I am having problems with Marsfind...Geocities hijacking my web page. I have been told that it is a trojan horse???
I run Windows 2000 Professional
I have tried to delete it from my browser and all files but then I reboot and it is all there again. Ad Ware 6.o does not seem to help...I also have Gaurd IE 3.4 along with MacCaffee Fire wall and a modem
I do not have the necessary program in program/accessories/system tools to do anything
The folowing is a log from Adware. Do you have any ideas as to how I can get rid of this problem.
Any info would be greatly appreciated
thanks
Abs
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Sunday, November 16, 2003 8:45:59 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R231 15.11.2003
______________________________________________________
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
11-16-2003 8:45:59 PM - Scan started. (Smart mode)
Listing running processes
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 11-16-2003 5:51:31 PM
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:35 PM
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:35 PM
BasePriority : Normal
FileSize : 87 KB
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 1/1/1980 8:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:4 [lsass.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:35 PM
BasePriority : Normal
FileSize : 32 KB
FileVersion : 5.00.2195.6695
ProductVersion : 5.00.2195.6695
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : LSA Executable and Server DLL (Export Version)
InternalName : lsasrv.dll and lsass.exe
OriginalFilename : lsasrv.dll and lsass.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 7/22/2002 11:54:58 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:5 [svchost.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:38 PM
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 1/1/1980 8:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/26/2000 1:00:00 PM
#:6 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:38 PM
BasePriority : Normal
FileSize : 44 KB
FileVersion : 5.00.2195.6659
ProductVersion : 5.00.2195.6659
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
OriginalFilename : spoolss.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 9/4/2001 11:39:09 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:7 [svchost.exe]
FilePath : C:\WINNT\System32\
ThreadCreationTime : 11-16-2003 5:51:49 PM
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 1/1/1980 8:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/26/2000 1:00:00 PM
#:8 [navapsvc.exe]
FilePath : C:\PROGRA~1\Navnt\
ThreadCreationTime : 11-16-2003 5:51:50 PM
BasePriority : Normal
FileSize : 88 KB
FileVersion : 7.07.00.23
ProductVersion : 7.07.00.23
Copyright : Copyright © 2000 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 10/22/2001 3:30:13 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/14/2001 2:00:00 PM
#:9 [npssvc.exe]
FilePath : C:\PROGRA~1\Navnt\
ThreadCreationTime : 11-16-2003 5:51:50 PM
BasePriority : Normal
FileSize : 36 KB
FileVersion : 5.3.0.180
ProductVersion : 5.3.0.180
Copyright : Copyright © Symantec Corporation 1991-1999
CompanyName : Symantec Corporation
FileDescription : Norton Program Scheduler Service
InternalName : NPSSVC
OriginalFilename : NPSSVC.EXE
ProductName : Norton AntiVirus Core Technology
Created on : 10/22/2001 3:30:13 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/14/2001 2:00:00 PM
#:10 [regsvc.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:51 PM
BasePriority : Normal
FileSize : 66 KB
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
OriginalFilename : REGSVC.EXE
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 7/30/2003 7:58:21 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:11 [mstask.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:51 PM
BasePriority : Normal
FileSize : 116 KB
FileVersion : 4.71.2195.6704
ProductVersion : 4.71.2195.6704
Copyright : Copyright © Microsoft Corp. 1997
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
OriginalFilename : mstask.exe
ProductName : Microsoft
Created on : 7/30/2003 7:57:55 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:12 [winmgmt.exe]
FilePath : C:\WINNT\System32\WBEM\
ThreadCreationTime : 11-16-2003 5:51:51 PM
BasePriority : Normal
FileSize : 192 KB
FileVersion : 1.50.1085.0100
ProductVersion : 1.50.1085.0100
Copyright : Copyright © Microsoft Corp. 1995-1999
CompanyName : Microsoft Corporation
FileDescription : Windows Management Instrumentation
InternalName : WINMGMT
ProductName : Windows Management Instrumentation
Created on : 7/30/2003 7:58:43 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:13 [svchost.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:51 PM
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 1/1/1980 8:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/26/2000 1:00:00 PM
#:14 [alertsvc.exe]
FilePath : C:\PROGRA~1\Navnt\
ThreadCreationTime : 11-16-2003 5:51:56 PM
BasePriority : Normal
FileSize : 80 KB
FileVersion : 7.07.00.23
ProductVersion : 7.07.00.23
Copyright : Copyright © 2000 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Alert Service
InternalName : ALERTSVC
OriginalFilename : ALERTSVC.EXE
ProductName : Norton AntiVirus
Created on : 10/22/2001 3:30:12 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/14/2001 2:00:00 PM
#:15 [explorer.exe]
FilePath : C:\WINNT\
ThreadCreationTime : 11-16-2003 5:52:00 PM
BasePriority : Normal
FileSize : 237 KB
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 7/30/2003 7:57:26 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:16 [directcd.exe]
FilePath : C:\PROGRA~1\Adaptec\DirectCD\
ThreadCreationTime : 11-16-2003 5:52:12 PM
BasePriority : Normal
FileSize : 1100 KB
FileVersion : 3.01e (184)
ProductVersion : 3.01e (184)
Copyright : Copyright © 1996-2000 Adaptec, Inc.
CompanyName : Adaptec
FileDescription : DirectCD Application
InternalName : DirectCD
OriginalFilename : DirectCD.EXE
ProductName : DirectCD
Created on : 9/4/2001 11:49:30 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 9/4/2001 11:49:36 PM
#:17 [mm_tray.exe]
FilePath : C:\Program Files\MusicMatch\MusicMatch Jukebox\
ThreadCreationTime : 11-16-2003 5:52:13 PM
BasePriority : Normal
FileSize : 112 KB
FileVersion : 8.00.0101
ProductVersion : 8.00.0101
Copyright : Copyright
CompanyName : MUSICMATCH, Inc.
