edge0303 Posted June 15, 2005 Share Posted June 15, 2005 i dun know which 1 to delete :lol:,do i delete malware?tracking cookies? do i? or should i delete them all? i dun know wat to do :lol: Ad-Aware SE Build 1.06r1 Logfile Created on:Wednesday, June 15, 2005 3:12:24 PM Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R47 24.05.2005 ÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡Ãâû References detected during the scan: ÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡Ãâû 180Solutions(TAC index:6):2 total references Alexa(TAC index:5):10 total references BlazeFind(TAC index:5):3 total references Elitum.ElitebarBHO(TAC index:5):12 total references Possible Browser Hijack attempt(TAC index:3):3 total references Search Miracle(TAC index:5):2 total references Tracking Cookie(TAC index:3):127 total references WindUpdates(TAC index:8):6 total references VX2(TAC index:10):22 total references ÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡Ãâû Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 6-15-2005 3:12:24 PM - Scan started. (Full System Scan) Listing running processes ÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡Ãâû #:1 [smss[Caution: ExecutableFile]] FilePath : \SystemRoot\System32\ ProcessID : 484 ThreadCreationTime : 6-15-2005 6:55:52 AM BasePriority : Normal #:2 [csrss[Caution: ExecutableFile]] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 536 ThreadCreationTime : 6-15-2005 6:55:55 AM BasePriority : Normal #:3 [winlogon[Caution: ExecutableFile]] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 560 ThreadCreationTime : 6-15-2005 6:55:56 AM BasePriority : High #:4 [services[Caution: ExecutableFile]] FilePath : C:\WINDOWS\system32\ ProcessID : 604 ThreadCreationTime : 6-15-2005 6:55:57 AM BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : MicrosoftÃÆââ¬Å¡Ãâî WindowsÃÆââ¬Å¡Ãâî Operating System CompanyName : Microsoft Corporation FileDescription : Services and Controller app InternalName : services[Caution: ExecutableFile] LegalCopyright : ÃÆââ¬Å¡Ãâé Microsoft Corporation. All rights reserved. OriginalFilename : services[Caution: ExecutableFile] #:5 [lsass[Caution: ExecutableFile]] FilePath : C:\WINDOWS\system32\ ProcessID : 624 ThreadCreationTime : 6-15-2005 6:55:57 AM BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : MicrosoftÃÆââ¬Å¡Ãâî WindowsÃÆââ¬Å¡Ãâî Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass[Caution: ExecutableFile] LegalCopyright : ÃÆââ¬Å¡Ãâé Microsoft Corporation. All rights reserved. OriginalFilename : lsass[Caution: ExecutableFile] #:6 [ati2evxx[Caution: ExecutableFile]] FilePath : C:\WINDOWS\System32\ ProcessID : 792 ThreadCreationTime : 6-15-2005 6:55:57 AM BasePriority : Normal #:7 [svchost[Caution: ExecutableFile]] FilePath : C:\WINDOWS\system32\ ProcessID : 832 ThreadCreationTime : 6-15-2005 6:55:58 AM BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : MicrosoftÃÆââ¬Å¡Ãâî WindowsÃÆââ¬Å¡Ãâî Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost[Caution: ExecutableFile] LegalCopyright : ÃÆââ¬Å¡Ãâé Microsoft Corporation. All rights reserved. OriginalFilename : svchost[Caution: ExecutableFile] #:8 [svchost[Caution: ExecutableFile]] FilePath : C:\WINDOWS\System32\ ProcessID : 892 ThreadCreationTime : 6-15-2005 6:55:58 AM BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : MicrosoftÃÆââ¬Å¡Ãâî WindowsÃÆââ¬Å¡Ãâî Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost[Caution: ExecutableFile] LegalCopyright : ÃÆââ¬Å¡Ãâé Microsoft Corporation. All rights reserved. OriginalFilename : svchost[Caution: ExecutableFile] #:9 [svchost[Caution: ExecutableFile]] FilePath : C:\WINDOWS\System32\ ProcessID : 1012 ThreadCreationTime : 6-15-2005 6:55:58 AM BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : MicrosoftÃÆââ¬Å¡Ãâî WindowsÃÆââ¬Å¡Ãâî Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost[Caution: ExecutableFile] LegalCopyright : ÃÆââ¬Å¡Ãâé Microsoft Corporation. All rights reserved. OriginalFilename : svchost[Caution: ExecutableFile] #:10 [svchost[Caution: ExecutableFile]] FilePath : C:\WINDOWS\System32\ ProcessID : 1040 ThreadCreationTime : 6-15-2005 6:55:58 AM BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : MicrosoftÃÆââ¬Å¡Ãâî WindowsÃÆââ¬Å¡Ãâî Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost[Caution: ExecutableFile] LegalCopyright : ÃÆââ¬Å¡Ãâé Microsoft Corporation. All rights reserved. OriginalFilename : svchost[Caution: ExecutableFile] #:11 [spoolsv[Caution: ExecutableFile]] FilePath : C:\WINDOWS\system32\ ProcessID : 1216 ThreadCreationTime : 6-15-2005 6:55:59 AM BasePriority : Normal FileVersion : 5.1.2600.0 (XPClient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : MicrosoftÃÆââ¬Å¡Ãâî WindowsÃÆââ¬Å¡Ãâî Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv[Caution: ExecutableFile] LegalCopyright : ÃÆââ¬Å¡Ãâé Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv[Caution: ExecutableFile] #:12 [ati2evxx[Caution: ExecutableFile]] FilePath : C:\WINDOWS\system32\ ProcessID : 1696 ThreadCreationTime : 6-15-2005 6:56:02 AM BasePriority : Normal #:13 [explorer[Caution: ExecutableFile]] FilePath : C:\WINDOWS\ ProcessID : 1752 ThreadCreationTime : 6-15-2005 6:56:02 AM BasePriority : Normal FileVersion : 6.00.2800.1221 (xpsp2.030511-1403) ProductVersion : 6.00.2800.1221 ProductName : MicrosoftÃÆââ¬Å¡Ãâî WindowsÃÆââ¬Å¡Ãâî Operating System CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : ÃÆââ¬Å¡Ãâé Microsoft Corporation. All rights reserved. OriginalFilename : EXPLORER[Caution: ExecutableFile] #:14 [hpsysdrv[Caution: ExecutableFile]] FilePath : C:\windows\system\ ProcessID : 1860 ThreadCreationTime : 6-15-2005 6:56:03 AM BasePriority : Normal FileVersion : 1, 7, 0, 0 ProductVersion : 1, 7, 0, 0 ProductName : hpsysdrv CompanyName : Hewlett-Packard Company FileDescription : hpsysdrv InternalName : hpsysdrv LegalCopyright : Copyright ÃÆââ¬Å¡Ãâé 1998 OriginalFilename : hpsysdrv[Caution: ExecutableFile] #:15 [hpqcmon[Caution: ExecutableFile]] FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\ ProcessID : 1876 ThreadCreationTime : 6-15-2005 6:56:03 AM BasePriority : Normal FileVersion : 2.0.0.133 ProductVersion : 2.0.0.133 ProductName : HpqCmon Application FileDescription : HpqCmon MFC Application InternalName : HpqCmon LegalCopyright : Copyright © 2001 OriginalFilename : HpqCmon[Caution: ExecutableFile] #:16 [hphmon05[Caution: ExecutableFile]] FilePath : C:\WINDOWS\System32\ ProcessID : 1896 ThreadCreationTime : 6-15-2005 6:56:03 AM BasePriority : Normal FileVersion : 5,0,84 ProductVersion : 5,0,84 ProductName : HP Photosmart CompanyName : Hewlett-Packard FileDescription : HPHmon05 InternalName : HPHmon05 LegalCopyright : Copyright © 2003 OriginalFilename : HPHmon05[Caution: ExecutableFile] #:17 [wincinemamgr[Caution: ExecutableFile]] FilePath : C:\Program Files\InterVideo\Common\bin\ ProcessID : 1912 ThreadCreationTime : 6-15-2005 6:56:03 AM BasePriority : Normal FileVersion : 1.8.0 ProductVersion : 1, 8, 0, 0 ProductName : WinCinema Manager for InterVideo WinCinema products CompanyName : InterVideo Inc. FileDescription : WinCinema Manager InternalName : WinCinema Manager LegalCopyright : Copyright 1999-2003 InterVideo, Inc. All rights reserved. OriginalFilename : WinCinemaMgr[Caution: ExecutableFile] #:18 [schsvr[Caution: ExecutableFile]] FilePath : C:\Program Files\Common Files\InterVideo\SchSvr\ ProcessID : 1920 ThreadCreationTime : 6-15-2005 6:56:03 AM BasePriority : Normal FileVersion : 3.0.79.213 ProductVersion : 3.0.79.213 ProductName : InterVideo® WinDVR CompanyName : InterVideo Inc. FileDescription : InterVideo Schedule Server InternalName : SchSvr LegalCopyright : Copyright © 2000-2002 InterVideo Inc. OriginalFilename : SchSvr[Caution: ExecutableFile] #:19 [atiptaxx[Caution: ExecutableFile]] FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\ ProcessID : 1936 ThreadCreationTime : 6-15-2005 6:56:04 AM BasePriority : Normal FileVersion : 6.14.10.5120 ProductVersion : 6.14.10.5120 ProductName : ATI Desktop Component CompanyName : ATI Technologies, Inc. FileDescription : ATI Desktop Control Panel InternalName : Atiptaxx[Caution: ExecutableFile] LegalCopyright : Copyright © 1998-2004 ATI Technologies Inc. OriginalFilename : Atiptaxx[Caution: ExecutableFile] #:20 [shwicon2k[Caution: ExecutableFile]] FilePath : C:\Program Files\Multimedia Card Reader\ ProcessID : 1956 ThreadCreationTime : 6-15-2005 6:56:04 AM BasePriority : Idle FileVersion : 1, 0, 0, 6 ProductVersion : 1, 0, 0, 6 ProductName : Alcor Micro Sunkist CompanyName : Alcor Micro, Corp. FileDescription : Sunkist InternalName : Sunkist LegalCopyright : Copyright c 2002 - 2004 OriginalFilename : Sunkist[Caution: ExecutableFile] #:21 [lucoms~1[Caution: ExecutableFile]] FilePath : C:\PROGRA~1\Symantec\LIVEUP~1\ ProcessID : 2032 ThreadCreationTime : 6-15-2005 6:56:05 AM BasePriority : Normal FileVersion : 2.6.14.0 ProductVersion : 2.6.14.0 ProductName : LiveUpdate CompanyName : Symantec Corporation FileDescription : LiveUpdate Engine COM Module InternalName : LuComServer LegalCopyright : Copyright ÃÆââ¬Å¡Ãâé 1996-2004 Symantec Corporation OriginalFilename : LuComServer[Caution: ExecutableFile] #:22 [jusched[Caution: ExecutableFile]] FilePath : C:\Program Files\Java\j2re1.4.2_03\bin\ ProcessID : 228 ThreadCreationTime : 6-15-2005 6:56:07 AM BasePriority : Normal #:23 [kbd[Caution: ExecutableFile]] FilePath : C:\HP\KBD\ ProcessID : 236 ThreadCreationTime : 6-15-2005 6:56:07 AM BasePriority : High #:24 [realsched[Caution: ExecutableFile]] FilePath : C:\Program Files\Common Files\Real\Update_OB\ ProcessID : 244 ThreadCreationTime : 6-15-2005 6:56:07 AM BasePriority : Normal FileVersion : 0.1.0.3018 ProductVersion : 0.1.0.3018 ProductName : RealPlayer (32-bit) CompanyName : RealNetworks, Inc. FileDescription : RealNetworks Scheduler InternalName : schedapp LegalCopyright : Copyright ÃÆââ¬Å¡Ãâé RealNetworks, Inc. 1995-2004 LegalTrademarks : RealAudio is a trademark of RealNetworks, Inc. OriginalFilename : realsched[Caution: ExecutableFile] #:25 [qttask[Caution: ExecutableFile]] FilePath : C:\Program Files\QuickTime\ ProcessID : 256 ThreadCreationTime : 6-15-2005 6:56:07 AM BasePriority : Normal FileVersion : 6.4 ProductVersion : QuickTime 6.4 ProductName : QuickTime CompanyName : Apple Computer, Inc. InternalName : QuickTime Task LegalCopyright : ÃÆââ¬Å¡Ãâé Apple Computer, Inc. 2001-2003 OriginalFilename : QTTask[Caution: ExecutableFile] #:26 [hpwuschd2[Caution: ExecutableFile]] FilePath : C:\Program Files\HP\HP Software Update\ ProcessID : 252 ThreadCreationTime : 6-15-2005 6:56:07 AM BasePriority : Normal FileVersion : 3, 0, 38, 1 ProductVersion : 3, 0, 38, 1 ProductName : HP Software Update Application CompanyName : Hewlett-Packard Company FileDescription : hpwuSchd InternalName : hpwuSchd LegalCopyright : Copyright ÃÆââ¬Å¡Ãâé 2003 OriginalFilename : hpwuSchd[Caution: ExecutableFile] #:27 [alcxmntr[Caution: ExecutableFile]] FilePath : C:\WINDOWS\ ProcessID : 320 ThreadCreationTime : 6-15-2005 6:56:07 AM BasePriority : Normal FileVersion : 1.5 ProductVersion : 1.5 ProductName : Realtek Audio - Event Monitor CompanyName : Realtek Semiconductor Corp. FileDescription : Realtek Audio - Event