[ibassplayer205]

Scanned my crap...er...lap...top with Ad-Aware SE and here is the log file it came out with. Hope you can help. Im getting so frustrated with my laptop, Im about to throw it out my window!

Just a couple weeks it started running really slow. And earlier today it would shut off while I tried to boot. It got to the log-in screen, then shut down twice. And I actually got to see my desktop wall paper a few times before it shut itself down too! Anyway, I hope you can help (and I know you must get these all the time, im sorry).

----------

Ad-Aware SE Build 1.05
Logfile Created on:Thursday, April 28, 2005 1:13:50 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R42 28.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
BargainBuddy(TAC index:8):2 total references
IBIS Toolbar(TAC index:5):232 total references
Other(TAC index:5):6 total references
Possible Browser Hijack attempt(TAC index:3):4 total references
SideFind(TAC index:5):3 total references
Tracking Cookie(TAC index:3):4 total references
WindUpdates(TAC index:8):24 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R39 15.04.2005
Internal build : 46
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 459480 Bytes
Total size : 1389159 Bytes
Signature data size : 1358772 Bytes
Reference data size : 29875 Bytes
Signatures total : 38701
Fingerprints total : 794
Fingerprints size : 29979 Bytes
Target categories : 15
Target families : 649

4-28-2005 1:11:17 PM Performing WebUpdate...

Installing Update...
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654


4-28-2005 1:11:31 PM Success
Update successfully downloaded and installed.


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:39 %
Total physical memory:260436 kb
Available physical memory:100452 kb
Total page file size:638148 kb
Available on page file:378096 kb
Total virtual memory:2097024 kb
Available virtual memory:2041236 kb
OS:Microsoft Windows XP Home Edition Service Pack 1 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


4-28-2005 1:13:50 PM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 692
ThreadCreationTime : 4-28-2005 5:19:39 PM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 764
ThreadCreationTime : 4-28-2005 5:19:42 PM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 788
ThreadCreationTime : 4-28-2005 5:19:43 PM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 832
ThreadCreationTime : 4-28-2005 5:19:44 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 844
ThreadCreationTime : 4-28-2005 5:19:44 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 1032
ThreadCreationTime : 4-28-2005 5:19:48 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 1216
ThreadCreationTime : 4-28-2005 5:19:50 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 1412
ThreadCreationTime : 4-28-2005 5:19:53 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 1492
ThreadCreationTime : 4-28-2005 5:19:53 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [ccsetmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
ProcessID : 1720
ThreadCreationTime : 4-28-2005 5:19:54 PM
BasePriority : Normal
FileVersion : 2.1.3.4
ProductVersion : 2.1.3.4
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:11 [ccevtmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
ProcessID : 1744
ThreadCreationTime : 4-28-2005 5:19:55 PM
BasePriority : Normal
FileVersion : 2.1.3.4
ProductVersion : 2.1.3.4
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:12 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 468
ThreadCreationTime : 4-28-2005 5:19:57 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:13 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1124
ThreadCreationTime : 4-28-2005 5:20:03 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:14 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 1276
ThreadCreationTime : 4-28-2005 5:20:04 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:15 [avgamsvr.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
ProcessID : 1316
ThreadCreationTime : 4-28-2005 5:20:04 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE

#:16 [avgupsvc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
ProcessID : 1348
ThreadCreationTime : 4-28-2005 5:20:05 PM
BasePriority : Normal
FileVersion : 7,1,0,285
ProductVersion : 7.1.0.285
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE

#:17 [ccproxy.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccProxy.exe"
ProcessID : 1364
ThreadCreationTime : 4-28-2005 5:20:05 PM
BasePriority : Normal
FileVersion : 2.1.2.800
ProductVersion : 2.1.2.800
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Network Proxy Service
InternalName : ccProxy
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccProxy.exe

#:18 [navapsvc.exe]
ModuleName : C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
Command Line : "C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe"
ProcessID : 1408
ThreadCreationTime : 4-28-2005 5:20:06 PM
BasePriority : Normal
FileVersion : 10.00.2
ProductVersion : 10.00.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright © 2003 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:19 [sndsrvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
ProcessID : 1620
ThreadCreationTime : 4-28-2005 5:20:08 PM
BasePriority : Normal
FileVersion : 5.3.2.67
ProductVersion : 5.3
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:20 [bcmsmmsg.exe]
ModuleName : C:\WINDOWS\BCMSMMSG.exe
Command Line : "C:\WINDOWS\BCMSMMSG.exe"
ProcessID : 1868
ThreadCreationTime : 4-28-2005 5:20:12 PM
BasePriority : Normal
FileVersion : 3.5.25 08/27/2003 20:04:35
ProductVersion : 3.5.25 08/27/2003 20:04:35
ProductName : BCM Modem Messaging Applet
CompanyName : Broadcom Corporation
FileDescription : Modem Messaging Applet
InternalName : smdmstat.exe
LegalCopyright : Copyright © Broadcom Corporation 1998-2000
OriginalFilename : smdmstat.exe

#:21 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 1900
ThreadCreationTime : 4-28-2005 5:20:13 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:22 [hkcmd.exe]
ModuleName : C:\WINDOWS\System32\hkcmd.exe
Command Line : "C:\WINDOWS\System32\hkcmd.exe"
ProcessID : 1928
ThreadCreationTime : 4-28-2005 5:20:14 PM
BasePriority : Normal
FileVersion : 3.0.0.2311
ProductVersion : 7.0.0.2311
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2003, Intel Corporation
OriginalFilename : HKCMD.EXE