FileDescription : mm_tray
InternalName : mm_tray
OriginalFilename : mm_tray.exe
ProductName : MUSICMATCH JUKEBOX
Created on : 9/19/2001 11:20:36 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/27/2003 1:04:18 AM
#:18 [cmgrdian.exe]
FilePath : C:\Program Files\McAfee\McAfee Shared Components\Guardian\
ThreadCreationTime : 11-16-2003 5:52:14 PM
BasePriority : Normal
FileSize : 133 KB
FileVersion : 3.00.1036.0
ProductVersion : 3.00.1036.0
Copyright : Copyright
CompanyName : Network Associates, Inc.
FileDescription : McAfee Guardian Agent
InternalName : CMGrdian
OriginalFilename : CMGrdian.exe
ProductName : McAfee Windows Guardian
Created on : 2/28/2001 11:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/28/2001 11:00:00 AM
#:19 [poproxy.exe]
FilePath : C:\Program Files\Navnt\
ThreadCreationTime : 11-16-2003 5:52:16 PM
BasePriority : Normal
FileSize : 76 KB
FileVersion : 7.07.00.23
ProductVersion : 7.07.00.23
Copyright : Copyright © 2000 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Utilities
InternalName : POPROXY
OriginalFilename : POPROXY.DLL
ProductName : Norton AntiVirus
Created on : 10/22/2001 3:30:13 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/14/2001 2:00:00 PM
#:20 [cpd.exe]
FilePath : C:\PROGRA~1\McAfee\MCAFEE~1\
ThreadCreationTime : 11-16-2003 5:52:17 PM
BasePriority : Normal
FileSize : 340 KB
FileVersion : 2.15.001.0
ProductVersion : 2.15.001.0
Copyright : Copyright © 2000 Network Associates Inc.
CompanyName : Network Associates Inc.
FileDescription : McAfee Firewall
InternalName : McAfee Firewall
OriginalFilename : McAfee Firewall
ProductName : McAfee Firewall
Created on : 3/12/2001 10:15:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 3/12/2001 10:15:00 AM
#:21 [approved.pif]
FilePath : C:\Documents and Settings\Administrator\Local Settings\Temp\IncrediMail\
ThreadCreationTime : 11-16-2003 5:52:24 PM
BasePriority : Normal
FileSize : 51 KB
Created on : 5/23/2003 6:52:23 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 5/23/2003 3:04:40 AM
#:22 [adobea.exe]
FilePath : C:\WINNT\System32\
ThreadCreationTime : 11-16-2003 5:52:24 PM
BasePriority : Normal
FileSize : 557 KB
OriginalFilename : mirc.exe
Created on : 8/9/2002 3:00:12 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 8/9/2002 3:00:12 PM
#:23 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ThreadCreationTime : 11-16-2003 5:52:24 PM
BasePriority : Normal
FileSize : 148 KB
FileVersion : 0.1.0.1622
ProductVersion : 0.1.0.1622
Copyright : Copyright
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
OriginalFilename : realsched.exe
ProductName : RealOne Player (32-bit)
Created on : 11/13/2003 5:18:01 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 11/13/2003 5:18:02 AM
#:24 [createcd.exe]
FilePath : C:\PROGRA~1\Adaptec\EASYCD~1\CreateCD\
ThreadCreationTime : 11-16-2003 5:52:26 PM
BasePriority : Normal
FileSize : 256 KB
FileVersion : 4.02d (292)
ProductVersion : 4.02d (292)
Copyright : Copyright © 1996-2000 Adaptec, Inc.
CompanyName : Adaptec
FileDescription : Adaptec Create CD
InternalName : createcd.exe
OriginalFilename : createcd.exe
ProductName : Easy CD Creator
Created on : 9/20/2001 2:17:51 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/30/2000 9:38:00 AM
#:25 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ThreadCreationTime : 11-16-2003 5:52:29 PM
BasePriority : Normal
FileSize : 4084 KB
FileVersion : 6.0.0602
ProductVersion : Version 6.0
Copyright : Copyright © Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr
OriginalFilename : msnmsgr.exe
ProductName : Messenger
Created on : 7/11/2003 10:57:42 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/11/2003 10:57:42 PM
#:26 [soap.exe]
FilePath : C:\PROGRA~1\SYSTEM~1\
ThreadCreationTime : 11-16-2003 5:52:30 PM
BasePriority : Normal
FileSize : 759 KB
FileVersion : 4.00.0035
ProductVersion : 4.00.0035
CompanyName : Internet Washer
InternalName : Soap
OriginalFilename : Soap.exe
ProductName : Internet Washer Pro
Created on : 11/10/2003 5:47:33 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/18/2003 2:03:00 AM
#:27 [navapw32.exe]
FilePath : C:\Program Files\Navnt\
ThreadCreationTime : 11-16-2003 5:52:31 PM
BasePriority : Idle
FileSize : 120 KB
FileVersion : 7.07.00.23
ProductVersion : 7.07.00.23
Copyright : Copyright © 2000 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect
InternalName : NAVAPW32
OriginalFilename : NAVAPW32.EXE
ProductName : Norton AntiVirus
Created on : 10/22/2001 3:30:13 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/14/2001 2:00:00 PM
#:28 [webshotstray.exe]
FilePath : C:\Program Files\Webshots\
ThreadCreationTime : 11-16-2003 5:52:34 PM
BasePriority : Normal
FileSize : 204 KB
FileVersion : 1.3.0.3826
ProductVersion : 1.3.0.3826
Copyright : Copyright © 1998
CompanyName : The Webshots Corporation
FileDescription : Webshots Desktop Tray Application
InternalName : WEBSHOTSTRAY
OriginalFilename : WEBSHOTSTRAY.EXE
ProductName : Webshots Tray Application
Created on : 4/28/2003 12:26:32 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/21/2002 11:55:56 PM
#:29 [imapp.exe]
FilePath : C:\PROGRA~1\INCRED~1\bin\
ThreadCreationTime : 11-16-2003 5:52:38 PM
BasePriority : Normal
FileSize : 124 KB
FileVersion : 2, 0, 0, 0
ProductVersion : 2, 0, 0, 0
Copyright : Copyright
CompanyName : IncrediMail, Ltd.