Monitor InternalName : Alcxmntr LegalCopyright : Copyright © 2004 Realtek Semiconductor Corp. OriginalFilename : Alcxmntr[Caution: ExecutableFile] #:28 [msnappau[Caution: ExecutableFile]] FilePath : C:\Program Files\MSN Apps\Updater\01.02.3000.1001\zh-sg\ ProcessID : 348 ThreadCreationTime : 6-15-2005 6:56:08 AM BasePriority : Normal #:29 [mmtask[Caution: ExecutableFile]] FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\ ProcessID : 400 ThreadCreationTime : 6-15-2005 6:56:09 AM BasePriority : Normal FileVersion : 9.0.0.1 ProductVersion : 9.0.0.1 ProductName : Musicmatch Jukebox CompanyName : Musicmatch Inc. FileDescription : InternalName : mmtask[Caution: ExecutableFile] LegalCopyright : © Musicmatch Inc.. All rights reserved. OriginalFilename : mmtask[Caution: ExecutableFile] #:30 [ninfoie[Caution: ExecutableFile]] FilePath : C:\WINDOWS\System32\ ProcessID : 408 ThreadCreationTime : 6-15-2005 6:56:09 AM BasePriority : Normal #:31 [ctfmon[Caution: ExecutableFile]] FilePath : C:\WINDOWS\System32\ ProcessID : 476 ThreadCreationTime : 6-15-2005 6:56:09 AM BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : MicrosoftÃÆââ¬Å¡Ãâî WindowsÃÆââ¬Å¡Ãâî Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : ÃÆââ¬Å¡Ãâé Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON[Caution: ExecutableFile] #:32 [ccproxy[Caution: ExecutableFile]] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 532 ThreadCreationTime : 6-15-2005 6:56:10 AM BasePriority : Normal FileVersion : 2.1.6.3 ProductVersion : 2.1.6.3 ProductName : Common Client CompanyName : Symantec Corporation FileDescription : Common Client Network Proxy Service InternalName : ccProxy LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved. OriginalFilename : ccProxy[Caution: ExecutableFile] #:33 [pchbutton[Caution: ExecutableFile]] FilePath : C:\PROGRA~1\MYHPPA~1\Pavilion\XPHAPBF3EN\plugin\bin\ ProcessID : 516 ThreadCreationTime : 6-15-2005 6:56:10 AM BasePriority : Normal FileVersion : 4.5.2.3..pchclient.0 ProductVersion : 4.5.2.3..pchclient ProductName : Motive System CompanyName : Motive Communications, Inc. InternalName : PCHButton LegalCopyright : Copyright 1998, 1999, 2000 OriginalFilename : PCHButton #:34 [msmsgs[Caution: ExecutableFile]] FilePath : C:\Program Files\Messenger\ ProcessID : 696 ThreadCreationTime : 6-15-2005 6:56:10 AM BasePriority : Normal FileVersion : 4.7.2010 ProductVersion : Version 4.7 ProductName : Messenger CompanyName : Microsoft Corporation FileDescription : Messenger InternalName : msmsgs LegalCopyright : Copyright © Microsoft Corporation 1997-2003 LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries. OriginalFilename : msmsgs[Caution: ExecutableFile] #:35 [msnmsgr[Caution: ExecutableFile]] FilePath : C:\Program Files\MSN Messenger\ ProcessID : 628 ThreadCreationTime : 6-15-2005 6:56:10 AM BasePriority : Normal FileVersion : 7.0.0813 ProductVersion : 7.0.0813 ProductName : MSN Messenger CompanyName : Microsoft Corporation FileDescription : MSN Messenger InternalName : msnmsgr LegalCopyright : Copyright © Microsoft Corporation 1997-2005 LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries. OriginalFilename : msnmsgr[Caution: ExecutableFile] #:36 [ccsetmgr[Caution: ExecutableFile]] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1128 ThreadCreationTime : 6-15-2005 6:56:18 AM BasePriority : Normal FileVersion : 2.1.6.3 ProductVersion : 2.1.6.3 ProductName : Common Client CompanyName : Symantec Corporation FileDescription : Common Client Settings Manager Service InternalName : ccSetMgr LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved. OriginalFilename : ccSetMgr[Caution: ExecutableFile] #:37 [hpqtra08[Caution: ExecutableFile]] FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\ ProcessID : 1352 ThreadCreationTime : 6-15-2005 6:56:20 AM BasePriority : Normal FileVersion : 5.30.0.131 ProductVersion : 005.030.000.131 ProductName : hp digital imaging - hp all-in-one series CompanyName : Hewlett-Packard Co. FileDescription : HP Digital Imaging Monitor (CUE) InternalName : HPQTRA00 LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001 OriginalFilename : HPQTRA00[Caution: ExecutableFile] Comments : HP Digital Imaging Monitor (CUE) #:38 [backweb-137903[Caution: ExecutableFile]] FilePath : C:\Program Files\Updates from HP\137903\Program\ ProcessID : 1412 ThreadCreationTime : 6-15-2005 6:56:22 AM BasePriority : Normal #:39 [sndsrvc[Caution: ExecutableFile]] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1708 ThreadCreationTime : 6-15-2005 6:56:28 AM BasePriority : Normal FileVersion : 5.5.1.6 ProductVersion : 5.5 ProductName : Symantec Security Drivers CompanyName : Symantec Corporation FileDescription : Network Driver Service InternalName : SndSrvc LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation OriginalFilename : SndSrvc[Caution: ExecutableFile] #:40 [svchost[Caution: ExecutableFile]] FilePath : C:\WINDOWS\System32\ ProcessID : 1192 ThreadCreationTime : 6-15-2005 6:56:30 AM BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : MicrosoftÃÆââ¬Å¡Ãâî WindowsÃÆââ¬Å¡Ãâî Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost[Caution: ExecutableFile] LegalCopyright : ÃÆââ¬Å¡Ãâé Microsoft Corporation. All rights reserved. OriginalFilename : svchost[Caution: ExecutableFile] #:41 [symlcsvc[Caution: ExecutableFile]] FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\ ProcessID : 1112 ThreadCreationTime : 6-15-2005 6:56:30 AM BasePriority : Normal FileVersion : 1, 8, 48, 77 ProductVersion : 1, 8, 48, 77 ProductName : Symantec Core Component CompanyName : Symantec