Ad-Aware SE Build 1.06r1 Logfile Created on:Sunday, June 19, 2005 12:21:47 AM Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R50 13.06.2005 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» AdRotator(TAC index:6):3 total references AdShooter(TAC index:6):1 total references BargainBuddy(TAC index:8):7 total references ClearSearch(TAC index:7):9 total references DealHelper(TAC index:7):7 total references EzuLa(TAC index:6):2 total references IBIS Toolbar(TAC index:5):128 total references MediaMotor(TAC index:8):2 total references MRU List(TAC index:0):23 total references Possible Browser Hijack attempt(TAC index:3):62 total references PromulGate(TAC index:5):2 total references Prutect(TAC index:8):1 total references SahAgent(TAC index:9):1 total references Tracking Cookie(TAC index:3):4 total references Win32.TrojanDownloader.Agent.Ay(TAC index:7):2 total references Win32.TrojanDownloader.Small.aly(TAC index:8):78 total references Win32.TrojanDownloader.TSUpdate(TAC index:6):3 total references WindUpdates(TAC index:8):2 total references VX2(TAC index:10):12 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Definition File: ========================= Definitions File Loaded: Reference Number : SE1R47 24.05.2005 Internal build : 55 File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref File size : 476246 Bytes Total size : 1439523 Bytes Signature data size : 1408291 Bytes Reference data size : 30720 Bytes Signatures total : 40174 CSI Fingerprints total : 886 CSI data size : 30371 Bytes Target categories : 15 Target families : 679 6-19-2005 12:14:06 AM Performing WebUpdate... Installing Update... Definitions File Loaded: Reference Number : SE1R50 13.06.2005 Internal build : 58 File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref File size : 481146 Bytes Total size : 1456012 Bytes Signature data size : 1427935 Bytes Reference data size : 27565 Bytes Signatures total : 40456 CSI Fingerprints total : 904 CSI data size : 31134 Bytes Target categories : 15 Target families : 692 6-19-2005 12:14:18 AM Success Update successfully downloaded and installed. Memory + processor status: ========================== Number of processors : 1 Processor architecture : Intel Pentium III Memory available:27 % Total physical memory:129520 kb Available physical memory:33708 kb Total page file size:314284 kb Available on page file:159808 kb Total virtual memory:2097024 kb Available virtual memory:2043972 kb OS:Microsoft Windows XP Professional Service Pack 2 (Build 2600) Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Move deleted files to Recycle Bin Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan within archives Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Obtain command line of scanned processes Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Write-protect system files after repair (Hosts file, etc.) Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 6-19-2005 12:21:47 AM - Scan started. (Custom mode) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] ModuleName : \SystemRoot\System32\smss.exe Command Line : n/a ProcessID : 472 ThreadCreationTime : 6-19-2005 6:39:29 AM BasePriority : Normal #:2 [csrss.exe] ModuleName : \??\C:\WINDOWS\system32\csrss.exe Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh ProcessID : 528 ThreadCreationTime : 6-19-2005 6:39:30 AM BasePriority : Normal #:3 [winlogon.exe] ModuleName : \??\C:\WINDOWS\system32\winlogon.exe Command Line : winlogon.exe ProcessID : 552 ThreadCreationTime : 6-19-2005 6:39:31 AM BasePriority : High #:4 [services.exe] ModuleName : C:\WINDOWS\system32\services.exe Command Line : C:\WINDOWS\system32\services.exe ProcessID : 596 ThreadCreationTime : 6-19-2005 6:39:32 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Services and Controller app InternalName : services.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : services.exe #:5 [lsass.exe] ModuleName : C:\WINDOWS\system32\lsass.exe Command Line : C:\WINDOWS\system32\lsass.exe ProcessID : 608 ThreadCreationTime : 6-19-2005 6:39:32 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] ModuleName : C:\WINDOWS\system32\svchost.exe Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch ProcessID : 764 ThreadCreationTime : 6-19-2005 6:39:33 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] ModuleName : C:\WINDOWS\system32\svchost.exe Command Line : C:\WINDOWS\system32\svchost -k rpcss ProcessID : 820 ThreadCreationTime : 6-19-2005 6:39:34 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] ModuleName : C:\WINDOWS\System32\svchost.exe Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs ProcessID : 888 ThreadCreationTime : 6-19-2005 6:39:34 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] ModuleName : C:\WINDOWS\System32\svchost.exe Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService ProcessID : 940 ThreadCreationTime : 6-19-2005 6:39:34 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] ModuleName : C:\WINDOWS\System32\svchost.exe Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService ProcessID : 1024 ThreadCreationTime : 6-19-2005 6:39:35 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [spoolsv.exe] ModuleName : C:\WINDOWS\system32\spoolsv.exe Command Line : C:\WINDOWS\system32\spoolsv.exe ProcessID : 1176 ThreadCreationTime : 6-19-2005 6:39:36 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:12 [acsd.exe] ModuleName : C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe Command Line : C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe ProcessID : 1460 ThreadCreationTime : 6-19-2005 6:39:48 AM BasePriority : Normal #:13 [ewidoctrl.exe] ModuleName : C:\Program Files\ewido\security suite\ewidoctrl.exe Command Line : "C:\Program Files\ewido\security suite\ewidoctrl.exe" ProcessID : 1528 ThreadCreationTime : 6-19-2005 6:39:49 AM BasePriority : Normal FileVersion : 3, 0, 0, 1 ProductVersion : 3, 0, 0, 1 ProductName : ewido control CompanyName : ewido networks FileDescription : ewido control InternalName : ewido control LegalCopyright : Copyright © 2004 OriginalFilename : ewidoctrl.exe #:14 [ewidoguard.exe] ModuleName : C:\Program Files\ewido\security suite\ewidoguard.exe Command Line : n/a ProcessID : 1544 ThreadCreationTime : 6-19-2005 6:39:49 AM BasePriority : Normal FileVersion : 3, 0, 0, 1 ProductVersion : 3, 0, 0, 1 ProductName : guard CompanyName : ewido networks FileDescription : guard InternalName : guard LegalCopyright : Copyright © 2004 OriginalFilename : guard.exe #:15 [mpfservice.exe] ModuleName : C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe Command Line : C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe ProcessID : 1616 ThreadCreationTime : 6-19-2005 6:39:50 AM BasePriority : Normal FileVersion : 4.1.0.1 ProductVersion : 4.1.0.1 ProductName : McAfee Personal Firewall CompanyName : McAfee Corporation FileDescription : McAfee Personal Firewall Service InternalName : MPFService LegalCopyright : Copyright © 2000,2001 OriginalFilename : MpfService.exe Comments : McAfee Personal Firewall Service #:16 [wdfmgr.exe] ModuleName : C:\WINDOWS\system32\wdfmgr.exe Command Line : C:\WINDOWS\system32\wdfmgr.exe ProcessID : 1760 ThreadCreationTime : 6-19-2005 6:39:54 AM BasePriority : Normal FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act) ProductVersion : 5.2.3790.1230 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows User Mode Driver Manager InternalName : WdfMgr LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : WdfMgr.exe #:17 [wanmpsvc.exe] ModuleName : C:\WINDOWS\wanmpsvc.exe Command Line : "C:\WINDOWS\wanmpsvc.exe" ProcessID : 1824 ThreadCreationTime : 6-19-2005 6:39:55 AM BasePriority : Normal FileVersion : 9, 0, 0, 0 ProductVersion : 9, 0, 0, 0 ProductName : America Online CompanyName : America Online, Inc. FileDescription : Wan Miniport (ATW) Service InternalName : WanMPSvc LegalCopyright : Copyright © 2001 America Online, Inc. OriginalFilename : WanMPSvc.exe #:18 [mpfagent.exe] ModuleName : C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe Command Line : C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe -Embedding ProcessID : 2032 ThreadCreationTime : 6-19-2005 6:40:03 AM BasePriority : Normal FileVersion : 4.1.0.1 ProductVersion : 4.1.0.1 ProductName : McAfee Personal Firewall (MPF) CompanyName : McAfee Security FileDescription : McAfee Personal Firewall Agent Interface InternalName : MpfAgent LegalCopyright : Copyright © 2000-2003 Networks Associates Technologies, Inc. OriginalFilename : MPFAGENT.EXE Comments : McAfee Personal Firewall Security Center Module #:19 [alg.exe] ModuleName : C:\WINDOWS\System32\alg.exe Command Line : C:\WINDOWS\System32\alg.exe ProcessID : 380 ThreadCreationTime : 6-19-2005 6:40:09 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:20 [explorer.exe] ModuleName : C:\WINDOWS\Explorer.EXE Command Line : C:\WINDOWS\Explorer.EXE ProcessID : 444 ThreadCreationTime : 6-19-2005 6:40:15 AM BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : EXPLORER.EXE #:21 [realplay.exe] ModuleName : C:\Program Files\Real\RealPlayer\RealPlay.exe Command Line : "C:\Program Files\Real\RealPlayer\RealPlay.exe" SYSTEMBOOTHIDEPLAYER ProcessID : 972 ThreadCreationTime : 6-19-2005 6:40:27 AM BasePriority : Normal FileVersion : 6.0.9.584 ProductVersion : 6.0.9.584 ProductName : RealPlayer (32-bit) CompanyName : RealNetworks, Inc. FileDescription : RealPlayer InternalName : REALPLAY LegalCopyright : Copyright © RealNetworks, Inc. 1995-2000 LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc. OriginalFilename : REALPLAY.EXE #:22 [qttask.exe] ModuleName : C:\Program Files\QuickTime\qttask.exe Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime ProcessID : 988 ThreadCreationTime : 6-19-2005 6:40:28 AM BasePriority : Normal FileVersion : 6.5 ProductVersion : QuickTime 6.5 ProductName : QuickTime CompanyName : Apple Computer, Inc. InternalName : QuickTime Task LegalCopyright : © Apple Computer, Inc. 2001-2004 OriginalFilename : QTTask.exe #:23 [ltmsg.exe] ModuleName : C:\WINDOWS\LTMSG.exe Command Line : "C:\WINDOWS\LTMSG.exe" 7 ProcessID : 1040 ThreadCreationTime : 6-19-2005 6:40:31 AM BasePriority : Normal FileVersion : 3, 0, 0, 4 ProductVersion : 3, 0, 0, 4 ProductName : Agere Systems ltmsg CompanyName : Agere Systems FileDescription : ltmsg InternalName : ltmsg LegalCopyright : Copyright © 2003 OriginalFilename : ltmsg.exe Comments : Messaging application for Agere Win Modem #:24 [hpztsb07.exe] ModuleName : C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe Command Line : "C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe" ProcessID : 1112 ThreadCreationTime : 6-19-2005 6:40:34 AM BasePriority : Normal FileVersion : 2,140,0,0 ProductVersion : 2,140,0,0 ProductName : HP DeskJet CompanyName : HP LegalCopyright : Copyright (c) Hewlett-Packard Company 1999-2002 #:25 [aolsp scheduler.exe] ModuleName : C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe Command Line : "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe" ProcessID : 1140 ThreadCreationTime : 6-19-2005 6:40:37 AM BasePriority : Normal FileVersion : 1, 5, 0, 0 ProductVersion : 1, 5, 0, 0 ProductName : AOLSP Scheduler FileDescription : AOLSP Scheduler InternalName : AOLSP Scheduler LegalCopyright : Copyright (C) America Online, Inc. 2004 OriginalFilename : AOLSP Scheduler.exe #:26 [mcagent.exe] ModuleName : C:\PROGRA~1\mcafee.com\agent\mcagent.exe Command Line : "C:\PROGRA~1\mcafee.com\agent\mcagent.exe" ProcessID : 1244 ThreadCreationTime : 6-19-2005 6:40:40 AM BasePriority : Normal FileVersion : 4, 3, 0, 10 ProductVersion : 4, 3, 0, 0 ProductName : McAfee SecurityCenter CompanyName : Networks Associates Technology, Inc FileDescription : McAfee SecurityCenter Agent InternalName : mcagent LegalCopyright : Copyright © 1998-2002 Networks Associates Technology, Inc. OriginalFilename : mcagent.exe #:27 [mcvsescn.exe] ModuleName : c:\progra~1\mcafee.com\vso\mcvsescn.exe Command Line : "c:\progra~1\mcafee.com\vso\mcvsescn.exe" /disabled ProcessID : 1356 ThreadCreationTime : 6-19-2005 6:40:47 AM BasePriority : Normal FileVersion : 8, 0, 0, 30 ProductVersion : 8, 0, 0, 0 ProductName : McAfee VirusScan CompanyName : Networks Associates Technology, Inc FileDescription : McAfee VirusScan E-mail Scan Module InternalName : mcvsescn LegalCopyright : Copyright © 1998-2003 Networks Associates Technology, Inc OriginalFilename : mcvsescn.EXE Comments : McAfee VirusScan E-mail Scan Module #:28 [aoltray.exe] ModuleName : C:\Program Files\America Online 9.0\aoltray.exe Command Line : "C:\Program Files\America Online 9.0\aoltray.exe" -check ProcessID : 2240 ThreadCreationTime : 6-19-2005 6:41:19 AM BasePriority : Normal FileVersion : 9.00.000 ProductVersion : 9.00.000 ProductName : America Online CompanyName : America Online, Inc. FileDescription : AOL Tray Icon InternalName : AolTray LegalCopyright : Copyright (C) America Online, Inc. 1999 - 2003 #:29 [ad-aware.exe] ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" ProcessID : 1664 ThreadCreationTime : 6-19-2005 7:13:34 AM BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» AdRotator Object Recognized! Type : Regkey Data : TAC Rating : 6 Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{1cfb8b32-4053-4144-af6f-1540eec7f101} IBIS Toolbar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{2c4e6d22-b71f-491f-aad3-b6972a650d50} IBIS Toolbar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{c380566d-f343-42ab-987b-6b38a1a35747} WindUpdates Object Recognized! Type : Regkey Data : TAC Rating : 8 Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : mediaaccess.installer VX2 Object Recognized! Type : Regkey Data : TAC Rating : 10 Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : folder\shellex\columnhandlers\{6ec11407-5b2e-4e25-8bdf-77445b52ab37} DealHelper Object Recognized! Type : Regkey Data : TAC Rating : 7 Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\app management\arpcache\dealhelper DealHelper Object Recognized! Type : RegValue Data : TAC Rating : 7 Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\app management\arpcache\dealhelper Value : Changed Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 7 Objects found so far: 7 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 7 AdShooter Object Recognized! Type : RegValue Data : TAC Rating : 6 Category : Malware Comment : Rootkey : HKEY_USERS Object : S-1-5-21-1390067357-746137067-854245398-1003\software\microsoft\internet explorer\toolbar\Webbrowser Value : {c109664b-ceb1-420b-b353-d55a561536dd} MRU List Object Recognized! Location: : C:\Documents and Settings\user\Application Data\microsoft\office\recent Description : list of recently opened documents using microsoft office MRU List Object Recognized! Location: : C:\Documents and Settings\user\recent Description : list of recently opened documents MRU List Object Recognized! Location: : S-1-5-21-1390067357-746137067-854245398-1003\software\adobe\acrobat reader\6.0\avgeneral\crecentfiles Description : list of recently used files in adobe reader MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-1390067357-746137067-854245398-1003\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-1390067357-746137067-854245398-1003\software\microsoft\internet explorer\main Description : last save directory used in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-1390067357-746137067-854245398-1003\software\microsoft\internet explorer\typedurls Description : list of recently entered addresses in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-1390067357-746137067-854245398-1003\software\microsoft\mediaplayer\medialibraryui Description : last selected node in the microsoft windows media player media library MRU List Object Recognized! Location: : S-1-5-21-1390067357-746137067-854245398-1003\software\microsoft\mediaplayer\player\recentfilelist Description : list of recently used files in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1390067357-746137067-854245398-1003\software\microsoft\mediaplayer\preferences