Ad-Aware SE Build 1.06r1
Logfile Created on:Friday, September 02, 2005 3:58:31 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R64 31.08.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
BargainBuddy(TAC index:8):3 total references
DyFuCA(TAC index:3):2 total references
MRU List(TAC index:0):73 total references
Possible Browser Hijack attempt(TAC index:3):9 total references
Tracking Cookie(TAC index:3):80 total references
VX2(TAC index:10):57 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
9-2-2005 3:58:31 PM - Scan started. (Smart mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 588
ThreadCreationTime : 9-2-2005 9:31:42 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 652
ThreadCreationTime : 9-2-2005 9:31:44 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 676
ThreadCreationTime : 9-2-2005 9:31:45 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 720
ThreadCreationTime : 9-2-2005 9:31:45 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 732
ThreadCreationTime : 9-2-2005 9:31:45 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 900
ThreadCreationTime : 9-2-2005 9:31:46 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1016
ThreadCreationTime : 9-2-2005 9:31:46 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1164
ThreadCreationTime : 9-2-2005 9:31:47 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1212
ThreadCreationTime : 9-2-2005 9:31:47 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1412
ThreadCreationTime : 9-2-2005 9:31:48 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:11 [avgamsvr.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1584
ThreadCreationTime : 9-2-2005 9:31:57 PM
BasePriority : Normal
FileVersion : 7,1,0,321
ProductVersion : 7.1.0.321
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE
#:12 [avgupsvc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1656
ThreadCreationTime : 9-2-2005 9:31:57 PM
BasePriority : Normal
FileVersion : 7,1,0,321
ProductVersion : 7.1.0.321
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE
#:13 [ewidoctrl.exe]
FilePath : C:\Program Files\ewido\security suite\
ProcessID : 1680
ThreadCreationTime : 9-2-2005 9:31:57 PM
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : ewido control
CompanyName : ewido networks
FileDescription : ewido control
InternalName : ewido control
LegalCopyright : Copyright © 2004
OriginalFilename : ewidoctrl.exe
#:14 [mpfservice.exe]
FilePath : C:\PROGRA~1\McAfee.com\PERSON~1\
ProcessID : 1788
ThreadCreationTime : 9-2-2005 9:31:57 PM
BasePriority : Normal
FileVersion : 6.0.0.14
ProductVersion : 6.0.0.14
ProductName : McAfee Personal Firewall
CompanyName : McAfee Corporation
FileDescription : McAfee Personal Firewall Service
InternalName : MPFService
LegalCopyright : Copyright © 2000-2004 Networks Associates Technologies, Inc.
OriginalFilename : MpfService.exe
Comments : McAfee Personal Firewall Service
#:15 [wdfmgr.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1876
ThreadCreationTime : 9-2-2005 9:31:58 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:16 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1984
ThreadCreationTime : 9-2-2005 9:32:01 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:17 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1384
ThreadCreationTime : 9-2-2005 9:32:32 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:18 [mm_tray.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 300
ThreadCreationTime : 9-2-2005 9:32:45 PM
BasePriority : Normal
FileVersion : 9.00.5059
ProductVersion : 9.00.5059
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : mm_tray
InternalName : mm_tray
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : mm_tray.exe
#:19 [mcagent.exe]
FilePath : C:\PROGRA~1\mcafee.com\agent\
ProcessID : 432
ThreadCreationTime : 9-2-2005 9:32:45 PM
BasePriority : Normal
FileVersion : 5, 0, 0, 2
ProductVersion : 5, 0, 0, 0
ProductName : McAfee SecurityCenter
CompanyName : McAfee, Inc
FileDescription : McAfee SecurityCenter Agent
InternalName : mcagent
LegalCopyright : Copyright © 2004 Networks Associates Technology, Inc.