Corporation FileDescription : Symantec Core Component InternalName : symlcsvc LegalCopyright : Copyright © 2003 OriginalFilename : symlcsvc[Caution: ExecutableFile] #:42 [wdfmgr[Caution: ExecutableFile]] FilePath : C:\WINDOWS\System32\ ProcessID : 1928 ThreadCreationTime : 6-15-2005 6:56:33 AM BasePriority : Normal FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act) ProductVersion : 5.2.3790.1230 ProductName : MicrosoftÃÆââ¬Å¡Ãâî WindowsÃÆââ¬Å¡Ãâî Operating System CompanyName : Microsoft Corporation FileDescription : Windows User Mode Driver Manager InternalName : WdfMgr LegalCopyright : ÃÆââ¬Å¡Ãâé Microsoft Corporation. All rights reserved. OriginalFilename : WdfMgr[Caution: ExecutableFile] #:43 [iexplore[Caution: ExecutableFile]] FilePath : C:\Program Files\Internet Explorer\ ProcessID : 2176 ThreadCreationTime : 6-15-2005 7:00:51 AM BasePriority : Normal FileVersion : 6.00.2800.1106 (xpsp1.020828-1920) ProductVersion : 6.00.2800.1106 ProductName : MicrosoftÃÆââ¬Å¡Ãâî WindowsÃÆââ¬Å¡Ãâî Operating System CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : iexplore LegalCopyright : ÃÆââ¬Å¡Ãâé Microsoft Corporation. All rights reserved. OriginalFilename : IEXPLORE[Caution: ExecutableFile] #:44 [ad-aware[Caution: ExecutableFile]] FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\ ProcessID : 2076 ThreadCreationTime : 6-15-2005 7:09:58 AM BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware[Caution: ExecutableFile] LegalCopyright : Copyright ÃÆââ¬Å¡Ãâé Lavasoft AB Sweden OriginalFilename : Ad-Aware[Caution: ExecutableFile] Comments : All Rights Reserved Memory scan result: ÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡Ãâû New critical objects: 0 Objects found so far: 0 Started registry scan ÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡Ãâû Alexa Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : MenuStatusBar Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : Script Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : clsid Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : Icon Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : HotIcon Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} Value : ButtonText Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}" Rootkey : HKEY_USERS Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a} Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}" Rootkey : HKEY_USERS Object : S-1-5-18\software\microsoft\internet explorer\extensions\cmdmapping Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a} Alexa Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}" Rootkey : HKEY_USERS Object : S-1-5-21-3820012660-123409131-3890002072-1008\software\microsoft\internet explorer\extensions\cmdmapping Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a} Registry Scan result: ÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡Ãâû New critical objects: 10 Objects found so far: 10 Started deep registry scan ÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡Ãâû Possible Browser Hijack attempt : v3cab (http://searchmiracle.com/cab/v3cab.cab) Possible Browser Hijack attempt Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Vulnerability Comment : Possible Browser Hijack attempt : http://searchmiracle.com/cab/v3cab.cab Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\v3cab Possible Browser Hijack attempt Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Vulnerability Comment : Possible Browser Hijack attempt : http://searchmiracle.com/cab/v3cab.cab Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\v3cab Value : SystemComponent Possible Browser Hijack attempt Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Vulnerability Comment : Possible Browser Hijack attempt : http://searchmiracle.com/cab/v3cab.cab Rootkey : HKEY_LOCAL_MACHINE Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\v3cab Value : Installer Deep registry scan result: ÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡Ãâû New critical objects: 3 Objects found so far: 13 Started Tracking Cookie scan ÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡Ãâû Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:brock lesnar [email protected]/ Expires : 5-30-2005 11:54:54 AM LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:30 Value : Cookie:brock lesnar [email protected]/ Expires : 5-13-2024 2:07:28 AM LastSync : Hits:30 UseCount : 0 Hits : 30 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:10 Value : Cookie:brock lesnar [email protected]/ Expires : 1-21-2005 9:09:44 PM LastSync : Hits:10 UseCount : 0 Hits : 10 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:2 Value : Cookie:brock lesnar [email protected]/ Expires : 5-27-2005 8:38:38 AM LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@cgi-bin[5].txt TAC Rating : 3 Category : Data Miner Comment : Hits:213 Value : Cookie:brock lesnar [email protected]/cgi-bin Expires : 6-13-2015 12:13:58 AM LastSync : Hits:213 UseCount : 0 Hits : 213 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@tripod[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:14 Value : Cookie:brock lesnar [email protected]/ Expires : 12-7-2005 9:40:22 PM LastSync : Hits:14 UseCount : 0 Hits : 14 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:5 Value : Cookie:brock lesnar [email protected]/ Expires : 3-28-2005 10:05:08 AM LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@questionmarket[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:5 Value : Cookie:brock lesnar [email protected]/ Expires : 8-1-2006 6:45:32 AM LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:3 