Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91813 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Help Pls


  • Please log in to reply
1 reply to this topic

#1 Guest_Guest_*

Guest_Guest_*
  • Guests

Posted 17 November 2003 - 08:14 PM

I am an absolute Newbie so I hope I am doing this right :unsure: I am having problems with Marsfind...Geocities hijacking my web page. I have been told that it is a trojan horse??? I run Windows 2000 Professional I have tried to delete it from my browser and all files but then I reboot and it is all there again. Ad Ware 6.o does not seem to help...I also have Gaurd IE 3.4 along with MacCaffee Fire wall and a modem I do not have the necessary program in program/accessories/system tools to do anything The folowing is a log from Adware. Do you have any ideas as to how I can get rid of this problem. Any info would be greatly appreciated thanks Abs Lavasoft Ad-aware Personal Build 6.181 Logfile created on :Sunday, November 16, 2003 8:45:59 PM Created with Ad-aware Personal, free for private use. Using reference-file :01R231 15.11.2003 ______________________________________________________ Ad-aware Settings ========================= Set : Activate in-depth scan (Recommended) Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep scan registry 11-16-2003 8:45:59 PM - Scan started. (Smart mode) Listing running processes ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ #:1 [smss.exe] FilePath : \SystemRoot\System32\ ThreadCreationTime : 11-16-2003 5:51:31 PM BasePriority : Normal #:2 [winlogon.exe] FilePath : \??\C:\WINNT\system32\ ThreadCreationTime : 11-16-2003 5:51:35 PM BasePriority : High #:3 [services.exe] FilePath : C:\WINNT\system32\ ThreadCreationTime : 11-16-2003 5:51:35 PM BasePriority : Normal FileSize : 87 KB FileVersion : 5.00.2195.6700 ProductVersion : 5.00.2195.6700 Copyright : Copyright © Microsoft Corp. 1981-1999 CompanyName : Microsoft Corporation FileDescription : Services and Controller app InternalName : services.exe OriginalFilename : services.exe ProductName : Microsoft® Windows ® 2000 Operating System Created on : 1/1/1980 8:00:00 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 6/19/2003 8:05:04 PM #:4 [lsass.exe] FilePath : C:\WINNT\system32\ ThreadCreationTime : 11-16-2003 5:51:35 PM BasePriority : Normal FileSize : 32 KB FileVersion : 5.00.2195.6695 ProductVersion : 5.00.2195.6695 Copyright : Copyright © Microsoft Corp. 1981-1999 CompanyName : Microsoft Corporation FileDescription : LSA Executable and Server DLL (Export Version) InternalName : lsasrv.dll and lsass.exe OriginalFilename : lsasrv.dll and lsass.exe ProductName : Microsoft® Windows ® 2000 Operating System Created on : 7/22/2002 11:54:58 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 6/19/2003 8:05:04 PM #:5 [svchost.exe] FilePath : C:\WINNT\system32\ ThreadCreationTime : 11-16-2003 5:51:38 PM BasePriority : Normal FileSize : 7 KB FileVersion : 5.00.2134.1 ProductVersion : 5.00.2134.1 Copyright : Copyright © Microsoft Corp. 1981-1999 CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe OriginalFilename : svchost.exe ProductName : Microsoft® Windows ® 2000 Operating System Created on : 1/1/1980 8:00:00 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 7/26/2000 1:00:00 PM #:6 [spoolsv.exe] FilePath : C:\WINNT\system32\ ThreadCreationTime : 11-16-2003 5:51:38 PM BasePriority : Normal FileSize : 44 KB FileVersion : 5.00.2195.6659 ProductVersion : 5.00.2195.6659 Copyright : Copyright © Microsoft Corp. 1981-1999 CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolss.exe OriginalFilename : spoolss.exe ProductName : Microsoft® Windows ® 2000 Operating System Created on : 9/4/2001 11:39:09 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 6/19/2003 8:05:04 PM #:7 [svchost.exe] FilePath : C:\WINNT\System32\ ThreadCreationTime : 11-16-2003 5:51:49 PM BasePriority : Normal FileSize : 7 KB FileVersion : 5.00.2134.1 ProductVersion : 5.00.2134.1 Copyright : Copyright © Microsoft Corp. 1981-1999 CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe OriginalFilename : svchost.exe ProductName : Microsoft® Windows ® 2000 Operating System Created on : 1/1/1980 8:00:00 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 7/26/2000 1:00:00 PM #:8 [navapsvc.exe] FilePath : C:\PROGRA~1\Navnt\ ThreadCreationTime : 11-16-2003 5:51:50 PM BasePriority : Normal FileSize : 88 KB FileVersion : 7.07.00.23 ProductVersion : 7.07.00.23 Copyright : Copyright © 2000 Symantec Corporation. All rights reserved. CompanyName : Symantec Corporation FileDescription : Norton AntiVirus Auto-Protect Service InternalName : NAVAPSVC