Description : last playlist index loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1390067357-746137067-854245398-1003\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1390067357-746137067-854245398-1003\software\microsoft\microsoft management console\recent file list Description : list of recent snap-ins used in the microsoft management console MRU List Object Recognized! Location: : S-1-5-21-1390067357-746137067-854245398-1003\software\microsoft\office\11.0\common\open find\microsoft office word\settings\save as\file name mru Description : list of recent documents saved by microsoft word MRU List Object Recognized! Location: : S-1-5-21-1390067357-746137067-854245398-1003\software\microsoft\office\11.0\publisher\recent file list Description : list of recent files used by microsoft publisher MRU List Object Recognized! Location: : S-1-5-21-1390067357-746137067-854245398-1003\software\microsoft\search assistant\acmru Description : list of recent search terms used with the search assistant MRU List Object Recognized! Location: : S-1-5-21-1390067357-746137067-854245398-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-1390067357-746137067-854245398-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-1390067357-746137067-854245398-1003\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-1390067357-746137067-854245398-1003\software\microsoft\windows media\wmsdk\general Description : windows media sdk Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : user@2o7[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:31 Value : Cookie:user@2o7.net/ Expires : 6-17-2010 9:17:46 PM LastSync : Hits:31 UseCount : 0 Hits : 31 Tracking Cookie Object Recognized! Type : IECache Entry Data : user@centrport[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:2 Value : Cookie:user@centrport.net/ Expires : 12-31-2029 5:00:00 PM LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : user@questionmarket[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:user@questionmarket.com/ Expires : 8-9-2006 1:00:54 PM LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : user@ads.pointroll[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:5 Value : Cookie:user@ads.pointroll.com/ Expires : 12-31-2009 5:00:00 PM LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 4 Objects found so far: 35 Deep scanning and examining files (C:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» IBIS Toolbar Object Recognized! Type : File Data : 11623954.asw TAC Rating : 5 Category : Data Miner Comment : Object : C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\ IBIS Toolbar Object Recognized! Type : File Data : 22400540.asw TAC Rating : 5 Category : Data Miner Comment : Object : C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\ IBIS Toolbar Object Recognized! Type : File Data : 65153583.asw TAC Rating : 5 Category : Data Miner Comment : Object : C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\ IBIS Toolbar Object Recognized! Type : File Data : A0045071.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP110\ IBIS Toolbar Object Recognized! Type : File Data : A0045095.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP110\ IBIS Toolbar Object Recognized! Type : File Data : A0045121.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP110\ IBIS Toolbar Object Recognized! Type : File Data : A0045176.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP111\ IBIS Toolbar Object Recognized! Type : File Data : A0045200.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP111\ IBIS Toolbar Object Recognized! Type : File Data : A0045256.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP112\ IBIS Toolbar Object Recognized! Type : File Data : A0045283.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP112\ IBIS Toolbar Object Recognized! Type : File Data : A0045314.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP112\ IBIS Toolbar Object Recognized! Type : File Data : A0045361.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP113\ IBIS Toolbar Object Recognized! Type : File Data : A0046356.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP113\ IBIS Toolbar Object Recognized! Type : File Data : A0046393.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP113\ IBIS Toolbar Object Recognized! Type : File Data : A0046419.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP113\ IBIS Toolbar Object Recognized! Type : File Data : A0046468.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP114\ IBIS Toolbar Object Recognized! Type : File Data : A0046493.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP114\ IBIS Toolbar Object Recognized! Type : File Data : A0046519.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP114\ IBIS Toolbar Object Recognized! Type : File Data : A0046543.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP114\ IBIS Toolbar Object Recognized! Type : File Data : A0047544.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP115\ IBIS Toolbar Object Recognized! Type : File Data : A0047569.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP115\ IBIS Toolbar Object Recognized! Type : File Data : A0047596.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP115\ IBIS Toolbar Object Recognized! Type : File Data : A0047633.cfg TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP116\ IBIS Toolbar Object Recognized! Type : File Data : A0047634.dll TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP116\ IBIS Toolbar Object Recognized! Type : File Data : A0047641.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP116\ IBIS Toolbar Object Recognized! Type : File Data : A0047669.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP116\ IBIS Toolbar Object Recognized! Type : File Data : A0047696.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP116\ IBIS Toolbar Object Recognized! Type : File Data : A0047751.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP117\ IBIS Toolbar Object Recognized! Type : File Data : A0047764.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP117\ IBIS Toolbar Object Recognized! Type : File Data : A0047807.cfg TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP118\ IBIS Toolbar Object Recognized! Type : File Data : A0047808.dll TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP118\ IBIS Toolbar Object Recognized! Type : File Data : A0047816.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP118\ BargainBuddy Object Recognized! Type : File Data : A0047862.srg TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP119\ FileVersion : 1, 0, 0, 8 ProductVersion : 1, 0, 0, 8 ProductName : Download Module CompanyName : eXact Advertising FileDescription : Download Module InternalName : Download Utility LegalCopyright : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved. OriginalFilename : exdl.exe IBIS Toolbar Object Recognized! Type : File Data : A0047865.cfg TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP119\ IBIS Toolbar Object Recognized! Type : File Data : A0047866.dll TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP119\ IBIS Toolbar Object Recognized! Type : File Data : A0047873.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP119\ IBIS Toolbar Object Recognized! Type : File Data : A0048870.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP119\ IBIS Toolbar Object Recognized! Type : File Data : A0048903.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP119\ IBIS Toolbar Object Recognized! Type : File Data : A0048927.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP119\ IBIS Toolbar Object Recognized! Type : File Data : A0048975.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP120\ IBIS Toolbar Object Recognized! Type : File Data : A0049000.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP120\ IBIS Toolbar Object Recognized! Type : File Data : A0049028.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP120\ IBIS Toolbar Object Recognized! Type : File Data : A0049056.