989-2005
OriginalFilename : QTTask.exe
#:14 [ashdisp.exe]
FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
ProcessID : 1712
ThreadCreationTime : 1-12-2006 1:43:10 PM
BasePriority : Normal
FileVersion : 4, 6, 739, 0
ProductVersion : 4, 6, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! service GUI component
InternalName : aswDisp
LegalCopyright : Copyright © 2005 ALWIL Software
OriginalFilename : aswDisp.exe
#:15 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1760
ThreadCreationTime : 1-12-2006 1:43:10 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:16 [ypager.exe]
FilePath : C:\Program Files\Yahoo!\Messenger\
ProcessID : 1768
ThreadCreationTime : 1-12-2006 1:43:10 PM
BasePriority : Normal
#:17 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 1776
ThreadCreationTime : 1-12-2006 1:43:10 PM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe
#:18 [magickey.exe]
FilePath : C:\Program Files\Belkin Wireless\Belkin Wireless Keyboard\
ProcessID : 1828
ThreadCreationTime : 1-12-2006 1:43:10 PM
BasePriority : Normal
#:19 [mouseap.exe]
FilePath : C:\Program Files\Belkin Wireless\Belkin Wireless Mouse\
ProcessID : 1836
ThreadCreationTime : 1-12-2006 1:43:10 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : MouseIcon Application
FileDescription : MouseIcon MFC Application
InternalName : MouseIcon
LegalCopyright : Copyright © 2002
OriginalFilename : MouseIcon.EXE
#:20 [hpohmr08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ProcessID : 1844
ThreadCreationTime : 1-12-2006 1:43:10 PM
BasePriority : Normal
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Device Objects
InternalName : HPOHMR08
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPOHMR08.EXE
Comments : HP OfficeJet <Homer> Series COM Device Objects
#:21 [hpotdd01.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ProcessID : 1852
ThreadCreationTime : 1-12-2006 1:43:10 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Hewlett-Packard hpotdd01
CompanyName : Hewlett-Packard
FileDescription : hpotdd01
InternalName : hpotdd01
LegalCopyright : Copyright © 2002
OriginalFilename : hpotdd01.exe
#:22 [hpoevm08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ProcessID : 196
ThreadCreationTime : 1-12-2006 1:43:13 PM
BasePriority : Normal
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet COM Event Manager
InternalName : HPOEVM08
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPOEVM08.EXE
Comments : HP OfficeJet COM Event Manager
#:23 [osd.exe]
FilePath : C:\Program Files\Belkin Wireless\Belkin Wireless Keyboard\
ProcessID : 224
ThreadCreationTime : 1-12-2006 1:43:13 PM
BasePriority : Normal
FileVersion : 2, 0, 0, 0
ProductVersion : 1, 0, 0, 0
ProductName : WAYTECH OSD
CompanyName : WayTech Development, Inc.
FileDescription : OSD
InternalName : OSD
LegalCopyright : ©1998-2000 WayTech Development, Inc.
OriginalFilename : OSD.exe
#:24 [aswupdsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 452
ThreadCreationTime : 1-12-2006 1:43:18 PM
BasePriority : Normal
#:25 [ashserv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 464
ThreadCreationTime : 1-12-2006 1:43:18 PM
BasePriority : High
FileVersion : 4, 6, 739, 0
ProductVersion : 4, 6, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright © 2005 ALWIL Software
OriginalFilename : aswServ.exe
#:26 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\
ProcessID : 528
ThreadCreationTime : 1-12-2006 1:43:18 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe
#:27 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1256
ThreadCreationTime : 1-12-2006 1:43:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:28 [ashmaisv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1672
ThreadCreationTime : 1-12-2006 1:43:23 PM
BasePriority : Normal
#:29 [ashwebsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1944
ThreadCreationTime : 1-12-2006 1:43:23 PM
BasePriority : Normal
#:30 [hposts08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\
ProcessID : 1988
ThreadCreationTime : 1-12-2006 1:43:23 PM
BasePriority : Normal
FileVersion : 4.2.0.020
ProductVersion : 2.4.1.020
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP OfficeJet Status
InternalName : HPOSTS08
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPOSTS08.EXE
Comments : HP OfficeJet Status
#:31 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2392
ThreadCreationTime : 1-12-2006 1:43:24 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:32 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 3544
ThreadCreationTime : 1-13-2006 1:30:23 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
#:33 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 3088
ThreadCreationTime : 1-13-2006 1:43:01 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
#:34 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 3328
ThreadCreationTime : 1-13-2006 1:43:12 PM
BasePriority : Normal
FileVersion : 0.1.0.3427
ProductVersion : 0.1.0.3427
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:35 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 2532
ThreadCreationTime : 1-13-2006 1:43:34 PM
BasePriority : Normal
FileVersion : 7.5.0311
ProductVersion : 7.5.0311
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright © Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe
#:36 [ewidoctrl.exe]
FilePath : C:\Program Files\ewido anti-malware\
ProcessID : 652
ThreadCreationTime : 1-13-2006 1:48:13 PM
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : ewido control
CompanyName : ewido networks
FileDescription : ewido control
InternalName : ewido control
LegalCopyright : Copyright © 2004
OriginalFilename : ewidoctrl.exe
#:37 [hpzipm12.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3188
ThreadCreationTime : 1-13-2006 1:50:23 PM
BasePriority : Normal
FileVersion : 6, 0, 0, 0
ProductVersion : 6, 0, 0, 0
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-Packard Company
OriginalFilename : PmlDrv.exe
#:38 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2948
ThreadCreationTime : 1-13-2006 1:56:59 PM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 29
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 29
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 29
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@centrport[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:17
Value : Cookie:admin@centrport.net/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@cgi-bin[5].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:admin@www2.addfreestats.com/cgi-bin
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@hc2.humanclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:admin@hc2.humanclick.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@casalemedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:60
Value : Cookie:admin@casalemedia.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@counter1.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:18
Value : Cookie:admin@counter1.sextracker.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:459
Value : Cookie:admin@sextracker.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@perf.overture[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:17
Value : Cookie:admin@perf.overture.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@cgi-bin[4].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:admin@www.skeezy.com/cgi-bin/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:193
Value : Cookie:admin@advertising.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@ehg-dig.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:admin@ehg-dig.hitbox.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@hg1.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:admin@hg1.hitbox.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@counter11.sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:22