FileDescription : IncrediMail Application
InternalName : IncrediApp
OriginalFilename : IMAPP.EXE
ProductName : IncrediMail
Created on : 5/11/2003 8:31:42 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 5/11/2003 8:31:36 PM
#:30 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ThreadCreationTime : 11-16-2003 7:51:42 PM
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Microsoft
Created on : 8/29/2002 3:14:40 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 8/29/2002 3:14:40 PM
#:31 [svchost.exe]
FilePath : C:\WINNT\System32\
ThreadCreationTime : 11-16-2003 8:11:16 PM
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 1/1/1980 8:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/26/2000 1:00:00 PM
#:32 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ThreadCreationTime : 11-16-2003 9:31:40 PM
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Microsoft
Created on : 8/29/2002 3:14:40 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 8/29/2002 3:14:40 PM
#:33 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
ThreadCreationTime : 11-17-2003 3:31:06 AM
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 11/10/2003 6:32:57 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/13/2003 6:00:20 AM
Memory scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Started registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Alexa Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{3EEC42B5-FB94-40D3-A588-BB54B383A7CB}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{51958169-D5E3-11D1-AA42-0000E842E40A}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{67925165-C4B6-11D2-B9C6-0000E84F59A6}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{51958167-D5E3-11D1-AA42-0000E842E40A}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{51958168-D5E3-11D1-AA42-0000E842E40A}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{67925164-C4B6-11D2-B9C6-0000E84F59A6}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : s3d_auto_file
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Brilliant Digital Entertainment
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Brilliant Digital Entertainment
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bdeplayer
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{51958166-D5E3-11D1-AA42-0000E842E40A}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{82FC7881-AACC-11D2-B9C6-0000E842E40A}
Crontel Ltd Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\DiallerProgram
Cydoor Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : software\cydoor
Cydoor Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Cydoor
Cydoor Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : software\cydoor services
DownloadWare Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E}
DownloadWare Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\DownloadWare
DownloadWare Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E}
DownloadWare Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\uninstall\MediaLoads Installer
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : AppID\IeBHOs.DLL
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : AppID\{3B99F202-145A-4E5A-AC7B-88A36910BF5E}
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6}
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IeBHOs.Control
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IeBHOs.Control.1
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\e2g
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6}
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e2g Plugin
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{3B99F202-145A-4E5A-AC7B-88A36910BF5E}
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{28f00b04-dc4e-11d3-abec-005004a44eeb}
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{28f00b20-dc4e-11d3-abec-005004a44eeb}
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{28f00b21-dc4e-11d3-abec-005004a44eeb}
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.configurator
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.configurator.1
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.transportcenter
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.transportcenter.1
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.userregrequest
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.userregrequest.1
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\HIWIRE
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{69135BDE-5FDC-4B61-98AA-82AD2091BCCC}
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{E2BF1BF3-1FDB-4C93-8874-0B09E71C594C}
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{F3155057-4C2C-4078-8576-50486693FD49}
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.BottomFrame
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.BottomFrame.1
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.imiTool
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.imiTool.1
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.LeftFrame
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.LeftFrame.1
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.PopupBrowser
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.PopupBrowser.1
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{556DDE35-E955-11D0-A707-000000521958}
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69135BDE-5FDC-4B61-98AA-82AD2091BCCC}
MainPean Dialer Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\MainPean Highspeed
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{00a6faf4-072e-44cf-8957-5838f569a31d}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{147A976E-EEE1-4377-8EA7-4716E4CDD239}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{00A6FAF3-072E-44CF-8957-5838F569A31D}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearchsearchassistant.auxiliary
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearchsearchassistant.auxiliary.1
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearchSearchAssistant
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\MyWebSearch\SearchAssistant
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{00a6faf0-072e-44cf-8957-5838f569a31d}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{07b18ea0-a523-4961-b6bb-170de4475cca}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
NetworkEssentials Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\DownloadWare
NetworkEssentials Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Hopper
NetworkEssentials Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\WebInstall
SaveNow Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\WhenU
SaveNow Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : WUSN.1
SpywareNuker Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{15589FA1-C456-11CE-BF01-00AA0055595A}
SpywareNuker Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\SOFTUP2009
SpywareNuker Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\SOFTUP2009\camps
SpywareNuker Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\VB and VBA Program Settings\SPYWARE NUKER
Trojan Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SYSTEM\CurrentControlSet\Services\PSEXESVC
WurldMedia Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\rdxr
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{319A68DB-06D0-46DA-9F93-A810D5A70836}
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{EC34A4B3-809A-4A71-88D4-55B5183D6041}
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZipClix
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : SOFTWARE\Zipclix
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Typelib\{BBCD25C8-A31E-4DFB-B204-B54BBA477B23}
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : ZipclixObj.ZipclixObj
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : ZipclixObj.ZipclixObj.1
DownloadWare Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\run
Value : MediaLoads Installer
MemoryMeter Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : htmlfile\CLSID
Value : GUID
MemoryMeter Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : htmlfile\CLSID
Value : Data
MemoryMeter Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : htmlfile\CLSID
Value : Config
MemoryMeter Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value : MemoryMeter
Other Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value : Win Server Updt
ZipclixToolbar Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Internet Explorer\Toolbar
Value : {319A68DB-06D0-46DA-9F93-A810D5A70836}
Windows Object recognized!