Value : Cookie:brock lesnar [email protected]/ Expires : 3-1-2007 8:00:00 AM LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:brock lesnar [email protected]/ Expires : 1-1-2007 7:00:00 AM LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@locators[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:6 Value : Cookie:brock lesnar [email protected]/ Expires : 1-18-2038 8:00:00 AM LastSync : Hits:6 UseCount : 0 Hits : 6 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@ad-logics[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:18 Value : Cookie:brock lesnar [email protected]/ Expires : 3-28-2014 8:48:52 PM LastSync : Hits:18 UseCount : 0 Hits : 18 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@revenue[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:58 Value : Cookie:brock lesnar [email protected]/ Expires : 6-10-2022 1:05:42 PM LastSync : Hits:58 UseCount : 0 Hits : 58 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@paycounter[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:45 Value : Cookie:brock lesnar [email protected]/ Expires : 12-31-2030 9:00:00 AM LastSync : Hits:45 UseCount : 0 Hits : 45 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@realmedia[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:10 Value : Cookie:brock lesnar [email protected]/ Expires : 1-1-2011 8:00:00 AM LastSync : Hits:10 UseCount : 0 Hits : 10 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@qksrv[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:6 Value : Cookie:brock lesnar [email protected]/ Expires : 5-17-2009 7:35:26 AM LastSync : Hits:6 UseCount : 0 Hits : 6 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@fortunecity[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:266 Value : Cookie:brock lesnar [email protected]/ Expires : 1-1-2011 8:00:00 AM LastSync : Hits:266 UseCount : 0 Hits : 266 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@tribalfusion[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:169 Value : Cookie:brock lesnar [email protected]/ Expires : 1-1-2038 8:00:00 AM LastSync : Hits:169 UseCount : 0 Hits : 169 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@domainsponsor[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:24 Value : Cookie:brock lesnar [email protected]/ Expires : 1-21-2005 9:09:46 PM LastSync : Hits:24 UseCount : 0 Hits : 24 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:brock lesnar [email protected]/ Expires : 7-27-2004 12:00:00 PM LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@statcounter[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:41 Value : Cookie:brock lesnar [email protected]/ Expires : 4-30-2010 10:22:18 PM LastSync : Hits:41 UseCount : 0 Hits : 41 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:145 Value : Cookie:brock lesnar [email protected]/ Expires : 1-11-2015 5:14:50 PM LastSync : Hits:145 UseCount : 0 Hits : 145 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@2o7[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:137 Value : Cookie:brock lesnar [email protected]/ Expires : 6-14-2010 12:15:34 AM LastSync : Hits:137 UseCount : 0 Hits : 137 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@zedo[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:15 Value : Cookie:brock lesnar [email protected]/ Expires : 12-11-2014 2:12:36 PM LastSync : Hits:15 UseCount : 0 Hits : 15 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:281 Value : Cookie:brock lesnar [email protected]/ Expires : 6-15-2006 12:38:20 PM LastSync : Hits:281 UseCount : 0 Hits : 281 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@tickle[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:174 Value : Cookie:brock lesnar [email protected]/ Expires : 6-9-2007 5:30:00 PM LastSync : Hits:174 UseCount : 0 Hits : 174 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@list[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:brock lesnar [email protected]/php/list/ Expires : 12-30-2004 4:23:02 PM LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:512 Value : Cookie:brock lesnar [email protected]/ Expires : 3-8-2006 7:31:16 PM LastSync : Hits:512 UseCount : 0 Hits : 512 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:3 Value : Cookie:brock lesnar [email protected]/ Expires : 12-30-2005 2:22:16 PM LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@atdmt[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:8 Value : Cookie:brock lesnar [email protected]/ Expires : 6-14-2010 8:00:00 AM LastSync : Hits:8 UseCount : 0 Hits : 8 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@maxserving[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:16 Value : Cookie:brock lesnar [email protected]/ Expires : 6-5-2015 11:07:16 AM LastSync : Hits:16 UseCount : 0 Hits : 16 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@real[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:373 Value : Cookie:brock lesnar [email protected]/ Expires : 3-6-2034 10:24:44 AM LastSync : Hits:373 UseCount : 0 Hits : 373 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@cgi-bin[8].txt TAC Rating : 3 Category : Data Miner Comment : Hits:9 Value : Cookie:brock lesnar [email protected]/cgi-bin Expires : 2-28-2015 8:00:00 AM LastSync : Hits:9 UseCount : 0 Hits : 9 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@hotlog[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:brock lesnar [email protected]/ Expires : 6-13-2005 10:13:36 PM LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:4 Value : Cookie:brock lesnar [email protected]/ Expires : 1-1-2010 