OriginalFilename : mcagent.exe
#:20 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 1396
ThreadCreationTime : 9-2-2005 9:32:46 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:21 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 528
ThreadCreationTime : 9-2-2005 9:32:46 PM
BasePriority : Normal
FileVersion : 0.1.0.3275
ProductVersion : 0.1.0.3275
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:22 [aim.exe]
FilePath : C:\Program Files\AIM\
ProcessID : 556
ThreadCreationTime : 9-2-2005 9:32:46 PM
BasePriority : Normal
FileVersion : 5.9.3702
ProductVersion : 5.9.3702
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE
#:23 [hpqtra08.exe]
FilePath : C:\Program Files\HP\Digital Imaging\bin\
ProcessID : 568
ThreadCreationTime : 9-2-2005 9:32:47 PM
BasePriority : Normal
FileVersion : 5.35.0.035
ProductVersion : 005.035.000.035
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP Digital Imaging Monitor (CUE)
InternalName : HPQTRA00
LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2001
OriginalFilename : HPQTRA00.EXE
Comments : HP Digital Imaging Monitor (CUE)
#:24 [mpbtn.exe]
FilePath : C:\Program Files\SBC Self Support Tool\bin\
ProcessID : 1132
ThreadCreationTime : 9-2-2005 9:32:55 PM
BasePriority : Normal
#:25 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 2976
ThreadCreationTime : 9-2-2005 9:33:50 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
#:26 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 2128
ThreadCreationTime : 9-2-2005 9:35:19 PM
BasePriority : Normal
#:27 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 2168
ThreadCreationTime : 9-2-2005 9:35:19 PM
BasePriority : High
#:28 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2352
ThreadCreationTime : 9-2-2005 9:35:24 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:29 [mm_tray.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 1080
ThreadCreationTime : 9-2-2005 9:35:27 PM
BasePriority : Normal
FileVersion : 9.00.5059
ProductVersion : 9.00.5059
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : mm_tray
InternalName : mm_tray
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : mm_tray.exe
#:30 [mcagent.exe]
FilePath : C:\PROGRA~1\mcafee.com\agent\
ProcessID : 1008
ThreadCreationTime : 9-2-2005 9:35:27 PM
BasePriority : Normal
FileVersion : 5, 0, 0, 2
ProductVersion : 5, 0, 0, 0
ProductName : McAfee SecurityCenter
CompanyName : McAfee, Inc
FileDescription : McAfee SecurityCenter Agent
InternalName : mcagent
LegalCopyright : Copyright © 2004 Networks Associates Technology, Inc.
OriginalFilename : mcagent.exe
#:31 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 2476
ThreadCreationTime : 9-2-2005 9:35:27 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:32 [aim.exe]
FilePath : C:\Program Files\AIM\
ProcessID : 2596
ThreadCreationTime : 9-2-2005 9:35:28 PM
BasePriority : Normal
FileVersion : 5.9.3702
ProductVersion : 5.9.3702
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE
#:33 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 2580
ThreadCreationTime : 9-2-2005 9:35:28 PM
BasePriority : Normal
FileVersion : 7.0.0777
ProductVersion : 7.0.0777
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe
#:34 [hpqtra08.exe]
FilePath : C:\Program Files\HP\Digital Imaging\bin\
ProcessID : 2648
ThreadCreationTime : 9-2-2005 9:35:29 PM
BasePriority : Normal
FileVersion : 5.35.0.035
ProductVersion : 005.035.000.035
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP Digital Imaging Monitor (CUE)
InternalName : HPQTRA00
LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2001
OriginalFilename : HPQTRA00.EXE
Comments : HP Digital Imaging Monitor (CUE)
#:35 [mpbtn.exe]
FilePath : C:\Program Files\SBC Self Support Tool\bin\
ProcessID : 2744
ThreadCreationTime : 9-2-2005 9:35:33 PM
BasePriority : Normal
#:36 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 2256
ThreadCreationTime : 9-2-2005 9:52:19 PM
BasePriority : Normal
#:37 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 1100
ThreadCreationTime : 9-2-2005 9:52:19 PM
BasePriority : High
#:38 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1892
ThreadCreationTime : 9-2-2005 9:52:24 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:39 [mm_tray.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 2524
ThreadCreationTime : 9-2-2005 9:52:26 PM
BasePriority : Normal
FileVersion : 9.00.5059
ProductVersion : 9.00.5059
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : mm_tray
InternalName : mm_tray
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : mm_tray.exe
#:40 [mcagent.exe]
FilePath : C:\PROGRA~1\mcafee.com\agent\
ProcessID : 2272
ThreadCreationTime : 9-2-2005 9:52:26 PM
BasePriority : Normal
FileVersion : 5, 0, 0, 2
ProductVersion : 5, 0, 0, 0
ProductName : McAfee SecurityCenter
CompanyName : McAfee, Inc
FileDescription : McAfee SecurityCenter Agent
InternalName : mcagent
LegalCopyright : Copyright © 2004 Networks Associates Technology, Inc.