Type : RegData
Data :
Rootkey : HKEY_USERS
Object : .DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings
Value : Client ID
Data :
Windows Object recognized!
Type : RegData
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\MediaPlayer\Player\Settings
Value : Client ID
Data :
Registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 96
Objects found so far: 96
Started deep registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchURLsearch.ieplugin.com
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://search.ieplug...com/q.cgi?q=%s"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\SearchURL
Value :
Data : "http://search.ieplug...com/q.cgi?q=%s"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Barsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainDefault_Search_URLsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Default_Search_URL
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainDefault_Page_URLsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalot.com"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Default_Page_URL
Data : "http://www.searchalot.com"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainLocal Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalot.com"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Local Page
Data : "http://www.searchalot.com"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchSearchAssistantsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Search
Value : SearchAssistant
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchCustomizeSearchsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Search
Value : CustomizeSearch
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalot.com"
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "http://www.searchalot.com"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Barsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainLocal Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalot.com"
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Local Page
Data : "http://www.searchalot.com"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainSearch Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Search Page
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainStart Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalot.com"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "http://www.searchalot.com"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainSearch Barsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainDefault_Search_URLsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Default_Search_URL
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainDefault_Page_URLsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalot.com"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Default_Page_URL
Data : "http://www.searchalot.com"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainLocal Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalot.com"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Local Page
Data : "http://www.searchalot.com"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\SearchSearchAssistantsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Search
Value : SearchAssistant
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\SearchCustomizeSearchsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Search
Value : CustomizeSearch
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet ExplorerSearchURLsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer
Value : SearchURL
Data : "http://www.searchalo...com/search.htm"
Win32.Holar.G Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{3DF2AE35-26A8-11D4-BDD2-00104BFEC09F}
Win32.Holar.G Object recognized!
Type : File
Data : smtp.ocx
Object : c:\winnt\system32\
FileSize : 25 KB
FileVersion : 4.00.0019
ProductVersion : 4.00.0019
Copyright : Copyright © 1997 - 2002 OstroSoft
CompanyName : OstroSoft
FileDescription : SMTP Control for Visual Basic
InternalName : SMTP
OriginalFilename : SMTP.ocx
ProductName : SMTP Control
Created on : 11/1/2003 7:49:46 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 11/12/2003 5:35:22 AM
Win32.Holar.G Object recognized!
Type : RegKey
Data : c:\winnt\system32\smtp.ocx
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{3DF2AE33-26A8-11D4-BDD2-00104BFEC09F}
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.PopupWindow
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.PopupWindow.1
Win32.Holar.G Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : SMTPControl.SMTP
Possible browser hijack attempt : {15589FA1-C456-11CE-BF01-00AA0055595A} (http://www.spywarenu...erinstaller.exe)
MemoryMeter Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : MSMGT
MemoryMeter Object recognized!
Type : File
Data : msmgt.exe
Object : c:\winnt\
FileSize : 32 KB
Created on : 8/7/2003 8:45:06 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 8/7/2003 8:45:08 PM
Win32.Holar.G Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : Explore
Win32.Holar.G Object recognized!
Type : File
Data : explore.exe
Object : c:\winnt\system32\
FileSize : 20 KB
FileVersion : 1.00.0020
ProductVersion : 1.00.0020
CompanyName : *
InternalName : Explorer
OriginalFilename : Explorer.exe
ProductName : Explorer
Created on : 11/1/2003 7:49:46 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 11/1/2003 7:49:48 PM
Deep registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 26
Objects found so far: 125
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Tracking Cookie Object recognized!
Type : File
Data : administrator@ehg.hitbox[1].txt
Object : C:\Documents and Settings\Administrator\Cookies\
FileSize : 1 KB
Created on : 10/15/2001 4:22:08 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/15/2001 4:22:34 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@excite[2].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/10/2001 11:03:59 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/24/2001 4:20:12 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@x10[1].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/26/2001 11:56:09 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/26/2001 11:56:10 PM
Tracking Cookie Object recognized!
Type : File
Data : administrator@ads.adsag[2].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/26/2001 1:50:14 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/26/2001 1:50:16 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@tmpad[2].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/19/2003 3:33:31 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/19/2003 3:33:32 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@doubleclick[1].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/11/2001 6:32:01 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/11/2001 6:32:46 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@accumail[1].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 4/27/2003 10:33:54 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 4/27/2003 10:34:00 PM
Tracking Cookie Object recognized!
Type : File
Data : administrator@www.qksrv[2].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/27/2001 12:00:51 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/27/2001 12:00:52 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@mediaplex[1].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/24/2001 4:18:45 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/24/2001 4:18:46 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@server.iad.livepers
WE'RE SURE THAT YOU'LL LOVE US!
Hey there! 
Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 93083 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.
Try What the Tech -- It's free!
Help Pls
Started by
Guest_Guest_*
, Nov 17 2003 08:14 PM
1 reply to this topic
#1
Guest_Guest_*
Guest_Guest_*
-
- Guests
Posted 17 November 2003 - 08:14 PM
I am having problems with Marsfind...Geocities hijacking my web page. I have been told that it is a trojan horse???
I run Windows 2000 Professional
I have tried to delete it from my browser and all files but then I reboot and it is all there again. Ad Ware 6.o does not seem to help...I also have Gaurd IE 3.4 along with MacCaffee Fire wall and a modem
I do not have the necessary program in program/accessories/system tools to do anything
The folowing is a log from Adware. Do you have any ideas as to how I can get rid of this problem.
