I am an absolute Newbie so I hope I am doing this right
I am having problems with Marsfind...Geocities hijacking my web page. I have been told that it is a trojan horse???
I run Windows 2000 Professional
I have tried to delete it from my browser and all files but then I reboot and it is all there again. Ad Ware 6.o does not seem to help...I also have Gaurd IE 3.4 along with MacCaffee Fire wall and a modem
I do not have the necessary program in program/accessories/system tools to do anything
The folowing is a log from Adware. Do you have any ideas as to how I can get rid of this problem.
Any info would be greatly appreciated
thanks
Abs
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Sunday, November 16, 2003 8:45:59 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R231 15.11.2003
______________________________________________________
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
11-16-2003 8:45:59 PM - Scan started. (Smart mode)
Listing running processes
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 11-16-2003 5:51:31 PM
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:35 PM
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:35 PM
BasePriority : Normal
FileSize : 87 KB
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 1/1/1980 8:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:4 [lsass.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:35 PM
BasePriority : Normal
FileSize : 32 KB
FileVersion : 5.00.2195.6695
ProductVersion : 5.00.2195.6695
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : LSA Executable and Server DLL (Export Version)
InternalName : lsasrv.dll and lsass.exe
OriginalFilename : lsasrv.dll and lsass.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 7/22/2002 11:54:58 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:5 [svchost.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:38 PM
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 1/1/1980 8:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/26/2000 1:00:00 PM
#:6 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:38 PM
BasePriority : Normal
FileSize : 44 KB
FileVersion : 5.00.2195.6659
ProductVersion : 5.00.2195.6659
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
OriginalFilename : spoolss.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 9/4/2001 11:39:09 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:7 [svchost.exe]
FilePath : C:\WINNT\System32\
ThreadCreationTime : 11-16-2003 5:51:49 PM
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 1/1/1980 8:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/26/2000 1:00:00 PM
#:8 [navapsvc.exe]
FilePath : C:\PROGRA~1\Navnt\
ThreadCreationTime : 11-16-2003 5:51:50 PM
BasePriority : Normal
FileSize : 88 KB
FileVersion : 7.07.00.23
ProductVersion : 7.07.00.23
Copyright : Copyright © 2000 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 10/22/2001 3:30:13 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/14/2001 2:00:00 PM
#:9 [npssvc.exe]
FilePath : C:\PROGRA~1\Navnt\
ThreadCreationTime : 11-16-2003 5:51:50 PM
BasePriority : Normal
FileSize : 36 KB
FileVersion : 5.3.0.180
ProductVersion : 5.3.0.180
Copyright : Copyright © Symantec Corporation 1991-1999
CompanyName : Symantec Corporation
FileDescription : Norton Program Scheduler Service
InternalName : NPSSVC
OriginalFilename : NPSSVC.EXE
ProductName : Norton AntiVirus Core Technology
Created on : 10/22/2001 3:30:13 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/14/2001 2:00:00 PM
#:10 [regsvc.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:51 PM
BasePriority : Normal
FileSize : 66 KB
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
OriginalFilename : REGSVC.EXE
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 7/30/2003 7:58:21 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:11 [mstask.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:51 PM
BasePriority : Normal
FileSize : 116 KB
FileVersion : 4.71.2195.6704
ProductVersion : 4.71.2195.6704
Copyright : Copyright © Microsoft Corp. 1997
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
OriginalFilename : mstask.exe
ProductName : Microsoft
Created on : 7/30/2003 7:57:55 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:12 [winmgmt.exe]
FilePath : C:\WINNT\System32\WBEM\
ThreadCreationTime : 11-16-2003 5:51:51 PM
BasePriority : Normal
FileSize : 192 KB
FileVersion : 1.50.1085.0100
ProductVersion : 1.50.1085.0100
Copyright : Copyright © Microsoft Corp. 1995-1999
CompanyName : Microsoft Corporation
FileDescription : Windows Management Instrumentation
InternalName : WINMGMT
ProductName : Windows Management Instrumentation
Created on : 7/30/2003 7:58:43 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:13 [svchost.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:51 PM
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 1/1/1980 8:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/26/2000 1:00:00 PM
#:14 [alertsvc.exe]
FilePath : C:\PROGRA~1\Navnt\
ThreadCreationTime : 11-16-2003 5:51:56 PM
BasePriority : Normal
FileSize : 80 KB
FileVersion : 7.07.00.23
ProductVersion : 7.07.00.23
Copyright : Copyright © 2000 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Alert Service
InternalName : ALERTSVC
OriginalFilename : ALERTSVC.EXE
ProductName : Norton AntiVirus
Created on : 10/22/2001 3:30:12 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/14/2001 2:00:00 PM
#:15 [explorer.exe]
FilePath : C:\WINNT\
ThreadCreationTime : 11-16-2003 5:52:00 PM
BasePriority : Normal
FileSize : 237 KB
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 7/30/2003 7:57:26 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:16 [directcd.exe]
FilePath : C:\PROGRA~1\Adaptec\DirectCD\
ThreadCreationTime : 11-16-2003 5:52:12 PM
BasePriority : Normal
FileSize : 1100 KB
FileVersion : 3.01e (184)
ProductVersion : 3.01e (184)
Copyright : Copyright © 1996-2000 Adaptec, Inc.