OriginalFilename : mcagent.exe
#:41 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 2268
ThreadCreationTime : 9-2-2005 9:52:26 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:42 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 640
ThreadCreationTime : 9-2-2005 9:52:26 PM
BasePriority : Normal
FileVersion : 0.1.0.3275
ProductVersion : 0.1.0.3275
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:43 [aim.exe]
FilePath : C:\Program Files\AIM\
ProcessID : 2336
ThreadCreationTime : 9-2-2005 9:52:26 PM
BasePriority : Normal
FileVersion : 5.9.3702
ProductVersion : 5.9.3702
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE
#:44 [hpqtra08.exe]
FilePath : C:\Program Files\HP\Digital Imaging\bin\
ProcessID : 2340
ThreadCreationTime : 9-2-2005 9:52:27 PM
BasePriority : Normal
FileVersion : 5.35.0.035
ProductVersion : 005.035.000.035
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP Digital Imaging Monitor (CUE)
InternalName : HPQTRA00
LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2001
OriginalFilename : HPQTRA00.EXE
Comments : HP Digital Imaging Monitor (CUE)
#:45 [mpbtn.exe]
FilePath : C:\Program Files\SBC Self Support Tool\bin\
ProcessID : 2664
ThreadCreationTime : 9-2-2005 9:52:29 PM
BasePriority : Normal
#:46 [ymsgr_tray.exe]
FilePath : C:\Program Files\Yahoo!\Messenger\
ProcessID : 2504
ThreadCreationTime : 9-2-2005 9:52:37 PM
BasePriority : Normal
#:47 [hijackthis.exe]
FilePath : C:\Documents and Settings\bobbie\My Documents\
ProcessID : 2344
ThreadCreationTime : 9-2-2005 9:52:40 PM
BasePriority : Normal
FileVersion : 1.99.0001
ProductVersion : 1.99.0001
ProductName : HijackThis
CompanyName : Soeperman Enterprises Ltd.
FileDescription : HijackThis
InternalName : HijackThis
LegalCopyright : Freeware
OriginalFilename : HijackThis.exe
Comments : Version history is in Help section
#:48 [notepad.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3312
ThreadCreationTime : 9-2-2005 9:52:44 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Notepad
InternalName : Notepad
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : NOTEPAD.EXE
#:49 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 3320
ThreadCreationTime : 9-2-2005 9:52:51 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
#:50 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 2924
ThreadCreationTime : 9-2-2005 9:54:25 PM
BasePriority : Normal
#:51 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 460
ThreadCreationTime : 9-2-2005 9:54:25 PM
BasePriority : High
#:52 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2608
ThreadCreationTime : 9-2-2005 9:54:30 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:53 [mm_tray.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 3036
ThreadCreationTime : 9-2-2005 9:54:32 PM
BasePriority : Normal
FileVersion : 9.00.5059
ProductVersion : 9.00.5059
ProductName : Musicmatch Jukebox
CompanyName : Musicmatch, Inc.
FileDescription : mm_tray
InternalName : mm_tray
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : mm_tray.exe
#:54 [mcagent.exe]
FilePath : C:\PROGRA~1\mcafee.com\agent\
ProcessID : 2684
ThreadCreationTime : 9-2-2005 9:54:32 PM
BasePriority : Normal
FileVersion : 5, 0, 0, 2
ProductVersion : 5, 0, 0, 0
ProductName : McAfee SecurityCenter
CompanyName : McAfee, Inc
FileDescription : McAfee SecurityCenter Agent
InternalName : mcagent
LegalCopyright : Copyright © 2004 Networks Associates Technology, Inc.