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP120\ IBIS Toolbar Object Recognized! Type : File Data : A0049092.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP120\ IBIS Toolbar Object Recognized! Type : File Data : A0049121.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP120\ IBIS Toolbar Object Recognized! Type : File Data : A0049169.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP121\ BargainBuddy Object Recognized! Type : File Data : A0049199.vxd TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP121\ FileVersion : 1, 0, 0, 2 ProductVersion : 1, 0, 0, 2 ProductName : Upload Module CompanyName : eXact Advertising FileDescription : Upload Module InternalName : Upload Utility LegalCopyright : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved. OriginalFilename : exul.exe IBIS Toolbar Object Recognized! Type : File Data : A0049238.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP122\ IBIS Toolbar Object Recognized! Type : File Data : A0049263.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP122\ IBIS Toolbar Object Recognized! Type : File Data : A0049299.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP122\ IBIS Toolbar Object Recognized! Type : File Data : A0049326.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP122\ IBIS Toolbar Object Recognized! Type : File Data : A0049363.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP123\ IBIS Toolbar Object Recognized! Type : File Data : A0049387.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP123\ IBIS Toolbar Object Recognized! Type : File Data : A0049410.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP123\ IBIS Toolbar Object Recognized! Type : File Data : A0049450.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP123\ IBIS Toolbar Object Recognized! Type : File Data : A0049497.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP124\ IBIS Toolbar Object Recognized! Type : File Data : A0049522.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP124\ IBIS Toolbar Object Recognized! Type : File Data : A0049547.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP124\ IBIS Toolbar Object Recognized! Type : File Data : A0049579.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP124\ IBIS Toolbar Object Recognized! Type : File Data : A0049623.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP125\ IBIS Toolbar Object Recognized! Type : File Data : A0049668.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP127\ IBIS Toolbar Object Recognized! Type : File Data : A0049694.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP127\ IBIS Toolbar Object Recognized! Type : File Data : A0049744.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP128\ IBIS Toolbar Object Recognized! Type : File Data : A0049793.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP129\ IBIS Toolbar Object Recognized! Type : File Data : A0049835.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP130\ IBIS Toolbar Object Recognized! Type : File Data : A0049863.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP130\ IBIS Toolbar Object Recognized! Type : File Data : A0050863.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP131\ IBIS Toolbar Object Recognized! Type : File Data : A0050877.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP131\ IBIS Toolbar Object Recognized! Type : File Data : A0050909.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP132\ IBIS Toolbar Object Recognized! Type : File Data : A0050944.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP132\ IBIS Toolbar Object Recognized! Type : File Data : A0050957.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP132\ IBIS Toolbar Object Recognized! Type : File Data : A0051002.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP133\ IBIS Toolbar Object Recognized! Type : File Data : A0051072.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP134\ BargainBuddy Object Recognized! Type : File Data : A0051091.srg TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP134\ FileVersion : 1, 0, 0, 8 ProductVersion : 1, 0, 0, 8 ProductName : Download Module CompanyName : eXact Advertising FileDescription : Download Module InternalName : Download Utility LegalCopyright : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved. OriginalFilename : exdl.exe IBIS Toolbar Object Recognized! Type : File Data : A0052083.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP134\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0052090.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP134\ EzuLa Object Recognized! Type : File Data : A0052091.exe TAC Rating : 6 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP134\ Win32.TrojanDownloader.TSUpdate Object Recognized! Type : File Data : A0052094.exe TAC Rating : 6 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP134\ FileVersion : 4, 0, 3, 8 ProductVersion : 4, 0, 3, 8 LegalCopyright : Copyright (C) 2005 BargainBuddy Object Recognized! Type : File Data : A0052137.srg TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP134\ FileVersion : 1, 0, 0, 8 ProductVersion : 1, 0, 0, 8 ProductName : Download Module CompanyName : eXact Advertising FileDescription : Download Module InternalName : Download Utility LegalCopyright : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved. OriginalFilename : exdl.exe BargainBuddy Object Recognized! Type : File Data : A0052139.vxd TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP134\ FileVersion : 1, 0, 0, 2 ProductVersion : 1, 0, 0, 2 ProductName : Upload Module CompanyName : eXact Advertising FileDescription : Upload Module InternalName : Upload Utility LegalCopyright : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved. OriginalFilename : exul.exe SahAgent Object Recognized! Type : File Data : A0052212.exe TAC Rating : 9 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP134\ FileVersion : 4, 0, 0, 4 ProductVersion : 4, 0, 0, 4 Win32.TrojanDownloader.TSUpdate Object Recognized! Type : File Data : A0052215.exe TAC Rating : 6 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP134\ FileVersion : 4, 0, 3, 8 ProductVersion : 4, 0, 3, 8 LegalCopyright : Copyright (C) 2005 IBIS Toolbar Object Recognized! Type : File Data : A0052225.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP134\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0052240.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ IBIS Toolbar Object Recognized! Type : File Data : A0052244.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ IBIS Toolbar Object Recognized! Type : File Data : A0052246.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ IBIS Toolbar Object Recognized! Type : File Data : A0052247.dll TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ IBIS Toolbar Object Recognized! Type : File Data : A0052292.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ IBIS Toolbar Object Recognized! Type : File Data : A0053288.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0053290.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ IBIS Toolbar Object Recognized! Type : File Data : A0053320.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0053321.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ IBIS Toolbar Object Recognized! Type : File Data : A0053370.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ EzuLa Object Recognized! Type : File Data : A0053392.exe TAC Rating : 6 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0053428.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ IBIS Toolbar Object Recognized! Type : File Data : A0053435.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0054430.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ IBIS Toolbar Object Recognized! Type : File Data : A0054434.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0054461.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ IBIS Toolbar Object Recognized! Type : File Data : A0054468.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0055461.