CompanyName : Adaptec
FileDescription : DirectCD Application
InternalName : DirectCD
OriginalFilename : DirectCD.EXE
ProductName : DirectCD
Created on : 9/4/2001 11:49:30 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 9/4/2001 11:49:36 PM
#:17 [mm_tray.exe]
FilePath : C:\Program Files\MusicMatch\MusicMatch Jukebox\
ThreadCreationTime : 11-16-2003 5:52:13 PM
BasePriority : Normal
FileSize : 112 KB
FileVersion : 8.00.0101
ProductVersion : 8.00.0101
Copyright : Copyright
CompanyName : MUSICMATCH, Inc.
FileDescription : mm_tray
InternalName : mm_tray
OriginalFilename : mm_tray.exe
ProductName : MUSICMATCH JUKEBOX
Created on : 9/19/2001 11:20:36 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/27/2003 1:04:18 AM
#:18 [cmgrdian.exe]
FilePath : C:\Program Files\McAfee\McAfee Shared Components\Guardian\
ThreadCreationTime : 11-16-2003 5:52:14 PM
BasePriority : Normal
FileSize : 133 KB
FileVersion : 3.00.1036.0
ProductVersion : 3.00.1036.0
Copyright : Copyright
CompanyName : Network Associates, Inc.
FileDescription : McAfee Guardian Agent
InternalName : CMGrdian
OriginalFilename : CMGrdian.exe
ProductName : McAfee Windows Guardian
Created on : 2/28/2001 11:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/28/2001 11:00:00 AM
#:19 [poproxy.exe]
FilePath : C:\Program Files\Navnt\
ThreadCreationTime : 11-16-2003 5:52:16 PM
BasePriority : Normal
FileSize : 76 KB
FileVersion : 7.07.00.23
ProductVersion : 7.07.00.23
Copyright : Copyright © 2000 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Utilities
InternalName : POPROXY
OriginalFilename : POPROXY.DLL
ProductName : Norton AntiVirus
Created on : 10/22/2001 3:30:13 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/14/2001 2:00:00 PM
#:20 [cpd.exe]
FilePath : C:\PROGRA~1\McAfee\MCAFEE~1\
ThreadCreationTime : 11-16-2003 5:52:17 PM
BasePriority : Normal
FileSize : 340 KB
FileVersion : 2.15.001.0
ProductVersion : 2.15.001.0
Copyright : Copyright © 2000 Network Associates Inc.
CompanyName : Network Associates Inc.
FileDescription : McAfee Firewall
InternalName : McAfee Firewall
OriginalFilename : McAfee Firewall
ProductName : McAfee Firewall
Created on : 3/12/2001 10:15:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 3/12/2001 10:15:00 AM
#:21 [approved.pif]
FilePath : C:\Documents and Settings\Administrator\Local Settings\Temp\IncrediMail\
ThreadCreationTime : 11-16-2003 5:52:24 PM
BasePriority : Normal
FileSize : 51 KB
Created on : 5/23/2003 6:52:23 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 5/23/2003 3:04:40 AM
#:22 [adobea.exe]
FilePath : C:\WINNT\System32\
ThreadCreationTime : 11-16-2003 5:52:24 PM
BasePriority : Normal
FileSize : 557 KB
OriginalFilename : mirc.exe
Created on : 8/9/2002 3:00:12 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 8/9/2002 3:00:12 PM
#:23 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ThreadCreationTime : 11-16-2003 5:52:24 PM
BasePriority : Normal
FileSize : 148 KB
FileVersion : 0.1.0.1622
ProductVersion : 0.1.0.1622
Copyright : Copyright
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
OriginalFilename : realsched.exe
ProductName : RealOne Player (32-bit)
Created on : 11/13/2003 5:18:01 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 11/13/2003 5:18:02 AM
#:24 [createcd.exe]
FilePath : C:\PROGRA~1\Adaptec\EASYCD~1\CreateCD\
ThreadCreationTime : 11-16-2003 5:52:26 PM
BasePriority : Normal
FileSize : 256 KB
FileVersion : 4.02d (292)
ProductVersion : 4.02d (292)
Copyright : Copyright © 1996-2000 Adaptec, Inc.