OriginalFilename : NAVAPSVC.EXE ProductName : Norton AntiVirus Created on : 10/22/2001 3:30:13 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 2/14/2001 2:00:00 PM #:9 [npssvc.exe] FilePath : C:\PROGRA~1\Navnt\ ThreadCreationTime : 11-16-2003 5:51:50 PM BasePriority : Normal FileSize : 36 KB FileVersion : 5.3.0.180 ProductVersion : 5.3.0.180 Copyright : Copyright © Symantec Corporation 1991-1999 CompanyName : Symantec Corporation FileDescription : Norton Program Scheduler Service InternalName : NPSSVC OriginalFilename : NPSSVC.EXE ProductName : Norton AntiVirus Core Technology Created on : 10/22/2001 3:30:13 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 2/14/2001 2:00:00 PM #:10 [regsvc.exe] FilePath : C:\WINNT\system32\ ThreadCreationTime : 11-16-2003 5:51:51 PM BasePriority : Normal FileSize : 66 KB FileVersion : 5.00.2195.6701 ProductVersion : 5.00.2195.6701 Copyright : Copyright © Microsoft Corp. 1981-1999 CompanyName : Microsoft Corporation FileDescription : Remote Registry Service InternalName : regsvc OriginalFilename : REGSVC.EXE ProductName : Microsoft® Windows ® 2000 Operating System Created on : 7/30/2003 7:58:21 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 6/19/2003 8:05:04 PM #:11 [mstask.exe] FilePath : C:\WINNT\system32\ ThreadCreationTime : 11-16-2003 5:51:51 PM BasePriority : Normal FileSize : 116 KB FileVersion : 4.71.2195.6704 ProductVersion : 4.71.2195.6704 Copyright : Copyright © Microsoft Corp. 1997 CompanyName : Microsoft Corporation FileDescription : Task Scheduler Engine InternalName : TaskScheduler OriginalFilename : mstask.exe ProductName : Microsoft Created on : 7/30/2003 7:57:55 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 6/19/2003 8:05:04 PM #:12 [winmgmt.exe] FilePath : C:\WINNT\System32\WBEM\ ThreadCreationTime : 11-16-2003 5:51:51 PM BasePriority : Normal FileSize : 192 KB FileVersion : 1.50.1085.0100 ProductVersion : 1.50.1085.0100 Copyright : Copyright © Microsoft Corp. 1995-1999 CompanyName : Microsoft Corporation FileDescription : Windows Management Instrumentation InternalName : WINMGMT ProductName : Windows Management Instrumentation Created on : 7/30/2003 7:58:43 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 6/19/2003 8:05:04 PM #:13 [svchost.exe] FilePath : C:\WINNT\system32\ ThreadCreationTime : 11-16-2003 5:51:51 PM BasePriority : Normal FileSize : 7 KB FileVersion : 5.00.2134.1 ProductVersion : 5.00.2134.1 Copyright : Copyright © Microsoft Corp. 1981-1999 CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe OriginalFilename : svchost.exe ProductName : Microsoft® Windows ® 2000 Operating System Created on : 1/1/1980 8:00:00 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 7/26/2000 1:00:00 PM #:14 [alertsvc.exe] FilePath : C:\PROGRA~1\Navnt\ ThreadCreationTime : 11-16-2003 5:51:56 PM BasePriority : Normal FileSize : 80 KB FileVersion : 7.07.00.23 ProductVersion : 7.07.00.23 Copyright : Copyright © 2000 Symantec Corporation. All rights reserved. CompanyName : Symantec Corporation FileDescription : Norton AntiVirus Alert Service InternalName : ALERTSVC OriginalFilename : ALERTSVC.EXE ProductName : Norton AntiVirus Created on : 10/22/2001 3:30:12 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 2/14/2001 2:00:00 PM #:15 [explorer.exe] FilePath : C:\WINNT\ ThreadCreationTime : 11-16-2003 5:52:00 PM BasePriority : Normal FileSize : 237 KB FileVersion : 5.00.3700.6690 ProductVersion : 5.00.3700.6690 Copyright : Copyright © Microsoft Corp. 1981-1999 CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer OriginalFilename : EXPLORER.EXE ProductName : Microsoft® Windows ® 2000 Operating System Created on : 7/30/2003 7:57:26 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 6/19/2003 8:05:04 PM #:16 [directcd.exe] FilePath : C:\PROGRA~1\Adaptec\DirectCD\ ThreadCreationTime : 11-16-2003 5:52:12 PM BasePriority : Normal FileSize : 1100 KB FileVersion : 3.01e (184) ProductVersion : 3.01e (184) Copyright : Copyright © 1996-2000 Adaptec, Inc. CompanyName : Adaptec FileDescription : DirectCD Application InternalName : DirectCD OriginalFilename : DirectCD.EXE ProductName : DirectCD Created on : 9/4/2001 11:49:30 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 9/4/2001 11:49:36 PM #:17 [mm_tray.exe] FilePath : C:\Program Files\MusicMatch\MusicMatch Jukebox\ ThreadCreationTime : 11-16-2003 5:52:13 PM BasePriority : Normal FileSize : 112 KB FileVersion : 8.00.0101 ProductVersion : 8.00.0101 Copyright : Copyright CompanyName : MUSICMATCH, Inc. FileDescription : mm_tray InternalName : mm_tray OriginalFilename : mm_tray.exe ProductName : MUSICMATCH JUKEBOX Created on : 9/19/2001 