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ IBIS Toolbar Object Recognized! Type : File Data : A0055468.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP135\ VX2 Object Recognized! Type : File Data : A0055494.exe TAC Rating : 10 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP136\ FileVersion : 1.0.2.4 ProductVersion : 1.0.2.4 ProductName : Buddy Window CompanyName : Direct Revenue FileDescription : Buddy InternalName : Buddy.exe LegalCopyright : (c) Direct Revenue. All rights reserved. OriginalFilename : Buddy.exe Comments : Browser window for Direct Revenue Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0055516.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP136\ IBIS Toolbar Object Recognized! Type : File Data : A0055523.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP136\ IBIS Toolbar Object Recognized! Type : File Data : A0055549.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP136\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0055550.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP136\ VX2 Object Recognized! Type : File Data : A0055563.exe TAC Rating : 10 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP136\ FileVersion : 1.0.2.4 ProductVersion : 1.0.2.4 ProductName : Buddy Window CompanyName : Direct Revenue FileDescription : Buddy InternalName : Buddy.exe LegalCopyright : (c) Direct Revenue. All rights reserved. OriginalFilename : Buddy.exe Comments : Browser window for Direct Revenue Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0055591.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP136\ IBIS Toolbar Object Recognized! Type : File Data : A0055599.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP136\ IBIS Toolbar Object Recognized! Type : File Data : A0055622.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP137\ IBIS Toolbar Object Recognized! Type : File Data : A0055628.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP137\ IBIS Toolbar Object Recognized! Type : File Data : A0055630.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP138\ IBIS Toolbar Object Recognized! Type : File Data : A0055649.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP138\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0055650.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP138\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0055662.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP139\ IBIS Toolbar Object Recognized! Type : File Data : A0055664.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP139\ IBIS Toolbar Object Recognized! Type : File Data : A0055680.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP139\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0055681.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP139\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0055696.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP139\ IBIS Toolbar Object Recognized! Type : File Data : A0055703.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP139\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0055754.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP140\ IBIS Toolbar Object Recognized! Type : File Data : A0055760.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP140\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0055781.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP140\ IBIS Toolbar Object Recognized! Type : File Data : A0055787.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP140\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0055814.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP140\ IBIS Toolbar Object Recognized! Type : File Data : A0055824.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP140\ IBIS Toolbar Object Recognized! Type : File Data : A0055878.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP143\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0055882.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP144\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0055916.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP144\ IBIS Toolbar Object Recognized! Type : File Data : A0055923.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP144\ IBIS Toolbar Object Recognized! Type : File Data : A0056916.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP145\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0056920.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP146\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0056953.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP147\ IBIS Toolbar Object Recognized! Type : File Data : A0056961.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP147\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0057952.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP147\ IBIS Toolbar Object Recognized! Type : File Data : A0057958.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP147\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0057984.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP147\ IBIS Toolbar Object Recognized! Type : File Data : A0057990.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP147\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0057996.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP147\ IBIS Toolbar Object Recognized! Type : File Data : A0058001.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP147\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0058043.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP147\ IBIS Toolbar Object Recognized! Type : File Data : A0058051.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP147\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0059043.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP147\ IBIS Toolbar Object Recognized! Type : File Data : A0059050.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP147\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0059076.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP147\ IBIS Toolbar Object Recognized! Type : File Data : A0059081.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP147\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0059128.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP149\ IBIS Toolbar Object Recognized! Type : File Data : A0059136.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP149\ IBIS Toolbar Object Recognized! Type : File Data : A0059171.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP149\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0059196.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP149\ IBIS Toolbar Object Recognized! Type : File Data : A0059203.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP149\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0059242.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP150\ IBIS Toolbar Object Recognized! Type : File Data : A0059249.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP150\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0059281.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP151\ IBIS Toolbar Object Recognized! Type : File Data : A0059288.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP151\ IBIS Toolbar Object Recognized! Type : File Data : A0059323.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP151\ IBIS Toolbar Object Recognized! Type : File Data : A0059324.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP151\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0059325.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP151\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0059384.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP151\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0059398.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP153\ IBIS Toolbar Object Recognized! Type : File Data : A0059432.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP154\ IBIS Toolbar Object Recognized! Type : File Data : A0059433.dll TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP154\ IBIS Toolbar Object Recognized! Type : File Data : A0059435.cfg TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP154\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0061485.