Any info would be greatly appreciated
thanks
Abs
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Sunday, November 16, 2003 8:45:59 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R231 15.11.2003
______________________________________________________
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
11-16-2003 8:45:59 PM - Scan started. (Smart mode)
Listing running processes
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 11-16-2003 5:51:31 PM
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:35 PM
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:35 PM
BasePriority : Normal
FileSize : 87 KB
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 1/1/1980 8:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:4 [lsass.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:35 PM
BasePriority : Normal
FileSize : 32 KB
FileVersion : 5.00.2195.6695
ProductVersion : 5.00.2195.6695
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : LSA Executable and Server DLL (Export Version)
InternalName : lsasrv.dll and lsass.exe
OriginalFilename : lsasrv.dll and lsass.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 7/22/2002 11:54:58 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:5 [svchost.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:38 PM
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 1/1/1980 8:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/26/2000 1:00:00 PM
#:6 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:38 PM
BasePriority : Normal
FileSize : 44 KB
FileVersion : 5.00.2195.6659
ProductVersion : 5.00.2195.6659
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
OriginalFilename : spoolss.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 9/4/2001 11:39:09 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:7 [svchost.exe]
FilePath : C:\WINNT\System32\
ThreadCreationTime : 11-16-2003 5:51:49 PM
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 1/1/1980 8:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/26/2000 1:00:00 PM
#:8 [navapsvc.exe]
FilePath : C:\PROGRA~1\Navnt\
ThreadCreationTime : 11-16-2003 5:51:50 PM
BasePriority : Normal
FileSize : 88 KB
FileVersion : 7.07.00.23
ProductVersion : 7.07.00.23
Copyright : Copyright © 2000 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
OriginalFilename : NAVAPSVC.EXE
ProductName : Norton AntiVirus
Created on : 10/22/2001 3:30:13 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/14/2001 2:00:00 PM
#:9 [npssvc.exe]
FilePath : C:\PROGRA~1\Navnt\
ThreadCreationTime : 11-16-2003 5:51:50 PM
BasePriority : Normal
FileSize : 36 KB
FileVersion : 5.3.0.180
ProductVersion : 5.3.0.180
Copyright : Copyright © Symantec Corporation 1991-1999
CompanyName : Symantec Corporation
FileDescription : Norton Program Scheduler Service
InternalName : NPSSVC
OriginalFilename : NPSSVC.EXE
ProductName : Norton AntiVirus Core Technology
Created on : 10/22/2001 3:30:13 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/14/2001 2:00:00 PM
#:10 [regsvc.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:51 PM
BasePriority : Normal
FileSize : 66 KB
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
OriginalFilename : REGSVC.EXE
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 7/30/2003 7:58:21 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:11 [mstask.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:51 PM
BasePriority : Normal
FileSize : 116 KB
FileVersion : 4.71.2195.6704
ProductVersion : 4.71.2195.6704
Copyright : Copyright © Microsoft Corp. 1997
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
OriginalFilename : mstask.exe
ProductName : Microsoft
Created on : 7/30/2003 7:57:55 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:12 [winmgmt.exe]
FilePath : C:\WINNT\System32\WBEM\
ThreadCreationTime : 11-16-2003 5:51:51 PM
BasePriority : Normal
FileSize : 192 KB
FileVersion : 1.50.1085.0100
ProductVersion : 1.50.1085.0100
Copyright : Copyright © Microsoft Corp. 1995-1999
CompanyName : Microsoft Corporation
FileDescription : Windows Management Instrumentation
InternalName : WINMGMT
ProductName : Windows Management Instrumentation
Created on : 7/30/2003 7:58:43 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:13 [svchost.exe]
FilePath : C:\WINNT\system32\
ThreadCreationTime : 11-16-2003 5:51:51 PM
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 1/1/1980 8:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/26/2000 1:00:00 PM
#:14 [alertsvc.exe]
FilePath : C:\PROGRA~1\Navnt\
ThreadCreationTime : 11-16-2003 5:51:56 PM
BasePriority : Normal
FileSize : 80 KB
FileVersion : 7.07.00.23
ProductVersion : 7.07.00.23
Copyright : Copyright © 2000 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Alert Service
InternalName : ALERTSVC
OriginalFilename : ALERTSVC.EXE
ProductName : Norton AntiVirus
Created on : 10/22/2001 3:30:12 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/14/2001 2:00:00 PM
#:15 [explorer.exe]
FilePath : C:\WINNT\
ThreadCreationTime : 11-16-2003 5:52:00 PM
BasePriority : Normal
FileSize : 237 KB
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 7/30/2003 7:57:26 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/19/2003 8:05:04 PM
#:16 [directcd.exe]
FilePath : C:\PROGRA~1\Adaptec\DirectCD\
ThreadCreationTime : 11-16-2003 5:52:12 PM
BasePriority : Normal
FileSize : 1100 KB
FileVersion : 3.01e (184)
ProductVersion : 3.01e (184)
Copyright : Copyright © 1996-2000 Adaptec, Inc.
CompanyName : Adaptec
FileDescription : DirectCD Application
InternalName : DirectCD
OriginalFilename : DirectCD.EXE
ProductName : DirectCD
Created on : 9/4/2001 11:49:30 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 9/4/2001 11:49:36 PM
#:17 [mm_tray.exe]
FilePath : C:\Program Files\MusicMatch\MusicMatch Jukebox\
ThreadCreationTime : 11-16-2003 5:52:13 PM
BasePriority : Normal
FileSize : 112 KB
FileVersion : 8.00.0101
ProductVersion : 8.00.0101
Copyright : Copyright
CompanyName : MUSICMATCH, Inc.