11:20:36 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 6/27/2003 1:04:18 AM #:18 [cmgrdian.exe] FilePath : C:\Program Files\McAfee\McAfee Shared Components\Guardian\ ThreadCreationTime : 11-16-2003 5:52:14 PM BasePriority : Normal FileSize : 133 KB FileVersion : 3.00.1036.0 ProductVersion : 3.00.1036.0 Copyright : Copyright CompanyName : Network Associates, Inc. FileDescription : McAfee Guardian Agent InternalName : CMGrdian OriginalFilename : CMGrdian.exe ProductName : McAfee Windows Guardian Created on : 2/28/2001 11:00:00 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 2/28/2001 11:00:00 AM #:19 [poproxy.exe] FilePath : C:\Program Files\Navnt\ ThreadCreationTime : 11-16-2003 5:52:16 PM BasePriority : Normal FileSize : 76 KB FileVersion : 7.07.00.23 ProductVersion : 7.07.00.23 Copyright : Copyright © 2000 Symantec Corporation. All rights reserved. CompanyName : Symantec Corporation FileDescription : Norton AntiVirus Utilities InternalName : POPROXY OriginalFilename : POPROXY.DLL ProductName : Norton AntiVirus Created on : 10/22/2001 3:30:13 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 2/14/2001 2:00:00 PM #:20 [cpd.exe] FilePath : C:\PROGRA~1\McAfee\MCAFEE~1\ ThreadCreationTime : 11-16-2003 5:52:17 PM BasePriority : Normal FileSize : 340 KB FileVersion : 2.15.001.0 ProductVersion : 2.15.001.0 Copyright : Copyright © 2000 Network Associates Inc. CompanyName : Network Associates Inc. FileDescription : McAfee Firewall InternalName : McAfee Firewall OriginalFilename : McAfee Firewall ProductName : McAfee Firewall Created on : 3/12/2001 10:15:00 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 3/12/2001 10:15:00 AM #:21 [approved.pif] FilePath : C:\Documents and Settings\Administrator\Local Settings\Temp\IncrediMail\ ThreadCreationTime : 11-16-2003 5:52:24 PM BasePriority : Normal FileSize : 51 KB Created on : 5/23/2003 6:52:23 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 5/23/2003 3:04:40 AM #:22 [adobea.exe] FilePath : C:\WINNT\System32\ ThreadCreationTime : 11-16-2003 5:52:24 PM BasePriority : Normal FileSize : 557 KB OriginalFilename : mirc.exe Created on : 8/9/2002 3:00:12 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 8/9/2002 3:00:12 PM #:23 [realsched.exe] FilePath : C:\Program Files\Common Files\Real\Update_OB\ ThreadCreationTime : 11-16-2003 5:52:24 PM BasePriority : Normal FileSize : 148 KB FileVersion : 0.1.0.1622 ProductVersion : 0.1.0.1622 Copyright : Copyright CompanyName : RealNetworks, Inc. FileDescription : RealNetworks Scheduler InternalName : schedapp OriginalFilename : realsched.exe ProductName : RealOne Player (32-bit) Created on : 11/13/2003 5:18:01 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 11/13/2003 5:18:02 AM #:24 [createcd.exe] FilePath : C:\PROGRA~1\Adaptec\EASYCD~1\CreateCD\ ThreadCreationTime : 11-16-2003 5:52:26 PM BasePriority : Normal FileSize : 256 KB FileVersion : 4.02d (292) ProductVersion : 4.02d (292) Copyright : Copyright © 1996-2000 Adaptec, Inc. CompanyName : Adaptec FileDescription : Adaptec Create CD InternalName : createcd.exe OriginalFilename : createcd.exe ProductName : Easy CD Creator Created on : 9/20/2001 2:17:51 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 6/30/2000 9:38:00 AM #:25 [msnmsgr.exe] FilePath : C:\Program Files\MSN Messenger\ ThreadCreationTime : 11-16-2003 5:52:29 PM BasePriority : Normal FileSize : 4084 KB FileVersion : 6.0.0602 ProductVersion : Version 6.0 Copyright : Copyright © Microsoft Corporation 1997-2003 CompanyName : Microsoft Corporation FileDescription : Messenger InternalName : msnmsgr OriginalFilename : msnmsgr.exe ProductName : Messenger Created on : 7/11/2003 10:57:42 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 7/11/2003 10:57:42 PM #:26 [soap.exe] FilePath : C:\PROGRA~1\SYSTEM~1\ ThreadCreationTime : 11-16-2003 5:52:30 PM BasePriority : Normal FileSize : 759 KB FileVersion : 4.00.0035 ProductVersion : 4.00.0035 CompanyName : Internet Washer InternalName : Soap OriginalFilename : Soap.exe ProductName : Internet Washer Pro Created on : 11/10/2003 5:47:33 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 10/18/2003 2:03:00 AM #:27 [navapw32.exe] FilePath : C:\Program Files\Navnt\ ThreadCreationTime : 11-16-2003 5:52:31 PM BasePriority : Idle FileSize : 120 KB FileVersion : 7.07.00.23 ProductVersion : 7.07.00.23 Copyright : Copyright © 2000 Symantec Corporation. All rights reserved. CompanyName : Symantec Corporation FileDescription : Norton AntiVirus Auto-Protect InternalName : NAVAPW32 OriginalFilename : NAVAPW32.EXE ProductName : Norton AntiVirus Created on : 10/22/2001 3:30:13 