CompanyName : Adaptec
FileDescription : Adaptec Create CD
InternalName : createcd.exe
OriginalFilename : createcd.exe
ProductName : Easy CD Creator
Created on : 9/20/2001 2:17:51 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/30/2000 9:38:00 AM
#:25 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ThreadCreationTime : 11-16-2003 5:52:29 PM
BasePriority : Normal
FileSize : 4084 KB
FileVersion : 6.0.0602
ProductVersion : Version 6.0
Copyright : Copyright © Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr
OriginalFilename : msnmsgr.exe
ProductName : Messenger
Created on : 7/11/2003 10:57:42 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/11/2003 10:57:42 PM
#:26 [soap.exe]
FilePath : C:\PROGRA~1\SYSTEM~1\
ThreadCreationTime : 11-16-2003 5:52:30 PM
BasePriority : Normal
FileSize : 759 KB
FileVersion : 4.00.0035
ProductVersion : 4.00.0035
CompanyName : Internet Washer
InternalName : Soap
OriginalFilename : Soap.exe
ProductName : Internet Washer Pro
Created on : 11/10/2003 5:47:33 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/18/2003 2:03:00 AM
#:27 [navapw32.exe]
FilePath : C:\Program Files\Navnt\
ThreadCreationTime : 11-16-2003 5:52:31 PM
BasePriority : Idle
FileSize : 120 KB
FileVersion : 7.07.00.23
ProductVersion : 7.07.00.23
Copyright : Copyright © 2000 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect
InternalName : NAVAPW32
OriginalFilename : NAVAPW32.EXE
ProductName : Norton AntiVirus
Created on : 10/22/2001 3:30:13 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/14/2001 2:00:00 PM
#:28 [webshotstray.exe]
FilePath : C:\Program Files\Webshots\
ThreadCreationTime : 11-16-2003 5:52:34 PM
BasePriority : Normal
FileSize : 204 KB
FileVersion : 1.3.0.3826
ProductVersion : 1.3.0.3826
Copyright : Copyright © 1998
CompanyName : The Webshots Corporation
FileDescription : Webshots Desktop Tray Application
InternalName : WEBSHOTSTRAY
OriginalFilename : WEBSHOTSTRAY.EXE
ProductName : Webshots Tray Application
Created on : 4/28/2003 12:26:32 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/21/2002 11:55:56 PM
#:29 [imapp.exe]
FilePath : C:\PROGRA~1\INCRED~1\bin\
ThreadCreationTime : 11-16-2003 5:52:38 PM
BasePriority : Normal
FileSize : 124 KB
FileVersion : 2, 0, 0, 0
ProductVersion : 2, 0, 0, 0
Copyright : Copyright
CompanyName : IncrediMail, Ltd.
FileDescription : IncrediMail Application
InternalName : IncrediApp
OriginalFilename : IMAPP.EXE
ProductName : IncrediMail
Created on : 5/11/2003 8:31:42 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 5/11/2003 8:31:36 PM
#:30 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ThreadCreationTime : 11-16-2003 7:51:42 PM
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Microsoft
Created on : 8/29/2002 3:14:40 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 8/29/2002 3:14:40 PM
#:31 [svchost.exe]
FilePath : C:\WINNT\System32\
ThreadCreationTime : 11-16-2003 8:11:16 PM
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 1/1/1980 8:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/26/2000 1:00:00 PM
#:32 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ThreadCreationTime : 11-16-2003 9:31:40 PM
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Microsoft
Created on : 8/29/2002 3:14:40 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 8/29/2002 3:14:40 PM
#:33 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
ThreadCreationTime : 11-17-2003 3:31:06 AM
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 11/10/2003 6:32:57 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/13/2003 6:00:20 AM
Memory scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Started registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Alexa Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{3EEC42B5-FB94-40D3-A588-BB54B383A7CB}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{51958169-D5E3-11D1-AA42-0000E842E40A}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{67925165-C4B6-11D2-B9C6-0000E84F59A6}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{51958167-D5E3-11D1-AA42-0000E842E40A}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{51958168-D5E3-11D1-AA42-0000E842E40A}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{67925164-C4B6-11D2-B9C6-0000E84F59A6}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : s3d_auto_file
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Brilliant Digital Entertainment
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Brilliant Digital Entertainment
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bdeplayer
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{51958166-D5E3-11D1-AA42-0000E842E40A}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{82FC7881-AACC-11D2-B9C6-0000E842E40A}
Crontel Ltd Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\DiallerProgram
Cydoor Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : software\cydoor
Cydoor Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Cydoor
Cydoor Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : software\cydoor services
DownloadWare Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E}
DownloadWare Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\DownloadWare
DownloadWare Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E}
DownloadWare Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\uninstall\MediaLoads Installer
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : AppID\IeBHOs.DLL
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : AppID\{3B99F202-145A-4E5A-AC7B-88A36910BF5E}