FileDescription : mm_tray
InternalName : mm_tray
OriginalFilename : mm_tray.exe
ProductName : MUSICMATCH JUKEBOX
Created on : 9/19/2001 11:20:36 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/27/2003 1:04:18 AM
#:18 [cmgrdian.exe]
FilePath : C:\Program Files\McAfee\McAfee Shared Components\Guardian\
ThreadCreationTime : 11-16-2003 5:52:14 PM
BasePriority : Normal
FileSize : 133 KB
FileVersion : 3.00.1036.0
ProductVersion : 3.00.1036.0
Copyright : Copyright
CompanyName : Network Associates, Inc.
FileDescription : McAfee Guardian Agent
InternalName : CMGrdian
OriginalFilename : CMGrdian.exe
ProductName : McAfee Windows Guardian
Created on : 2/28/2001 11:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/28/2001 11:00:00 AM
#:19 [poproxy.exe]
FilePath : C:\Program Files\Navnt\
ThreadCreationTime : 11-16-2003 5:52:16 PM
BasePriority : Normal
FileSize : 76 KB
FileVersion : 7.07.00.23
ProductVersion : 7.07.00.23
Copyright : Copyright © 2000 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Utilities
InternalName : POPROXY
OriginalFilename : POPROXY.DLL
ProductName : Norton AntiVirus
Created on : 10/22/2001 3:30:13 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/14/2001 2:00:00 PM
#:20 [cpd.exe]
FilePath : C:\PROGRA~1\McAfee\MCAFEE~1\
ThreadCreationTime : 11-16-2003 5:52:17 PM
BasePriority : Normal
FileSize : 340 KB
FileVersion : 2.15.001.0
ProductVersion : 2.15.001.0
Copyright : Copyright © 2000 Network Associates Inc.
CompanyName : Network Associates Inc.
FileDescription : McAfee Firewall
InternalName : McAfee Firewall
OriginalFilename : McAfee Firewall
ProductName : McAfee Firewall
Created on : 3/12/2001 10:15:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 3/12/2001 10:15:00 AM
#:21 [approved.pif]
FilePath : C:\Documents and Settings\Administrator\Local Settings\Temp\IncrediMail\
ThreadCreationTime : 11-16-2003 5:52:24 PM
BasePriority : Normal
FileSize : 51 KB
Created on : 5/23/2003 6:52:23 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 5/23/2003 3:04:40 AM
#:22 [adobea.exe]
FilePath : C:\WINNT\System32\
ThreadCreationTime : 11-16-2003 5:52:24 PM
BasePriority : Normal
FileSize : 557 KB
OriginalFilename : mirc.exe
Created on : 8/9/2002 3:00:12 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 8/9/2002 3:00:12 PM
#:23 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ThreadCreationTime : 11-16-2003 5:52:24 PM
BasePriority : Normal
FileSize : 148 KB
FileVersion : 0.1.0.1622
ProductVersion : 0.1.0.1622
Copyright : Copyright
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
OriginalFilename : realsched.exe
ProductName : RealOne Player (32-bit)
Created on : 11/13/2003 5:18:01 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 11/13/2003 5:18:02 AM
#:24 [createcd.exe]
FilePath : C:\PROGRA~1\Adaptec\EASYCD~1\CreateCD\
ThreadCreationTime : 11-16-2003 5:52:26 PM
BasePriority : Normal
FileSize : 256 KB
FileVersion : 4.02d (292)
ProductVersion : 4.02d (292)
Copyright : Copyright © 1996-2000 Adaptec, Inc.
CompanyName : Adaptec
FileDescription : Adaptec Create CD
InternalName : createcd.exe
OriginalFilename : createcd.exe
ProductName : Easy CD Creator
Created on : 9/20/2001 2:17:51 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/30/2000 9:38:00 AM
#:25 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ThreadCreationTime : 11-16-2003 5:52:29 PM
BasePriority : Normal
FileSize : 4084 KB
FileVersion : 6.0.0602
ProductVersion : Version 6.0
Copyright : Copyright © Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr
OriginalFilename : msnmsgr.exe
ProductName : Messenger
Created on : 7/11/2003 10:57:42 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/11/2003 10:57:42 PM
#:26 [soap.exe]
FilePath : C:\PROGRA~1\SYSTEM~1\
ThreadCreationTime : 11-16-2003 5:52:30 PM
BasePriority : Normal
FileSize : 759 KB
FileVersion : 4.00.0035
ProductVersion : 4.00.0035
CompanyName : Internet Washer
InternalName : Soap
OriginalFilename : Soap.exe
ProductName : Internet Washer Pro
Created on : 11/10/2003 5:47:33 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/18/2003 2:03:00 AM
#:27 [navapw32.exe]
FilePath : C:\Program Files\Navnt\
ThreadCreationTime : 11-16-2003 5:52:31 PM
BasePriority : Idle
FileSize : 120 KB
FileVersion : 7.07.00.23
ProductVersion : 7.07.00.23
Copyright : Copyright © 2000 Symantec Corporation. All rights reserved.
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect
InternalName : NAVAPW32
OriginalFilename : NAVAPW32.EXE
ProductName : Norton AntiVirus
Created on : 10/22/2001 3:30:13 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 2/14/2001 2:00:00 PM
#:28 [webshotstray.exe]
FilePath : C:\Program Files\Webshots\
ThreadCreationTime : 11-16-2003 5:52:34 PM
BasePriority : Normal
FileSize : 204 KB
FileVersion : 1.3.0.3826
ProductVersion : 1.3.0.3826
Copyright : Copyright © 1998
CompanyName : The Webshots Corporation
FileDescription : Webshots Desktop Tray Application
InternalName : WEBSHOTSTRAY
OriginalFilename : WEBSHOTSTRAY.EXE
ProductName : Webshots Tray Application
Created on : 4/28/2003 12:26:32 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 6/21/2002 11:55:56 PM
#:29 [imapp.exe]
FilePath : C:\PROGRA~1\INCRED~1\bin\
ThreadCreationTime : 11-16-2003 5:52:38 PM
BasePriority : Normal
FileSize : 124 KB
FileVersion : 2, 0, 0, 0
ProductVersion : 2, 0, 0, 0
Copyright : Copyright
CompanyName : IncrediMail, Ltd.