8:00:00 AM LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@casalemedia[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:428 Value : Cookie:brock lesnar [email protected]/ Expires : 6-2-2006 7:40:44 AM LastSync : Hits:428 UseCount : 0 Hits : 428 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@bravenet[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:64 Value : Cookie:brock lesnar [email protected]/ Expires : 6-12-2015 12:15:14 PM LastSync : Hits:64 UseCount : 0 Hits : 64 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@peel[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:7 Value : Cookie:brock lesnar [email protected]/ Expires : 6-17-2004 7:39:26 AM LastSync : Hits:7 UseCount : 0 Hits : 7 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:3 Value : Cookie:brock lesnar [email protected]/ Expires : 3-28-2004 6:50:52 PM LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@overture[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:13 Value : Cookie:brock lesnar [email protected]/ Expires : 12-5-2014 4:22:10 PM LastSync : Hits:13 UseCount : 0 Hits : 13 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@tradedoubler[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:5 Value : Cookie:brock lesnar [email protected]/ Expires : 2-27-2005 9:24:12 AM LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@xxxcounter[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:10 Value : Cookie:brock lesnar [email protected]/ Expires : 1-21-2005 5:02:30 PM LastSync : Hits:10 UseCount : 0 Hits : 10 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:4 Value : Cookie:brock lesnar [email protected]/ Expires : 1-26-2005 1:38:52 AM LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:4 Value : Cookie:brock lesnar [email protected]/ Expires : 11-24-2005 7:12:40 AM LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:33 Value : Cookie:brock lesnar [email protected]/ Expires : 7-15-2005 3:00:58 PM LastSync : Hits:33 UseCount : 0 Hits : 33 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@advertising[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:21 Value : Cookie:brock lesnar [email protected]/ Expires : 6-14-2010 3:00:58 PM LastSync : Hits:21 UseCount : 0 Hits : 21 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@cgi-bin[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:brock lesnar [email protected]/cgi-bin/ Expires : 3-5-2006 4:06:34 PM LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@cgi-bin[7].txt TAC Rating : 3 Category : Data Miner Comment : Hits:3 Value : Cookie:brock lesnar [email protected]/cgi-bin Expires : 2-28-2015 8:00:00 AM LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@cgi-bin[3].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:brock lesnar [email protected]/cgi-bin/ Expires : 12-6-2005 1:58:22 PM LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@cgi-bin[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:brock lesnar [email protected]/cgi-bin Expires : 2-28-2015 8:00:00 AM LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@qsrch[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:brock lesnar [email protected]/ Expires : 7-15-2005 3:05:32 PM LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@bluestreak[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:brock lesnar [email protected]/ Expires : 5-2-2015 12:09:30 PM LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@cgi-bin[6].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:brock lesnar [email protected]/cgi-bin Expires : 2-28-2015 8:00:00 AM LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:brock lesnar [email protected]/ Expires : 11-18-2029 9:19:06 PM LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:brock lesnar [email protected]/ Expires : 7-10-2005 2:47:10 PM LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@okcounter[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:6 Value : Cookie:brock lesnar [email protected]/ Expires : 1-10-2005 6:30:48 PM LastSync : Hits:6 UseCount : 0 Hits : 6 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@trafficmp[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:11 Value : Cookie:brock lesnar [email protected]/ Expires : 12-7-2005 10:55:28 PM LastSync : Hits:11 UseCount : 0 Hits : 11 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@adrevolver[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:5 Value : Cookie:brock lesnar [email protected]/adrevolver/ Expires : 9-21-2007 1:49:58 PM LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:12 Value : Cookie:brock lesnar [email protected]/ Expires : 3-12-2015 8:00:00 AM LastSync : Hits:12 UseCount : 0 Hits : 12 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:3 Value : Cookie:brock lesnar [email protected]/ Expires : 4-24-2005 11:30:42 PM LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@live365[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:41 Value : Cookie:brock lesnar [email protected]/ Expires : 4-24-2010 1:56:10 PM LastSync : Hits:41 UseCount : 0 Hits : 41 Tracking Cookie Object Recognized! Type : IECache Entry Data : brock lesnar f-5@serving-sys[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:8 Value : Cookie:brock lesnar [email protected]/ Expires : 1-1-2038 4:00:00 PM LastSync : Hits:8 UseCount : 0 Hits : 8 Tracking cookie scan result: ÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡Ãâû New critical objects: 62 Objects found so far: 75 Deep scanning and examining files (C:) ÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡ÃâûÃÆââ¬Å¡Ãâû VX2 Object Recognized! Type : File Data : randreco[Caution: ExecutableFile] TAC Rating : 10 Category : Malware Comment : Object : C:\Documents and Settings\Brock Lesnar F-5\Local Settings\Temp\ FileVersion : 1, 0, 0, 12 ProductVersion : 1, 0, 0, 12 ProductName : Install Utility CompanyName : BetterInternet, Inc. FileDescription : http://www.abetterinternet.com - Utility for downloading files and upgrading software. InternalName : Install Utility LegalCopyright : BetterInternet, Inc. ÃÆââ¬Å¡Ãâé 2004 OriginalFilename : InstUtil[Caution: ExecutableFile] Comments : Utility for downloading files and upgrading software. Visit http://www.abetterinternet.com for more info. Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@247realmedia[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@247realmedia[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@2o7[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@2o7[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@abcsearch[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@abcsearch[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@ad-logics[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@ad-logics[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@adrevolver[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@adrevolver[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\[email protected][1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : [email protected][1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\[email protected][1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : [email protected][2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\[email protected][2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@advertising[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@advertising[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@atdmt[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@atdmt[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : owner@bfast[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Owner\Cookies\owner@bfast[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : o Link to comment Share on other sites More sharing options...
edge0303 Posted June 15, 2005 Author Share Posted June 15, 2005 i was bored,so i went to download HJT :lol: Logfile of HijackThis v1.99.1 Scan saved at 3:54:55 PM, on 6/15/2005 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss[Caution: ExecutableFile] C:\WINDOWS\system32\winlogon[Caution: ExecutableFile] C:\WINDOWS\system32\services[Caution: ExecutableFile] C:\WINDOWS\system32\lsass[Caution: ExecutableFile] C:\WINDOWS\System32\Ati2evxx[Caution: ExecutableFile] C:\WINDOWS\system32\svchost[Caution: ExecutableFile] C:\WINDOWS\System32\svchost[Caution: ExecutableFile] C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile] C:\WINDOWS\system32\Ati2evxx[Caution: ExecutableFile] C:\WINDOWS\Explorer[Caution: ExecutableFile] C:\windows\system\hpsysdrv[Caution: ExecutableFile] C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon[Caution: ExecutableFile] C:\WINDOWS\System32\hphmon05[Caution: ExecutableFile] C:\Program Files\InterVideo\Common\bin\WinCinemaMgr[Caution: ExecutableFile] C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr[Caution: ExecutableFile] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx[Caution: ExecutableFile] C:\Program Files\Multimedia Card Reader\shwicon2k[Caution: ExecutableFile] C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1[Caution: ExecutableFile] C:\Program Files\Java\j2re1.4.2_03\bin\jusched[Caution: ExecutableFile] C:\HP\KBD\KBD[Caution: ExecutableFile] C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile] C:\Program Files\QuickTime\qttask[Caution: ExecutableFile] C:\Program Files\HP\HP Software Update\HPWuSchd2[Caution: ExecutableFile] C:\WINDOWS\ALCXMNTR[Caution: ExecutableFile] C:\Program Files\MSN Apps\Updater\01.02.3000.1001\zh-sg\msnappau[Caution: ExecutableFile] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask[Caution: ExecutableFile] C:\WINDOWS\System32\ninfoie[Caution: ExecutableFile] C:\WINDOWS\System32\ctfmon[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\ccProxy[Caution: ExecutableFile] C:\PROGRA~1\MYHPPA~1\Pavilion\XPHAPBF3EN\plugin\bin\pchbutton[Caution: ExecutableFile] C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile] C:\Program Files\MSN Messenger\msnmsgr[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08[Caution: ExecutableFile] C:\Program Files\Updates from HP\137903\Program\BackWeb-137903[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile] C:\WINDOWS\System32\svchost[Caution: ExecutableFile] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile] C:\Program Files\Internet Explorer\iexplore[Caution: ExecutableFile] C:\hijackthis\HijackThis[Caution: ExecutableFile] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://pvslwapdafgnbpwk.us/U7xa8T3h08MP ... l_LdaT.php R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.runescape.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sg9.hpwis.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://sg9.hpwis.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG[Caution: ExecutableFile]" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst[Caution: ExecutableFile] /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP[Caution: ExecutableFile] /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP[Caution: ExecutableFile] /IMEName O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv[Caution: ExecutableFile] O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd[Caution: ExecutableFile] O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon[Caution: ExecutableFile] O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05[Caution: ExecutableFile] O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05[Caution: ExecutableFile] O4 - HKLM\..