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 2/14/2001 2:00:00 PM #:28 [webshotstray.exe] FilePath : C:\Program Files\Webshots\ ThreadCreationTime : 11-16-2003 5:52:34 PM BasePriority : Normal FileSize : 204 KB FileVersion : 1.3.0.3826 ProductVersion : 1.3.0.3826 Copyright : Copyright © 1998 CompanyName : The Webshots Corporation FileDescription : Webshots Desktop Tray Application InternalName : WEBSHOTSTRAY OriginalFilename : WEBSHOTSTRAY.EXE ProductName : Webshots Tray Application Created on : 4/28/2003 12:26:32 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 6/21/2002 11:55:56 PM #:29 [imapp.exe] FilePath : C:\PROGRA~1\INCRED~1\bin\ ThreadCreationTime : 11-16-2003 5:52:38 PM BasePriority : Normal FileSize : 124 KB FileVersion : 2, 0, 0, 0 ProductVersion : 2, 0, 0, 0 Copyright : Copyright CompanyName : IncrediMail, Ltd. FileDescription : IncrediMail Application InternalName : IncrediApp OriginalFilename : IMAPP.EXE ProductName : IncrediMail Created on : 5/11/2003 8:31:42 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 5/11/2003 8:31:36 PM #:30 [iexplore.exe] FilePath : C:\Program Files\Internet Explorer\ ThreadCreationTime : 11-16-2003 7:51:42 PM BasePriority : Normal FileSize : 89 KB FileVersion : 6.00.2800.1106 ProductVersion : 6.00.2800.1106 CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : iexplore OriginalFilename : IEXPLORE.EXE ProductName : Microsoft Created on : 8/29/2002 3:14:40 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 8/29/2002 3:14:40 PM #:31 [svchost.exe] FilePath : C:\WINNT\System32\ ThreadCreationTime : 11-16-2003 8:11:16 PM BasePriority : Normal FileSize : 7 KB FileVersion : 5.00.2134.1 ProductVersion : 5.00.2134.1 Copyright : Copyright © Microsoft Corp. 1981-1999 CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe OriginalFilename : svchost.exe ProductName : Microsoft® Windows ® 2000 Operating System Created on : 1/1/1980 8:00:00 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 7/26/2000 1:00:00 PM #:32 [iexplore.exe] FilePath : C:\Program Files\Internet Explorer\ ThreadCreationTime : 11-16-2003 9:31:40 PM BasePriority : Normal FileSize : 89 KB FileVersion : 6.00.2800.1106 ProductVersion : 6.00.2800.1106 CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : iexplore OriginalFilename : IEXPLORE.EXE ProductName : Microsoft Created on : 8/29/2002 3:14:40 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 8/29/2002 3:14:40 PM #:33 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-aware 6\ ThreadCreationTime : 11-17-2003 3:31:06 AM BasePriority : Normal FileSize : 668 KB FileVersion : 6.0.1.181 ProductVersion : 6.0.0.0 Copyright : Copyright CompanyName : Lavasoft Sweden FileDescription : Ad-aware 6 core application InternalName : Ad-aware.exe OriginalFilename : Ad-aware.exe ProductName : Lavasoft Ad-aware Plus Created on : 11/10/2003 6:32:57 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 7/13/2003 6:00:20 AM Memory scan result : ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ New objects : 0 Objects found so far: 0 Started registry scan ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Alexa Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} BrilliantDigital Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{3EEC42B5-FB94-40D3-A588-BB54B383A7CB} BrilliantDigital Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{51958169-D5E3-11D1-AA42-0000E842E40A} BrilliantDigital Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{67925165-C4B6-11D2-B9C6-0000E84F59A6} BrilliantDigital Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : Interface\{51958167-D5E3-11D1-AA42-0000E842E40A} BrilliantDigital Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : Interface\{51958168-D5E3-11D1-AA42-0000E842E40A} BrilliantDigital Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : Interface\{67925164-C4B6-11D2-B9C6-0000E84F59A6} BrilliantDigital Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : s3d_auto_file BrilliantDigital Object recognized! Type : RegKey Data : Rootkey : HKEY_CURRENT_USER Object : Software\Brilliant Digital Entertainment BrilliantDigital Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Brilliant Digital Entertainment BrilliantDigital Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bdeplayer BrilliantDigital Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : TypeLib\{51958166-D5E3-11D1-AA42-0000E842E40A} BrilliantDigital Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : TypeLib\{82FC7881-AACC-11D2-B9C6-0000E842E40A} Crontel Ltd Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\DiallerProgram Cydoor Object recognized! Type : RegKey Data : Rootkey : HKEY_CURRENT_USER