FileDescription : IncrediMail Application
InternalName : IncrediApp
OriginalFilename : IMAPP.EXE
ProductName : IncrediMail
Created on : 5/11/2003 8:31:42 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 5/11/2003 8:31:36 PM
#:30 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ThreadCreationTime : 11-16-2003 7:51:42 PM
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Microsoft
Created on : 8/29/2002 3:14:40 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 8/29/2002 3:14:40 PM
#:31 [svchost.exe]
FilePath : C:\WINNT\System32\
ThreadCreationTime : 11-16-2003 8:11:16 PM
BasePriority : Normal
FileSize : 7 KB
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
Copyright : Copyright © Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft® Windows ® 2000 Operating System
Created on : 1/1/1980 8:00:00 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/26/2000 1:00:00 PM
#:32 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ThreadCreationTime : 11-16-2003 9:31:40 PM
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2800.1106
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Microsoft
Created on : 8/29/2002 3:14:40 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 8/29/2002 3:14:40 PM
#:33 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
ThreadCreationTime : 11-17-2003 3:31:06 AM
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 11/10/2003 6:32:57 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 7/13/2003 6:00:20 AM
Memory scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 0
Objects found so far: 0
Started registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Alexa Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{3EEC42B5-FB94-40D3-A588-BB54B383A7CB}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{51958169-D5E3-11D1-AA42-0000E842E40A}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{67925165-C4B6-11D2-B9C6-0000E84F59A6}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{51958167-D5E3-11D1-AA42-0000E842E40A}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{51958168-D5E3-11D1-AA42-0000E842E40A}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{67925164-C4B6-11D2-B9C6-0000E84F59A6}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : s3d_auto_file
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Brilliant Digital Entertainment
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Brilliant Digital Entertainment
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bdeplayer
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{51958166-D5E3-11D1-AA42-0000E842E40A}
BrilliantDigital Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{82FC7881-AACC-11D2-B9C6-0000E842E40A}
Crontel Ltd Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\DiallerProgram
Cydoor Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : software\cydoor
Cydoor Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Cydoor
Cydoor Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : software\cydoor services
DownloadWare Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E}
DownloadWare Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\DownloadWare
DownloadWare Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{85A702BA-EA8F-4B83-AA07-07A5186ACD7E}
DownloadWare Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\uninstall\MediaLoads Installer
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : AppID\IeBHOs.DLL
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : AppID\{3B99F202-145A-4E5A-AC7B-88A36910BF5E}
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6}
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IeBHOs.Control
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IeBHOs.Control.1
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\e2g
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3643ABC2-21BF-46B9-B230-F247DB0C6FD6}
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\e2g Plugin
e2give Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{3B99F202-145A-4E5A-AC7B-88A36910BF5E}
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{28f00b04-dc4e-11d3-abec-005004a44eeb}
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{28f00b20-dc4e-11d3-abec-005004a44eeb}
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{28f00b21-dc4e-11d3-abec-005004a44eeb}
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.configurator
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.configurator.1
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.transportcenter
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.transportcenter.1
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.userregrequest
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.userregrequest.1
Hi-Wire Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\HIWIRE
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{69135BDE-5FDC-4B61-98AA-82AD2091BCCC}
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{E2BF1BF3-1FDB-4C93-8874-0B09E71C594C}
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{F3155057-4C2C-4078-8576-50486693FD49}
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.BottomFrame
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.BottomFrame.1
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.imiTool
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.imiTool.1
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.LeftFrame
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.LeftFrame.1
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.PopupBrowser
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.PopupBrowser.1
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{556DDE35-E955-11D0-A707-000000521958}
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69135BDE-5FDC-4B61-98AA-82AD2091BCCC}
MainPean Dialer Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\MainPean Highspeed
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{00a6faf4-072e-44cf-8957-5838f569a31d}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{147A976E-EEE1-4377-8EA7-4716E4CDD239}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{00A6FAF3-072E-44CF-8957-5838F569A31D}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearchsearchassistant.auxiliary
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearchsearchassistant.auxiliary.1
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearchSearchAssistant
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\MyWebSearch\SearchAssistant
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{00a6faf0-072e-44cf-8957-5838f569a31d}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{07b18ea0-a523-4961-b6bb-170de4475cca}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
MyWebSearch Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
NetworkEssentials Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\DownloadWare
NetworkEssentials Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Hopper
NetworkEssentials Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\WebInstall
SaveNow Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\WhenU
SaveNow Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : WUSN.1
SpywareNuker Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{15589FA1-C456-11CE-BF01-00AA0055595A}
SpywareNuker Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\SOFTUP2009
SpywareNuker Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\SOFTUP2009\camps
SpywareNuker Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\VB and VBA Program Settings\SPYWARE NUKER
Trojan Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SYSTEM\CurrentControlSet\Services\PSEXESVC
WurldMedia Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\rdxr
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{319A68DB-06D0-46DA-9F93-A810D5A70836}
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{EC34A4B3-809A-4A71-88D4-55B5183D6041}
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZipClix
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : SOFTWARE\Zipclix
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Typelib\{BBCD25C8-A31E-4DFB-B204-B54BBA477B23}
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : ZipclixObj.ZipclixObj
ZipclixToolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : ZipclixObj.ZipclixObj.1
DownloadWare Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\run
Value : MediaLoads Installer
MemoryMeter Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : htmlfile\CLSID
Value : GUID
MemoryMeter Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : htmlfile\CLSID
Value : Data
MemoryMeter Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : htmlfile\CLSID
Value : Config
MemoryMeter Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value : MemoryMeter
Other Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value : Win Server Updt
ZipclixToolbar Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Internet Explorer\Toolbar
Value : {319A68DB-06D0-46DA-9F93-A810D5A70836}
Windows Object recognized!