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP154\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0061536.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP155\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0061561.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP155\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0061653.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP156\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0061707.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP157\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0061737.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP157\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0061773.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP157\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0061814.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP158\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0061844.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP158\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0061907.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP160\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0061944.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP160\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0062944.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP161\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0066084.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP162\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0066114.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP162\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0066145.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP162\ IBIS Toolbar Object Recognized! Type : File Data : A0066183.dll TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP163\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0066216.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP163\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0067312.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP164\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0067344.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP164\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0068344.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP165\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0069345.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP165\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0069376.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP165\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0070376.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP165\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0070402.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP165\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0070429.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP166\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0070492.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP167\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0070637.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP168\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0070686.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP169\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0070730.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP170\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0070771.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP170\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0070801.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP170\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0070852.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP171\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0070898.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP171\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0070909.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP171\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0070919.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP171\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0070930.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP171\ IBIS Toolbar Object Recognized! Type : File Data : A0070942.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP171\ VX2 Object Recognized! Type : File Data : A0070945.dll TAC Rating : 10 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP171\ DealHelper Object Recognized! Type : File Data : A0070946.exe TAC Rating : 7 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP171\ FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 ProductName : UnInstallKey Application FileDescription : UnInstallKey MFC Application InternalName : UnInstallKey LegalCopyright : Copyright (C) 2003 OriginalFilename : UnInstallKey.EXE VX2 Object Recognized! Type : File Data : A0070954.dll TAC Rating : 10 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP171\ VX2 Object Recognized! Type : File Data : A0070959.exe TAC Rating : 10 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP171\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0070985.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP171\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0071023.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP171\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0071055.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP171\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0071138.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP172\ Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : A0071255.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP172\ ClearSearch Object Recognized! Type : File Data : A0041116.dll TAC Rating : 7 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP82\ FileVersion : 1.83.0.5 ProductVersion : 1.83.0.5 InternalName : Grip.dll OriginalFilename : Grip.dll Comments : Build 83 E ClearSearch Object Recognized! Type : File Data : A0041118.exe TAC Rating : 7 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP82\ BargainBuddy Object Recognized! Type : File Data : A0041222.vxd TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP82\ FileVersion : 1, 0, 0, 2 ProductVersion : 1, 0, 0, 2 ProductName : Upload Module CompanyName : eXact Advertising FileDescription : Upload Module InternalName : Upload Utility LegalCopyright : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved. OriginalFilename : exul.exe ClearSearch Object Recognized! Type : File Data : A0041277.exe TAC Rating : 7 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP83\ ClearSearch Object Recognized! Type : File Data : A0041279.dll TAC Rating : 7 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP83\ FileVersion : 1.83.0.5 ProductVersion : 1.83.0.5 InternalName : Grip.dll OriginalFilename : Grip.dll Comments : Build 83 E DealHelper Object Recognized! Type : File Data : A0041317.exe TAC Rating : 7 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP83\ FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 ProductName : UnInstallKey Application FileDescription : UnInstallKey MFC Application InternalName : UnInstallKey LegalCopyright : Copyright (C) 2003 OriginalFilename : UnInstallKey.EXE DealHelper Object Recognized! Type : File Data : A0041319.exe TAC Rating : 7 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP83\ FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 ProductName : version Application FileDescription : version MFC Application InternalName : version LegalCopyright : Copyright (C) 2003 OriginalFilename : version.EXE ClearSearch Object Recognized! Type : File Data : A0041367.DLL TAC Rating : 7 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP83\ ClearSearch Object Recognized! Type : File Data : A0041370.DLL TAC Rating : 7 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP83\ ClearSearch Object Recognized! Type : File Data : A0041372.exe TAC Rating : 7 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP83\ FileVersion : 1, 13, 0, 5 ProductVersion : 1, 13, 0, 5 ClearSearch Object Recognized! Type : File Data : A0041373.exe TAC Rating : 7 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP83\ FileVersion : 1, 13, 0, 5 ProductVersion : 1, 13, 0, 5 Win32.TrojanDownloader.TSUpdate Object Recognized! Type : File Data : A0041385.exe TAC Rating : 6 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP83\ FileVersion : 4, 0, 3, 8 ProductVersion : 4, 0, 3, 8 LegalCopyright : Copyright (C) 2005 Prutect Object Recognized! Type : File Data : A0041489.