Object : software\cydoor Cydoor Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : Software\Cydoor Cydoor Object recognized! Type : RegKey Data : Rootkey : HKEY_CURRENT_USER Object : software\cydoor services DownloadWare Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E} DownloadWare Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\DownloadWare DownloadWare Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E} DownloadWare Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Windows\CurrentVersion\uninstall\MediaLoads Installer e2give Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : AppID\IeBHOs.DLL e2give Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : AppID\{3B99F202-145A-4E5A-AC7B-88A36910BF5E} e2give Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6} e2give Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : IeBHOs.Control e2give Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : IeBHOs.Control.1 e2give Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : Software\e2g e2give Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6} e2give Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e2g Plugin e2give Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : TypeLib\{3B99F202-145A-4E5A-AC7B-88A36910BF5E} Hi-Wire Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{28f00b04-dc4e-11d3-abec-005004a44eeb} Hi-Wire Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{28f00b20-dc4e-11d3-abec-005004a44eeb} Hi-Wire Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{28f00b21-dc4e-11d3-abec-005004a44eeb} Hi-Wire Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : hiwire.configurator Hi-Wire Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : hiwire.configurator.1 Hi-Wire Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : hiwire.transportcenter Hi-Wire Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : hiwire.transportcenter.1 Hi-Wire Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : hiwire.userregrequest Hi-Wire Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : hiwire.userregrequest.1 Hi-Wire Object recognized! Type : RegKey Data : Rootkey : HKEY_CURRENT_USER Object : Software\HIWIRE ImIServer IEPlugin Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{69135BDE-5FDC-4B61-98AA-82AD2091BCCC} ImIServer IEPlugin Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{E2BF1BF3-1FDB-4C93-8874-0B09E71C594C} ImIServer IEPlugin Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{F3155057-4C2C-4078-8576-50486693FD49} ImIServer IEPlugin Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : IMIToolbar.BottomFrame ImIServer IEPlugin Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : IMIToolbar.BottomFrame.1 ImIServer IEPlugin Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : IMIToolbar.imiTool ImIServer IEPlugin Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : IMIToolbar.imiTool.1 ImIServer IEPlugin Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : IMIToolbar.LeftFrame ImIServer IEPlugin Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : IMIToolbar.LeftFrame.1 ImIServer IEPlugin Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : IMIToolbar.PopupBrowser ImIServer IEPlugin Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : IMIToolbar.PopupBrowser.1 ImIServer IEPlugin Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{556DDE35-E955-11D0-A707-000000521958} ImIServer IEPlugin Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69135BDE-5FDC-4B61-98AA-82AD2091BCCC} MainPean Dialer Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\MainPean Highspeed MyWebSearch Toolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} MyWebSearch Toolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{00a6faf4-072e-44cf-8957-5838f569a31d} MyWebSearch Toolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{147A976E-EEE1-4377-8EA7-4716E4CDD239} MyWebSearch Toolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : Interface\{00A6FAF3-072E-44CF-8957-5838F569A31D} MyWebSearch Toolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} MyWebSearch Toolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA} MyWebSearch Toolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : mywebsearchsearchassistant.auxiliary MyWebSearch Toolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : mywebsearchsearchassistant.auxiliary.1 MyWebSearch Toolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} MyWebSearch Toolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearchSearchAssistant MyWebSearch Toolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\MyWebSearch\SearchAssistant MyWebSearch Toolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : TYPELIB\{00a6faf0-072e-44cf-8957-5838f569a31d} MyWebSearch Toolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : TYPELIB\{07b18ea0-a523-4961-b6bb-170de4475cca} MyWebSearch Toolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} MyWebSearch Toolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} NetworkEssentials Object recognized! Type : RegKey Data : Rootkey : HKEY_CURRENT_USER Object : Software\DownloadWare NetworkEssentials Object recognized! Type : RegKey Data : Rootkey : HKEY_CURRENT_USER Object : Software\Hopper NetworkEssentials Object recognized! Type : RegKey Data : Rootkey : HKEY_CURRENT_USER Object : Software\WebInstall SaveNow Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : Software\WhenU SaveNow Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : WUSN.1 SpywareNuker Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{15589FA1-C456-11CE-BF01-00AA0055595A} SpywareNuker Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : Software\SOFTUP2009 SpywareNuker Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\SOFTUP2009\camps SpywareNuker Object recognized! Type : RegKey Data : Rootkey : HKEY_CURRENT_USER Object : Software\VB and VBA Program Settings\SPYWARE NUKER Trojan Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SYSTEM\CurrentControlSet\Services\PSEXESVC WurldMedia Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\rdxr ZipclixToolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{319A68DB-06D0-46DA-9F93-A810D5A70836} ZipclixToolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : Interface\{EC34A4B3-809A-4A71-88D4-55B5183D6041} ZipclixToolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZipClix ZipclixToolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CURRENT_USER Object : SOFTWARE\Zipclix ZipclixToolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : Typelib\{BBCD25C8-A31E-4DFB-B204-B54BBA477B23} ZipclixToolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : ZipclixObj.ZipclixObj ZipclixToolbar Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : ZipclixObj.ZipclixObj.1 DownloadWare Object recognized! Type : RegValue Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Windows\CurrentVersion\run Value : MediaLoads Installer MemoryMeter Object recognized! Type : RegValue Data : Rootkey : HKEY_CLASSES_ROOT Object : htmlfile\CLSID Value : GUID MemoryMeter Object recognized! Type : RegValue Data : Rootkey : HKEY_CLASSES_ROOT Object : htmlfile\CLSID Value : Data MemoryMeter Object recognized! Type : RegValue Data : Rootkey : HKEY_CLASSES_ROOT Object : htmlfile\CLSID Value : Config MemoryMeter Object recognized! Type : RegValue Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Run Value : MemoryMeter Other Object recognized! Type : RegValue Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Run Value : Win Server Updt ZipclixToolbar Object recognized! Type : RegValue Data : Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Internet Explorer\Toolbar Value : {319A68DB-06D0-46DA-9F93-A810D5A70836} Windows Object recognized! Type : RegData Data : Rootkey : HKEY_USERS Object : .DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings Value : Client ID Data : Windows Object recognized! Type : RegData Data : Rootkey : HKEY_CURRENT_USER Object : Software\Microsoft\MediaPlayer\Player\Settings Value : Client ID Data : Registry scan result : ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ New objects : 96 Objects found so far: 96 Started deep registry scan ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchURLsearch.ieplugin.com Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://search.ieplug...com/q.cgi?q=%s" Rootkey : HKEY_CURRENT_USER Object : Software\Microsoft\Internet Explorer\SearchURL Value : Data : "http://search.ieplug...com/q.cgi?q=%s" Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Barsearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalo...com/search.htm" Rootkey : HKEY_CURRENT_USER Object : Software\Microsoft\Internet Explorer\Main Value : Search Bar Data : "http://www.searchalo...com/search.htm" Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainDefault_Search_URLsearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalo...com/search.htm" Rootkey : HKEY_CURRENT_USER Object : Software\Microsoft\Internet Explorer\Main Value : Default_Search_URL Data : "http://www.searchalo...com/search.htm" Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainDefault_Page_URLsearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalot.com" Rootkey : HKEY_CURRENT_USER Object : Software\Microsoft\Internet Explorer\Main Value : Default_Page_URL Data : "http://www.searchalot.com" Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainLocal Pagesearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalot.com" Rootkey : HKEY_CURRENT_USER Object : Software\Microsoft\Internet Explorer\Main Value : Local Page Data : "http://www.searchalot.com" Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchSearchAssistantsearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalo...com/search.htm" Rootkey : HKEY_CURRENT_USER Object : Software\Microsoft\Internet Explorer\Search Value : SearchAssistant Data : "http://www.searchalo...com/search.htm" Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchCustomizeSearchsearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalo...com/search.htm" Rootkey : HKEY_CURRENT_USER Object : Software\Microsoft\Internet Explorer\Search Value : CustomizeSearch Data : "http://www.searchalo...com/search.htm" Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Pagesearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalot.com" Rootkey : HKEY_LOCAL_MACHINE Object : Software\Microsoft\Internet Explorer\Main Value : Start Page Data : "http://www.searchalot.com" Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Barsearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalo...com/search.htm" Rootkey : HKEY_LOCAL_MACHINE Object : Software\Microsoft\Internet Explorer\Main Value : Search Bar Data : "http://www.searchalo...com/search.htm" Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainLocal Pagesearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalot.com" Rootkey : HKEY_LOCAL_MACHINE Object : Software\Microsoft\Internet Explorer\Main Value : Local Page Data : "http://www.searchalot.com" Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainSearch Pagesearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalo...com/search.htm" Rootkey : HKEY_USERS Object : .Default\Software\Microsoft\Internet Explorer\Main Value : Search Page Data : "http://www.searchalo...com/search.htm" Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainStart Pagesearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalot.com" Rootkey : HKEY_USERS Object : .Default\Software\Microsoft\Internet Explorer\Main Value : Start Page Data : "http://www.searchalot.com" Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainSearch Barsearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalo...com/search.htm" Rootkey : HKEY_USERS Object : .Default\Software\Microsoft\Internet Explorer\Main Value : Search Bar Data : "http://www.searchalo...com/search.htm" Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainDefault_Search_URLsearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalo...com/search.htm" Rootkey : HKEY_USERS Object : .Default\Software\Microsoft\Internet Explorer\Main Value : Default_Search_URL Data : "http://www.searchalo...com/search.htm" Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainDefault_Page_URLsearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalot.com" Rootkey : HKEY_USERS Object : .Default\Software\Microsoft\Internet Explorer\Main Value : Default_Page_URL Data : "http://www.searchalot.com" Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainLocal Pagesearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalot.com" Rootkey : HKEY_USERS Object : .Default\Software\Microsoft\Internet Explorer\Main Value : Local Page Data : "http://www.searchalot.com" Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\SearchSearchAssistantsearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalo...com/search.htm" Rootkey : HKEY_USERS Object : .Default\Software\Microsoft\Internet Explorer\Search Value : SearchAssistant Data : "http://www.searchalo...com/search.htm" Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\SearchCustomizeSearchsearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalo...com/search.htm" Rootkey : HKEY_USERS Object : .Default\Software\Microsoft\Internet Explorer\Search Value : CustomizeSearch Data : "http://www.searchalo...com/search.htm" Possible browser hijack attempt : .Default\Software\Microsoft\Internet ExplorerSearchURLsearchalot Possible Browser Hijack attempt Object recognized! Type : RegData Data : "http://www.searchalo...com/search.htm" Rootkey : HKEY_USERS Object : .Default\Software\Microsoft\Internet Explorer Value : SearchURL Data : "http://www.searchalo...com/search.htm" Win32.Holar.G Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : CLSID\{3DF2AE35-26A8-11D4-BDD2-00104BFEC09F} Win32.Holar.G Object recognized! Type : File Data : smtp.ocx Object : c:\winnt\system32\ FileSize : 25 KB FileVersion : 4.00.0019 ProductVersion : 4.00.0019 