OriginalFilename : mcagent.exe
#:55 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 2728
ThreadCreationTime : 9-2-2005 9:54:32 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:56 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 2748
ThreadCreationTime : 9-2-2005 9:54:33 PM
BasePriority : Normal
FileVersion : 0.1.0.3275
ProductVersion : 0.1.0.3275
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:57 [aim.exe]
FilePath : C:\Program Files\AIM\
ProcessID : 4040
ThreadCreationTime : 9-2-2005 9:54:33 PM
BasePriority : Normal
FileVersion : 5.9.3702
ProductVersion : 5.9.3702
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE
#:58 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 3088
ThreadCreationTime : 9-2-2005 9:54:33 PM
BasePriority : Normal
FileVersion : 7.0.0777
ProductVersion : 7.0.0777
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe
#:59 [hpqtra08.exe]
FilePath : C:\Program Files\HP\Digital Imaging\bin\
ProcessID : 3472
ThreadCreationTime : 9-2-2005 9:54:34 PM
BasePriority : Normal
FileVersion : 5.35.0.035
ProductVersion : 005.035.000.035
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP Digital Imaging Monitor (CUE)
InternalName : HPQTRA00
LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2001
OriginalFilename : HPQTRA00.EXE
Comments : HP Digital Imaging Monitor (CUE)
#:60 [rundll32.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1724
ThreadCreationTime : 9-2-2005 9:54:36 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE
#:61 [mpbtn.exe]
FilePath : C:\Program Files\SBC Self Support Tool\bin\
ProcessID : 2248
ThreadCreationTime : 9-2-2005 9:54:37 PM
BasePriority : Normal
#:62 [realplay.exe]
FilePath : C:\Program Files\Real\RealOne Player\
ProcessID : 3300
ThreadCreationTime : 9-2-2005 9:54:37 PM
BasePriority : Idle
FileVersion : 6.0.12.1069
ProductVersion : 6.0.12.1069
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealPlayer
InternalName : REALPLAY
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : REALPLAY.EXE
#:63 [ymsgr_tray.exe]
FilePath : C:\Program Files\Yahoo!\Messenger\
ProcessID : 3328
ThreadCreationTime : 9-2-2005 9:54:45 PM
BasePriority : Normal
#:64 [ewidoguard.exe]
FilePath : C:\Program Files\ewido\security suite\
ProcessID : 3852
ThreadCreationTime : 9-2-2005 9:54:58 PM
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : guard
CompanyName : ewido networks
FileDescription : guard
InternalName : guard
LegalCopyright : Copyright © 2004
OriginalFilename : guard.exe
#:65 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3940
ThreadCreationTime : 9-2-2005 9:57:36 PM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
DyFuCA Object Recognized!
Type : Regkey
Data :
TAC Rating : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\avenue media
VX2 Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUs3t5icky1S
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUs3t5icky2S
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUs3t5icky3S
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUs3t5icky4S
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUC1o3d5eOfSFinalAd
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUT3i5m7eOfSFinalAd
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUD3s5tSSEnd
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AU3N5a7tionSCode
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUP3D5om
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUT3h5rshSCheckSIn
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUT3h5rshSMots
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUM3o5deSSync
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUI3n5ProgSCab
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUI3n5ProgSEx
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUI3n5ProgSLstest
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUB3D5om
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUE3v5nt
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUT3h5rshSBath
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUT3h5rshSysSInf
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUL3n5Title
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUC3u5rrentSMode
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUC3n5tFyl
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUI3g5noreS
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUL3a5stSSChckin
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUS3t5atusOfSInst
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUI3d5OfSDist
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\software\aurora
Value : AUI3d5OfSInst
VX2 Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUB3D5om
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUs3t5icky1S
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUs3t5icky3S
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUs3t5icky4S
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUI3n5ProgSEx
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUE3v5nt
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUT3h5rshSBath
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUT3h5rshSysSInf
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUT3h5rshSCheckSIn
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUT3h5rshSMots
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUL3n5Title
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AU3N5a7tionSCode
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUD3s5tSSEnd
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUC3u5rrentSMode
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUC3n5tFyl
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUM3o5deSSync
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUC3n5trMsgSDisp
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUI3g5noreS
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUS3t5atusOfSInst
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUs3t5icky2S
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUL3a5stSSChckin
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUC1o3d5eOfSFinalAd
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUT3i5m7eOfSFinalAd
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUI3d5OfSInst
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUI3n5ProgSCab
VX2 Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\software\aurora
Value : AUI3n5ProgSLstest
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 56
Objects found so far: 56