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6}
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IeBHOs.Control
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IeBHOs.Control.1
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\e2g
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6}
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e2g Plugin
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{3B99F202-145A-4E5A-AC7B-88A36910BF5E}
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{28f00b04-dc4e-11d3-abec-005004a44eeb}
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{28f00b20-dc4e-11d3-abec-005004a44eeb}
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{28f00b21-dc4e-11d3-abec-005004a44eeb}
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.configurator
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.configurator.1
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.transportcenter
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.transportcenter.1
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.userregrequest
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.userregrequest.1
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\HIWIRE
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{69135BDE-5FDC-4B61-98AA-82AD2091BCCC}
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{E2BF1BF3-1FDB-4C93-8874-0B09E71C594C}
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{F3155057-4C2C-4078-8576-50486693FD49}
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.BottomFrame
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.BottomFrame.1
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.imiTool
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.imiTool.1
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.LeftFrame
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.LeftFrame.1
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.PopupBrowser
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.PopupBrowser.1
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{556DDE35-E955-11D0-A707-000000521958}
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69135BDE-5FDC-4B61-98AA-82AD2091BCCC}
MainPean Dialer Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\MainPean Highspeed
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{00a6faf4-072e-44cf-8957-5838f569a31d}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{147A976E-EEE1-4377-8EA7-4716E4CDD239}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{00A6FAF3-072E-44CF-8957-5838F569A31D}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearchsearchassistant.auxiliary
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearchsearchassistant.auxiliary.1
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearchSearchAssistant
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\MyWebSearch\SearchAssistant
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{00a6faf0-072e-44cf-8957-5838f569a31d}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{07b18ea0-a523-4961-b6bb-170de4475cca}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
NetworkEssentials Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\DownloadWare
NetworkEssentials Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Hopper
NetworkEssentials Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\WebInstall
SaveNow Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\WhenU
SaveNow Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : WUSN.1
SpywareNuker Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{15589FA1-C456-11CE-BF01-00AA0055595A}
SpywareNuker Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\SOFTUP2009
SpywareNuker Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\SOFTUP2009\camps
SpywareNuker Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\VB and VBA Program Settings\SPYWARE NUKER
Trojan Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SYSTEM\CurrentControlSet\Services\PSEXESVC
WurldMedia Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\rdxr
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{319A68DB-06D0-46DA-9F93-A810D5A70836}
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{EC34A4B3-809A-4A71-88D4-55B5183D6041}
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZipClix
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : SOFTWARE\Zipclix
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Typelib\{BBCD25C8-A31E-4DFB-B204-B54BBA477B23}
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : ZipclixObj.ZipclixObj
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : ZipclixObj.ZipclixObj.1
DownloadWare Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\run
Value : MediaLoads Installer
MemoryMeter Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : htmlfile\CLSID
Value : GUID
MemoryMeter Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : htmlfile\CLSID
Value : Data
MemoryMeter Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : htmlfile\CLSID
Value : Config
MemoryMeter Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value : MemoryMeter
Other Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value : Win Server Updt
ZipclixToolbar Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Internet Explorer\Toolbar
Value : {319A68DB-06D0-46DA-9F93-A810D5A70836}
Windows Object recognized!
Type : RegData
Data :
Rootkey : HKEY_USERS
Object : .DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings
Value : Client ID
Data :
Windows Object recognized!