Copyright : Copyright © 1997 - 2002 OstroSoft CompanyName : OstroSoft FileDescription : SMTP Control for Visual Basic InternalName : SMTP OriginalFilename : SMTP.ocx ProductName : SMTP Control Created on : 11/1/2003 7:49:46 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 11/12/2003 5:35:22 AM Win32.Holar.G Object recognized! Type : RegKey Data : c:\winnt\system32\smtp.ocx Rootkey : HKEY_CLASSES_ROOT Object : TYPELIB\{3DF2AE33-26A8-11D4-BDD2-00104BFEC09F} ImIServer IEPlugin Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : IMIToolbar.PopupWindow ImIServer IEPlugin Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : IMIToolbar.PopupWindow.1 Win32.Holar.G Object recognized! Type : RegKey Data : Rootkey : HKEY_CLASSES_ROOT Object : SMTPControl.SMTP Possible browser hijack attempt : {15589FA1-C456-11CE-BF01-00AA0055595A} (http://www.spywarenu...erinstaller.exe) MemoryMeter Object recognized! Type : RegValue Data : Rootkey : HKEY_LOCAL_MACHINE Object : Software\Microsoft\Windows\CurrentVersion\Run Value : MSMGT MemoryMeter Object recognized! Type : File Data : msmgt.exe Object : c:\winnt\ FileSize : 32 KB Created on : 8/7/2003 8:45:06 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 8/7/2003 8:45:08 PM Win32.Holar.G Object recognized! Type : RegValue Data : Rootkey : HKEY_LOCAL_MACHINE Object : Software\Microsoft\Windows\CurrentVersion\Run Value : Explore Win32.Holar.G Object recognized! Type : File Data : explore.exe Object : c:\winnt\system32\ FileSize : 20 KB FileVersion : 1.00.0020 ProductVersion : 1.00.0020 CompanyName : * InternalName : Explorer OriginalFilename : Explorer.exe ProductName : Explorer Created on : 11/1/2003 7:49:46 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 11/1/2003 7:49:48 PM Deep registry scan result : ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ New objects : 26 Objects found so far: 125 ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Tracking Cookie Object recognized! Type : File Data : administrator@ehg.hitbox[1].txt Object : C:\Documents and Settings\Administrator\Cookies\ FileSize : 1 KB Created on : 10/15/2001 4:22:08 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 10/15/2001 4:22:34 AM Tracking Cookie Object recognized! Type : File Data : administrator@excite[2].txt Object : C:\Documents and Settings\Administrator\Cookies\ Created on : 10/10/2001 11:03:59 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 10/24/2001 4:20:12 AM Tracking Cookie Object recognized! Type : File Data : administrator@x10[1].txt Object : C:\Documents and Settings\Administrator\Cookies\ Created on : 10/26/2001 11:56:09 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 10/26/2001 11:56:10 PM Tracking Cookie Object recognized! Type : File Data : administrator@ads.adsag[2].txt Object : C:\Documents and Settings\Administrator\Cookies\ Created on : 10/26/2001 1:50:14 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 10/26/2001 1:50:16 AM Tracking Cookie Object recognized! Type : File Data : administrator@tmpad[2].txt Object : C:\Documents and Settings\Administrator\Cookies\ Created on : 10/19/2003 3:33:31 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 10/19/2003 3:33:32 AM Tracking Cookie Object recognized! Type : File Data : administrator@doubleclick[1].txt Object : C:\Documents and Settings\Administrator\Cookies\ Created on : 10/11/2001 6:32:01 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 10/11/2001 6:32:46 AM Tracking Cookie Object recognized! Type : File Data : administrator@accumail[1].txt Object : C:\Documents and Settings\Administrator\Cookies\ Created on : 4/27/2003 10:33:54 PM Last accessed : 11/16/2003 8:00:00 AM Last modified : 4/27/2003 10:34:00 PM Tracking Cookie Object recognized! Type : File Data : administrator@www.qksrv[2].txt Object : C:\Documents and Settings\Administrator\Cookies\ Created on : 10/27/2001 12:00:51 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 10/27/2001 12:00:52 AM Tracking Cookie Object recognized! Type : File Data : administrator@mediaplex[1].txt Object : C:\Documents and Settings\Administrator\Cookies\ Created on : 10/24/2001 4:18:45 AM Last accessed : 11/16/2003 8:00:00 AM Last modified : 10/24/2001 4:18:46 AM Tracking Cookie Object recognized! Type : File Data : administrator@server.iad.livepers

    Advertisements

Register to Remove


#2 Guest_Guest<SierraMiss>_*

Guest_Guest<SierraMiss>_*
  • Guests

Posted 02 December 2003 - 11:08 PM

:thumbup: I had a trojan horse also and was destroying my files.. I came across A software call "Trojan Remover" I downloaded it and it worked.

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users