\Run: [WinCinemaMgr] "C:\Program Files\InterVideo\Common\bin\WinCinemaMgr[Caution: ExecutableFile]" O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr[Caution: ExecutableFile]" O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD[Caution: ExecutableFile] O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx[Caution: ExecutableFile] O4 - HKLM\..\Run: [sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k[Caution: ExecutableFile] O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp[Caution: ExecutableFile]" O4 - HKLM\..\Run: [ccRegVfy] "c:\Program Files\Common Files\Symantec Shared\ccRegVfy[Caution: ExecutableFile]" O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK[Caution: ExecutableFile] O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray[Caution: ExecutableFile]" /r O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched[Caution: ExecutableFile] O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD[Caution: ExecutableFile] O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched[Caution: ExecutableFile]" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2[Caution: ExecutableFile]" O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon[Caution: ExecutableFile] /Consumer O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR[Caution: ExecutableFile] O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\zh-sg\msnappau[Caution: ExecutableFile]" O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask[Caution: ExecutableFile]" O4 - HKLM\..\Run: [WINDOWS SYSTEM] ninfoie[Caution: ExecutableFile] O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\RunServices: [WINDOWS SYSTEM] ninfoie[Caution: ExecutableFile] O4 - HKCU\..\Run: [backupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify[Caution: ExecutableFile] O4 - HKCU\..\Run: [ctfmon[Caution: ExecutableFile]] C:\WINDOWS\System32\ctfmon[Caution: ExecutableFile] O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\MYHPPA~1\Pavilion\XPHAPBF3EN\plugin\bin\pchbutton[Caution: ExecutableFile] O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr[Caution: ExecutableFile]" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr[Caution: ExecutableFile]" /background O4 - HKCU\..\Run: [steam] C:\Valve\Steam\Steam[Caution: ExecutableFile] -silent O4 - Startup: PowerReg Scheduler V3[Caution: ExecutableFile] O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08[Caution: ExecutableFile] O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9[Caution: ExecutableFile] O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\137903\Program\BackWeb-137903[Caution: ExecutableFile] O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm185 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: PowerWord - {8DE0FCD4-5EB5-11D3-AD25-00002100131B} - C:\PROGRA~1\KINGSOFT\XDICT\ieplugin.DLL (file missing) O9 - Extra button: Joyo - {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} - C:\PROGRA~1\KINGSOFT\XDICT\ieplugin.DLL (file missing) O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS[Caution: ExecutableFile] O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS[Caution: ExecutableFile] O12 - Plugin for [extension not allowed]: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b31267.cab O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/ ... 0_0_44.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - ]http://a1540.g.akamai.net/7/1540/52/200 ... taller[Caution: ExecutableFile] O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://groups.msn.com/controls/PhotoUC/MsnPUpld.cab O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - ]http://a1540.g.akamai.net/7/1540/52/200 ... taller[Caution: ExecutableFile] O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004 ... scan53.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... Client.cab O16 - DPF: {A5DC33CE-214B-4C26-8596-8A45456C9EB8} - http://activex.microsoft.com/objects/ocget.dll O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/active ... mAData.cab O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://guard.gunbound.net/nProtect/keyCrypt/npkcx.cab O16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) - http://www.gamespot.com/KDX22/download/kdx.cab O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b31267.cab O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx[Caution: ExecutableFile] O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr[Caution: ExecutableFile] O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy[Caution: ExecutableFile] O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc[Caution: ExecutableFile] O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr[Caution: ExecutableFile] O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc[Caution: ExecutableFile] O23 - Service: npkcsvc - INCA Internet Co., Ltd. - C:\WINDOWS\System32\npkcsvc[Caution: ExecutableFile] O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT[Caution: ExecutableFile] O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ[Caution: ExecutableFile] O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc[Caution: ExecutableFile] O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc[Caution: ExecutableFile] O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC[Caution: ExecutableFile] Link to comment Share on other sites More sharing options...
Recommended Posts