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP83\ Win32.TrojanDownloader.Agent.Ay Object Recognized! Type : File Data : A0041532.exe TAC Rating : 7 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP83\ FileVersion : 1, 0, 2, 17 ProductVersion : 0, 0, 7, 0 ProductName : TODO: CompanyName : TODO: FileDescription : TODO: LegalCopyright : TODO: (c) . All rights reserved. MediaMotor Object Recognized! Type : File Data : A0041537.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP83\ FileVersion : 1.00 ProductVersion : 1.00 ProductName : Project1 CompanyName : df InternalName : unstall OriginalFilename : unstall.exe PromulGate Object Recognized! Type : File Data : A0041540.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP83\ FileVersion : 1.4.0000 ProductVersion : Version 1.4, Build 0000 VX2 Object Recognized! Type : File Data : A0041895.dll TAC Rating : 10 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP87\ FileVersion : 0, 12, 4, 74 ProductVersion : 0, 12, 4, 74 ProductName : Ceres CompanyName : Ceres FileDescription : www.abetterinternet.com InternalName : Ceres LegalCopyright : Copyright © 2004 OriginalFilename : Ceres.dll Comments : www.abetterinternet.com VX2 Object Recognized! Type : File Data : A0041912.dll TAC Rating : 10 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP87\ FileVersion : 0, 12, 4, 74 ProductVersion : 0, 12, 4, 74 ProductName : Ceres CompanyName : Ceres FileDescription : www.abetterinternet.com InternalName : Ceres LegalCopyright : Copyright © 2004 OriginalFilename : Ceres.dll Comments : www.abetterinternet.com BargainBuddy Object Recognized! Type : File Data : A0042072.vxd TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP87\ FileVersion : 1, 0, 0, 2 ProductVersion : 1, 0, 0, 2 ProductName : Upload Module CompanyName : eXact Advertising FileDescription : Upload Module InternalName : Upload Utility LegalCopyright : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved. OriginalFilename : exul.exe VX2 Object Recognized! Type : File Data : A0042164.dll TAC Rating : 10 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP88\ FileVersion : 0, 12, 4, 74 ProductVersion : 0, 12, 4, 74 ProductName : Ceres CompanyName : Ceres FileDescription : www.abetterinternet.com InternalName : Ceres LegalCopyright : Copyright © 2004 OriginalFilename : Ceres.dll Comments : www.abetterinternet.com Win32.TrojanDownloader.Agent.Ay Object Recognized! Type : File Data : A0042221.exe TAC Rating : 7 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP88\ FileVersion : 1, 0, 2, 17 ProductVersion : 0, 0, 7, 0 ProductName : TODO: CompanyName : TODO: FileDescription : TODO: LegalCopyright : TODO: (c) . All rights reserved. MediaMotor Object Recognized! Type : File Data : A0042232.exe TAC Rating : 8 Category : Malware Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP88\ FileVersion : 1.00 ProductVersion : 1.00 ProductName : Project1 CompanyName : df InternalName : unstall OriginalFilename : unstall.exe PromulGate Object Recognized! Type : File Data : A0042240.exe TAC Rating : 5 Category : Data Miner Comment : Object : C:\System Volume Information\_restore{DE6A7A93-410F-46D8-8048-0C6F034565EE}\RP88\ FileVersion : 1.4.0000 ProductVersion : Version 1.4, Build 0000 Win32.TrojanDownloader.Small.aly Object Recognized! Type : File Data : QBUninstaller.exe TAC Rating : 8 Category : Malware Comment : Object : C:\WINDOWS\system\ Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 269 Possible Browser Hijack attempt Object Recognized! Type : File Data : Advertising.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Advertising Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Asset Protection.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Asset+Protection Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Bad Credit.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Bad Credit Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Bankruptcy.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Bankruptcy Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Business opportunity.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=business+opportunity Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Business.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Business Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Cash Advance.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Cash+Advance Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Credit Reports.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Credit+Reports Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Credit.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Credit Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Debt Consolidation.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Debt Consolidation Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Debt Relief.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Debt+Relief Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : e commerce.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=e+commerce Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Home Mortgages.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Home+Mortgages Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Human Resources.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Human+Resources Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Insurance.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Insurance Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Loans.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Loans Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Marketing.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Marketing Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Project Management.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Project+Management Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Refinance.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Refinance Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Small business.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=small+business Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Work At Home.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=work+at+home Object : C:\Documents and Settings\user\Favorites\Finances & Business\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Adipex.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Adipex Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Auto Insurance.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Auto Insurance Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Business Insurance.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Business Insurance Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Dental Insurance.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Dental Insurance Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Diet pills.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Diet+pills Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Hair loss.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Hair+loss Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Health Insurance.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Health Insurance Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Home Insurance.