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Possible Browser Hijack attempt : S-1-5-21-1715567821-1770027372-839522115-1004\Software\Microsoft\Internet Explorer\MainSearch Page.shopnav.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://websearch.shopnav.com/sidesearch.cgi?uid=11148210&id=1.20031"
TAC Rating : 3
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1004\Software\Microsoft\Internet Explorer\Main
Value : Search Page
Data : "http://websearch.shopnav.com/sidesearch.cgi?uid=11148210&id=1.20031"
Possible Browser Hijack attempt : S-1-5-21-1715567821-1770027372-839522115-1004\Software\Microsoft\Internet Explorer\MainSearch Bar.shopnav.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://websearch.shopnav.com/sidesearch.cgi?uid=11148210&id=1.20031"
TAC Rating : 3
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1004\Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "http://websearch.shopnav.com/sidesearch.cgi?uid=11148210&id=1.20031"
Possible Browser Hijack attempt : S-1-5-21-1715567821-1770027372-839522115-1004\Software\Microsoft\Internet Explorer\SearchURL.shopnav.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "websearch.shopnav.com/q.cgi?q="
TAC Rating : 3
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1004\Software\Microsoft\Internet Explorer\SearchURL
Value :
Data : "websearch.shopnav.com/q.cgi?q="
Possible Browser Hijack attempt : S-1-5-21-1715567821-1770027372-839522115-1005\Software\Microsoft\Internet Explorer\MainSearch Pagewebsearch.drsnsrch.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://websearch.drsnsrch.com/sidesearch.cgi?id="
TAC Rating : 3
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\Software\Microsoft\Internet Explorer\Main
Value : Search Page
Data : "http://websearch.drsnsrch.com/sidesearch.cgi?id="
Possible Browser Hijack attempt : S-1-5-21-1715567821-1770027372-839522115-1005\Software\Microsoft\Internet Explorer\MainSearch Barwebsearch.drsnsrch.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://websearch.drsnsrch.com/sidesearch.cgi?id="
TAC Rating : 3
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "http://websearch.drsnsrch.com/sidesearch.cgi?id="
Possible Browser Hijack attempt : S-1-5-21-1715567821-1770027372-839522115-1005\Software\Microsoft\Internet Explorer\SearchURLwebsearch.drsnsrch.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "websearch.drsnsrch.com/q.cgi?q="
TAC Rating : 3
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1005\Software\Microsoft\Internet Explorer\SearchURL
Value :
Data : "websearch.drsnsrch.com/q.cgi?q="
Possible Browser Hijack attempt : S-1-5-21-1715567821-1770027372-839522115-1006\Software\Microsoft\Internet Explorer\MainSearch Pagewebsearch.drsnsrch.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://websearch.drsnsrch.com/sidesearch.cgi?id="
TAC Rating : 3
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\Software\Microsoft\Internet Explorer\Main
Value : Search Page
Data : "http://websearch.drsnsrch.com/sidesearch.cgi?id="
Possible Browser Hijack attempt : S-1-5-21-1715567821-1770027372-839522115-1006\Software\Microsoft\Internet Explorer\MainSearch Barwebsearch.drsnsrch.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://websearch.drsnsrch.com/sidesearch.cgi?id="
TAC Rating : 3
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "http://websearch.drsnsrch.com/sidesearch.cgi?id="
Possible Browser Hijack attempt : S-1-5-21-1715567821-1770027372-839522115-1006\Software\Microsoft\Internet Explorer\SearchURLwebsearch.drsnsrch.com
Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "websearch.drsnsrch.com/q.cgi?q="
TAC Rating : 3
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-1715567821-1770027372-839522115-1006\Software\Microsoft\Internet Explorer\SearchURL
Value :
Data : "websearch.drsnsrch.com/q.cgi?q="
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 9
Objects found so far: 65
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sunny@realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:144
Value : Cookie:sunny@realmedia.com/
Expires : 12-31-2020 6:00:00 PM
LastSync : Hits:144
UseCount : 0
Hits : 144
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sunny@2o7[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\sunny\Cookies\sunny@2o7[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sunny@abcsearch[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\sunny\Cookies\sunny@abcsearch[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sunny@ad-logics[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\sunny\Cookies\sunny@ad-logics[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sunny@adrevolver[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\sunny\Cookies\sunny@adrevolver[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sunny@adrevolver[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\sunny\Cookies\sunny@adrevolver[3].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
sunny@ads.addynamix[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\sunny\Cookies\sunny@ads.addynamix[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
sunny@ads.pointroll[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\sunny\Cookies\sunny@ads.pointroll[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sunny@adserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\sunny\Cookies\sunny@adserver[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sunny@adserver[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\sunny\Cookies\sunny@adserver[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sunny@advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\sunny\Cookies\sunny@advertising[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sunny@apmebf[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\sunny\Cookies\sunny@apmebf[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sunny@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\sunny\Cookies\sunny@atdmt[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
sunny@banner.goldenpalace[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\sunny\Cookies\sunny@banner.goldenpalace[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
sunny@bannerfarm.ace.advertising[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\sunny\Cookies\sunny@bannerfarm.ace.advertising[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sunny@bfast[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\sunny\Cookies\sunny@bfast[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sunny@bluestreak[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\sunny\Cookies\sunny@bluestreak[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sunny@casalemedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Valu