Value : Cookie:admin@counter11.sextracker.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:243
Value : Cookie:admin@atdmt.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@counter7.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:60
Value : Cookie:admin@counter7.sextracker.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@counter14.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:34
Value : Cookie:admin@counter14.sextracker.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@counter5.sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:admin@counter5.sextracker.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:297
Value : Cookie:admin@doubleclick.net/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@counter16.sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:31
Value : Cookie:admin@counter16.sextracker.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@counter10.sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:30
Value : Cookie:admin@counter10.sextracker.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@phg.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:28
Value : Cookie:admin@phg.hitbox.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@counter3.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:27
Value : Cookie:admin@counter3.sextracker.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@cs.sexcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:327
Value : Cookie:admin@cs.sexcounter.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@ehg-wachovia.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:808
Value : Cookie:admin@ehg-wachovia.hitbox.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@ehg-redherring.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:admin@ehg-redherring.hitbox.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@statcounter[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:224
Value : Cookie:admin@statcounter.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@cgi-bin[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:51
Value : Cookie:admin@www.sindbadbookmarks.com/cgi-bin/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@counter2.sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:23
Value : Cookie:admin@counter2.sextracker.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@questionmarket[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:admin@questionmarket.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@counter4.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:31
Value : Cookie:admin@counter4.sextracker.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@counter13.sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:38
Value : Cookie:admin@counter13.sextracker.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@counter8.sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:45
Value : Cookie:admin@counter8.sextracker.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@as-us.falkag[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:28
Value : Cookie:admin@as-us.falkag.net/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@cgi-bin[3].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:17
Value : Cookie:admin@imrworldwide.com/cgi-bin
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@qksrv[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:admin@qksrv.net/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:736
Value : Cookie:admin@serving-sys.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@xxxcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:60
Value : Cookie:admin@xxxcounter.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@bluestreak[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:58
Value : Cookie:admin@bluestreak.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@counter6.sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:admin@counter6.sextracker.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@web4.realtracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:admin@web4.realtracker.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@fastclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:48
Value : Cookie:admin@fastclick.net/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@edge.ru4[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:45
Value : Cookie:admin@edge.ru4.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@sexlist[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:145
Value : Cookie:admin@sexlist.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@ads.pointroll[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:641
Value : Cookie:admin@ads.pointroll.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@2o7[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:371
Value : Cookie:admin@2o7.net/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@media.fastclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:admin@media.fastclick.net/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:82
Value : Cookie:admin@mediaplex.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@counter.hitslink[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:54
Value : Cookie:admin@counter.hitslink.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@tribalfusion[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:29
Value : Cookie:admin@tribalfusion.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@data.coremetrics[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:admin@data.coremetrics.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@paycounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:18
Value : Cookie:admin@paycounter.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@z1.adserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:57
Value : Cookie:admin@z1.adserver.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@ehg-kodak.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:26
Value : Cookie:admin@ehg-kodak.hitbox.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@cgi-bin[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:admin@verotel.com/cgi-bin/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@bilbo.counted[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:78
Value : Cookie:admin@bilbo.counted.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@zedo[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:184
Value : Cookie:admin@zedo.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@apmebf[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:admin@apmebf.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@overstock[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:155
Value : Cookie:admin@overstock.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@citi.bridgetrack[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:13
Value : Cookie:admin@citi.bridgetrack.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@server.iad.liveperson[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:27
Value : Cookie:admin@server.iad.liveperson.net/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@real[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:220
Value : Cookie:admin@real.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@ehg-designwithinreach.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:19
Value : Cookie:admin@ehg-designwithinreach.hitbox.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@counter15.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:21
Value : Cookie:admin@counter15.sextracker.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1082
Value : Cookie:admin@hitbox.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@maxserving[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:admin@maxserving.com/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : admin@valueclick[1].txt
TAC Rating