Type : RegData
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\MediaPlayer\Player\Settings
Value : Client ID
Data :
Registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 96
Objects found so far: 96
Started deep registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchURLsearch.ieplugin.com
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://search.ieplug...com/q.cgi?q=%s"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\SearchURL
Value :
Data : "
http://search.ieplug...com/q.cgi?q=%s"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Barsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalo...com/search.htm"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "
http://www.searchalo...com/search.htm"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainDefault_Search_URLsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalo...com/search.htm"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Default_Search_URL
Data : "
http://www.searchalo...com/search.htm"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainDefault_Page_URLsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalot.com"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Default_Page_URL
Data : "
http://www.searchalot.com"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainLocal Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalot.com"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Local Page
Data : "
http://www.searchalot.com"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchSearchAssistantsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalo...com/search.htm"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Search
Value : SearchAssistant
Data : "
http://www.searchalo...com/search.htm"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchCustomizeSearchsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalo...com/search.htm"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Search
Value : CustomizeSearch
Data : "
http://www.searchalo...com/search.htm"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalot.com"
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "
http://www.searchalot.com"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Barsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalo...com/search.htm"
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "
http://www.searchalo...com/search.htm"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainLocal Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalot.com"
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Local Page
Data : "
http://www.searchalot.com"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainSearch Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Search Page
Data : "
http://www.searchalo...com/search.htm"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainStart Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalot.com"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "
http://www.searchalot.com"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainSearch Barsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "
http://www.searchalo...com/search.htm"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainDefault_Search_URLsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Default_Search_URL
Data : "
http://www.searchalo...com/search.htm"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainDefault_Page_URLsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalot.com"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Default_Page_URL
Data : "
http://www.searchalot.com"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainLocal Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalot.com"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Local Page
Data : "
http://www.searchalot.com"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\SearchSearchAssistantsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Search
Value : SearchAssistant
Data : "
http://www.searchalo...com/search.htm"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\SearchCustomizeSearchsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Search
Value : CustomizeSearch
Data : "
http://www.searchalo...com/search.htm"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet ExplorerSearchURLsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "
http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer
Value : SearchURL
Data : "
http://www.searchalo...com/search.htm"
Win32.Holar.G Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{3DF2AE35-26A8-11D4-BDD2-00104BFEC09F}
Win32.Holar.G Object recognized!
Type : File
Data : smtp.ocx
Object : c:\winnt\system32\
FileSize : 25 KB
FileVersion : 4.00.0019
ProductVersion : 4.00.0019
Copyright : Copyright © 1997 - 2002 OstroSoft
CompanyName : OstroSoft
FileDescription : SMTP Control for Visual Basic
InternalName : SMTP
OriginalFilename : SMTP.ocx
ProductName : SMTP Control
Created on : 11/1/2003 7:49:46 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 11/12/2003 5:35:22 AM
Win32.Holar.G Object recognized!
Type : RegKey
Data : c:\winnt\system32\smtp.ocx
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{3DF2AE33-26A8-11D4-BDD2-00104BFEC09F}
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.PopupWindow
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.PopupWindow.1
Win32.Holar.G Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : SMTPControl.SMTP
Possible browser hijack attempt : {15589FA1-C456-11CE-BF01-00AA0055595A} (
http://www.spywarenu...erinstaller.exe)
MemoryMeter Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : MSMGT
MemoryMeter Object recognized!
Type : File
Data : msmgt.exe
Object : c:\winnt\
FileSize : 32 KB
Created on : 8/7/2003 8:45:06 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 8/7/2003 8:45:08 PM
Win32.Holar.G Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : Explore
Win32.Holar.G Object recognized!
Type : File
Data : explore.exe
Object : c:\winnt\system32\
FileSize : 20 KB
FileVersion : 1.00.0020
ProductVersion : 1.00.0020
CompanyName : *
InternalName : Explorer
OriginalFilename : Explorer.exe
ProductName : Explorer
Created on : 11/1/2003 7:49:46 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 11/1/2003 7:49:48 PM
Deep registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 26
Objects found so far: 125
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Tracking Cookie Object recognized!
Type : File
Data : administrator@ehg.hitbox[1].txt
Object : C:\Documents and Settings\Administrator\Cookies\
FileSize : 1 KB
Created on : 10/15/2001 4:22:08 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/15/2001 4:22:34 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@excite[2].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/10/2001 11:03:59 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/24/2001 4:20:12 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@x10[1].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/26/2001 11:56:09 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/26/2001 11:56:10 PM
Tracking Cookie Object recognized!
Type : File
Data : administrator@ads.adsag[2].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/26/2001 1:50:14 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/26/2001 1:50:16 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@tmpad[2].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/19/2003 3:33:31 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/19/2003 3:33:32 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@doubleclick[1].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/11/2001 6:32:01 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/11/2001 6:32:46 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@accumail[1].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 4/27/2003 10:33:54 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 4/27/2003 10:34:00 PM
Tracking Cookie Object recognized!
Type : File
Data : administrator@www.qksrv[2].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/27/2001 12:00:51 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/27/2001 12:00:52 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@mediaplex[1].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/24/2001 4:18:45 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/24/2001 4:18:46 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@server.iad.livepers