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Home Insurance Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Insurance.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Insurance Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Life Insurance.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Life+Insurance Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Nutrition.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Nutrition Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Penis enlargement.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=penis+enlargement Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Phentermine.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Phentermine Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Prozac.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Prozac Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Quit smoking.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=quit+smoking Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Term Life Insurance.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Term Life Insurance Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Travel Insurance.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Travel Insurance Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Valtrex.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Valtrex Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Viagra.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=viagra Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Weight loss.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Weight+loss Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Xenical.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Xenical Object : C:\Documents and Settings\user\Favorites\Health & Insurance\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Adventure travel.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Adventure+travel Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Air Conditioning.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Air Conditioning Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Air Purifiers.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Air Purifiers Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Air travel.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Air+travel Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Blinds.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Blinds Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Celebrity cruises.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Celebrity+cruises Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Cheap hotels.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Cheap+hotels Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Hawaii travel.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Hawaii+travel Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Home Equity Loans.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Home Equity Loans Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Home Mortgages.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Home Mortgages Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : International travel.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=International+travel Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Las Vegas hotels.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Las+Vegas+hotels Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Lighting.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Lighting Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Mattress.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Mattress Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Moving.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Moving Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Refinance.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Refinance Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Relocation.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Relocation Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Travel Agents.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Travel+Agents Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Travel insurance.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Travel+insurance Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Possible Browser Hijack attempt Object Recognized! Type : File Data : Travel.url TAC Rating : 8 Category : Misc Comment : Problematic URL discovered: http://searchmiracle.com/search/search.php?acc=seedcorn&qq=Travel Object : C:\Documents and Settings\user\Favorites\Homelife & Travel\ Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» AdRotator Object Recognized! Type : File Data : hiwinnager.dat TAC Rating : 6 Category : Malware Comment : Object : C:\WINDOWS\system32\ AdRotator Object Recognized! Type : File Data : searchen.dat TAC Rating : 6 Category : Malware Comment : Object : C:\WINDOWS\ IBIS Toolbar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : You will need to restart your computer and rescan in order to complete the removal of this item. Rootkey : HKEY_LOCAL_MACHINE Object : system\currentcontrolset\enum\root\legacy_tbpssvc IBIS Toolbar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : system\currentcontrolset\enum\root\legacy_wintoolssvc IBIS Toolbar Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CURRENT_USER Object : software\microsoft\internet explorer\main Value : AutoSearch IBIS Toolbar Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\main Value : CustomizeSearch IBIS Toolbar Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\installer\userdata Value : TUID IBIS Toolbar Object Recognized! Type : RegValue Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\main Value : IEWatsonEnabled IBIS Toolbar Object Recognized! Type : RegData Data : no TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_CURRENT_USER Object : software\microsoft\internet explorer\main Value : Use Search Asst Data : no WindUpdates Object Recognized! Type : Regkey Data : TAC Rating : 8 Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\downloadmanager VX2 Object Recognized! Type : RegValue Data : TAC Rating : 10 Category : Malware Comment : Rootkey : HKEY_CURRENT_USER Object : software\microsoft\internet explorer\toolbar\webbrowser Value : {0E5CBF21-D15F-11D0-8301-00AA005B4383} VX2 Object Recognized! Type : RegValue Data : TAC Rating : 10 Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\internet explorer\main\featurecontrol\feature_window_restrictions Value : iexplore.exe VX2 Object Recognized! Type : File Data : payload2.inf TAC Rating : 10 Category : Malware Comment : Object : C:\WINDOWS\inf\ DealHelper Object Recognized! Type : RegValue Data : TAC Rating : 7 Category : Malware Comment : Rootkey : HKEY_CURRENT_USER Object : software\microsoft\internet explorer\toolbar\webbrowser Value : {01E04581-4EEE-11D0-BFE9-00AA005B4383} DealHelper Object Recognized! Type : Folder TAC Rating : 7 Category : Malware Comment : DealHelper Object : C:\WINDOWS\system32\DealHelper Win32.TrojanDownloader.Small.aly Object Recognized! Type : Regkey Data : TAC Rating : 8 Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\wafaie Win32.TrojanDownloader.Small.aly Object Recognized! Type : RegValue Data : TAC Rating : 8 Category : Malware Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\microsoft\windows\currentversion\uninstall\wafaie Value : UninstallString ClearSearch Object Recognized! Type : RegValue Data : TAC Rating : 7 Category : Data Miner Comment : Rootkey : HKEY_CURRENT_USER Object : software\microsoft\internet explorer\urlsearchhooks Value : {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 18 Objects found so far: 349 12:30:49 AM Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:09:02.260 Objects scanned:104906 Objects identified:326 Objects ignored:0 New critical objects:326