Type : RegData
Data :
Rootkey : HKEY_USERS
Object : .DEFAULT\Software\Microsoft\MediaPlayer\Player\Settings
Value : Client ID
Data :
Windows Object recognized!
Type : RegData
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\MediaPlayer\Player\Settings
Value : Client ID
Data :
Registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 96
Objects found so far: 96
Started deep registry scan
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchURLsearch.ieplugin.com
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://search.ieplug...com/q.cgi?q=%s"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\SearchURL
Value :
Data : "http://search.ieplug...com/q.cgi?q=%s"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Barsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainDefault_Search_URLsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Default_Search_URL
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainDefault_Page_URLsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalot.com"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Default_Page_URL
Data : "http://www.searchalot.com"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainLocal Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalot.com"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Local Page
Data : "http://www.searchalot.com"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchSearchAssistantsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Search
Value : SearchAssistant
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchCustomizeSearchsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Search
Value : CustomizeSearch
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalot.com"
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "http://www.searchalot.com"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Barsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainLocal Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalot.com"
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Local Page
Data : "http://www.searchalot.com"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainSearch Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Search Page
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainStart Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalot.com"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "http://www.searchalot.com"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainSearch Barsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainDefault_Search_URLsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Default_Search_URL
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainDefault_Page_URLsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalot.com"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Default_Page_URL
Data : "http://www.searchalot.com"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainLocal Pagesearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalot.com"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Local Page
Data : "http://www.searchalot.com"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\SearchSearchAssistantsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Search
Value : SearchAssistant
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\SearchCustomizeSearchsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Search
Value : CustomizeSearch
Data : "http://www.searchalo...com/search.htm"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet ExplorerSearchURLsearchalot
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "http://www.searchalo...com/search.htm"
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer
Value : SearchURL
Data : "http://www.searchalo...com/search.htm"
Win32.Holar.G Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{3DF2AE35-26A8-11D4-BDD2-00104BFEC09F}
Win32.Holar.G Object recognized!
Type : File
Data : smtp.ocx
Object : c:\winnt\system32\
FileSize : 25 KB
FileVersion : 4.00.0019
ProductVersion : 4.00.0019
Copyright : Copyright © 1997 - 2002 OstroSoft
CompanyName : OstroSoft
FileDescription : SMTP Control for Visual Basic
InternalName : SMTP
OriginalFilename : SMTP.ocx
ProductName : SMTP Control
Created on : 11/1/2003 7:49:46 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 11/12/2003 5:35:22 AM
Win32.Holar.G Object recognized!
Type : RegKey
Data : c:\winnt\system32\smtp.ocx
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{3DF2AE33-26A8-11D4-BDD2-00104BFEC09F}
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.PopupWindow
ImIServer IEPlugin Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : IMIToolbar.PopupWindow.1
Win32.Holar.G Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : SMTPControl.SMTP
Possible browser hijack attempt : {15589FA1-C456-11CE-BF01-00AA0055595A} (http://www.spywarenu...erinstaller.exe)
MemoryMeter Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : MSMGT
MemoryMeter Object recognized!
Type : File
Data : msmgt.exe
Object : c:\winnt\
FileSize : 32 KB
Created on : 8/7/2003 8:45:06 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 8/7/2003 8:45:08 PM
Win32.Holar.G Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : Explore
Win32.Holar.G Object recognized!
Type : File
Data : explore.exe
Object : c:\winnt\system32\
FileSize : 20 KB
FileVersion : 1.00.0020
ProductVersion : 1.00.0020
CompanyName : *
InternalName : Explorer
OriginalFilename : Explorer.exe
ProductName : Explorer
Created on : 11/1/2003 7:49:46 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 11/1/2003 7:49:48 PM
Deep registry scan result :
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
New objects : 26
Objects found so far: 125
ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ
Tracking Cookie Object recognized!
Type : File
Data : administrator@ehg.hitbox[1].txt
Object : C:\Documents and Settings\Administrator\Cookies\
FileSize : 1 KB
Created on : 10/15/2001 4:22:08 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/15/2001 4:22:34 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@excite[2].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/10/2001 11:03:59 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/24/2001 4:20:12 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@x10[1].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/26/2001 11:56:09 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/26/2001 11:56:10 PM
Tracking Cookie Object recognized!
Type : File
Data : administrator@ads.adsag[2].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/26/2001 1:50:14 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/26/2001 1:50:16 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@tmpad[2].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/19/2003 3:33:31 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/19/2003 3:33:32 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@doubleclick[1].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/11/2001 6:32:01 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/11/2001 6:32:46 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@accumail[1].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 4/27/2003 10:33:54 PM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 4/27/2003 10:34:00 PM
Tracking Cookie Object recognized!
Type : File
Data : administrator@www.qksrv[2].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/27/2001 12:00:51 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/27/2001 12:00:52 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@mediaplex[1].txt
Object : C:\Documents and Settings\Administrator\Cookies\
Created on : 10/24/2001 4:18:45 AM
Last accessed : 11/16/2003 8:00:00 AM
Last modified : 10/24/2001 4:18:46 AM
Tracking Cookie Object recognized!
Type : File
Data : administrator@server.iad.livepers
Register to Remove
#2
Guest_Guest<SierraMiss>_*
Guest_Guest<SierraMiss>_*
-
- Guests
Posted 02 December 2003 - 11:08 PM
I had a trojan horse also and was destroying my files.. I came across A software call "Trojan Remover" I downloaded it and it worked.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