#:23 [tbpssvc.exe]
ModuleName : C:\PROGRA~1\Toolbar\TBPSSvc.exe
Command Line : C:\PROGRA~1\Toolbar\TBPSSvc.exe
ProcessID : 1932
ThreadCreationTime : 4-28-2005 5:20:14 PM
BasePriority : Normal


IBIS Toolbar Object Recognized!
Type : Process
Data : TBPSSvc.exe
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\PROGRA~1\Toolbar\


Warning! IBIS Toolbar Object found in memory(C:\PROGRA~1\Toolbar\TBPSSvc.exe)

"C:\PROGRA~1\Toolbar\TBPSSvc.exe"Process terminated successfully
"C:\PROGRA~1\Toolbar\TBPSSvc.exe"Process terminated successfully

#:24 [jusched.exe]
ModuleName : C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
Command Line : "C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe"
ProcessID : 1952
ThreadCreationTime : 4-28-2005 5:20:14 PM
BasePriority : Normal


#:25 [syntplpr.exe]
ModuleName : C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
Command Line : "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
ProcessID : 1980
ThreadCreationTime : 4-28-2005 5:20:16 PM
BasePriority : Normal
FileVersion : 7.6.4 15Aug03
ProductVersion : 7.6.4 15Aug03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright © Synaptics, Inc. 1996-2003
OriginalFilename : SynTPLpr.exe

#:26 [syntpenh.exe]
ModuleName : C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Command Line : "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
ProcessID : 2020
ThreadCreationTime : 4-28-2005 5:20:18 PM
BasePriority : Normal
FileVersion : 7.6.4 15Aug03
ProductVersion : 7.6.4 15Aug03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright © Synaptics, Inc. 1996-2003
OriginalFilename : SynTPEnh.exe

#:27 [tfswctrl.exe]
ModuleName : C:\WINDOWS\system32\dla\tfswctrl.exe
Command Line : "C:\WINDOWS\system32\dla\tfswctrl.exe"
ProcessID : 128
ThreadCreationTime : 4-28-2005 5:20:19 PM
BasePriority : Normal
FileVersion : 1.04.07b
CompanyName : Sonic Solutions
FileDescription : Drive Letter Access Component
LegalCopyright : Copyright © 2004 Sonic Solutions

#:28 [wltrysvc.exe]
ModuleName : C:\WINDOWS\System32\WLTRYSVC.EXE
Command Line : C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe
ProcessID : 168
ThreadCreationTime : 4-28-2005 5:20:19 PM
BasePriority : Normal


#:29 [jucheck.exe]
ModuleName : C:\Program Files\Java\j2re1.4.2_06\bin\jucheck.exe
Command Line : -auto
ProcessID : 164
ThreadCreationTime : 4-28-2005 5:20:20 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : UpdateChecker Module
FileDescription : UpdateChecker Module
InternalName : UpdateChecker
LegalCopyright : Copyright 2002
OriginalFilename : UpdateChecker.EXE

#:30 [pcmservice.exe]
ModuleName : C:\Program Files\Dell\Media Experience\PCMService.exe
Command Line : "C:\Program Files\Dell\Media Experience\PCMService.exe"
ProcessID : 308
ThreadCreationTime : 4-28-2005 5:20:23 PM
BasePriority : Normal
FileVersion : 1.0.1611
ProductVersion : 1.0.1611
ProductName : PCM2Launcher Application
CompanyName : CyberLink Corp.
FileDescription : PowerCinema Resident Program for Dell
InternalName : PowerCinema Resident Program for Dell
LegalCopyright : Copyright c 2003 CyberLink Corp.
OriginalFilename : PCM2Launcher.EXE

#:31 [bcmwltry.exe]
ModuleName : C:\WINDOWS\System32\bcmwltry.exe
Command Line : C:\WINDOWS\System32\bcmwltry.exe
ProcessID : 520
ThreadCreationTime : 4-28-2005 5:20:24 PM
BasePriority : Normal
FileVersion : 3.40.67.0
ProductVersion : 3.40.67.0
ProductName : Dell Wireless WLAN Card Wireless Network Tray Applet
CompanyName : Dell Computer Corporation
FileDescription : Dell Wireless WLAN Card Wireless Network Tray Applet
InternalName : bcmwltry.exe
LegalCopyright : 1998-2003, Dell Computer Corporation All Rights Reserved.
OriginalFilename : bcmwltry.exe

#:32 [dvdlauncher.exe]
ModuleName : C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
Command Line : "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
ProcessID : 524
ThreadCreationTime : 4-28-2005 5:20:24 PM
BasePriority : Normal
FileVersion : 3.00.0000
ProductVersion : 3.00.0000
ProductName : Cyberlink PowerCinema 3.0
CompanyName : CyberLink Corp.
FileDescription : CyberLink PowerCinema Resident Program
InternalName : CyberLink PowerCinema Resident Program
LegalCopyright : Copyright © 2003 CyberLink Corp.
OriginalFilename : DVDLauncher.EXE

#:33 [dadapp.exe]
ModuleName : C:\Program Files\Dell\AccessDirect\dadapp.exe
Command Line : "C:\Program Files\Dell\AccessDirect\dadapp.exe"
ProcessID : 568
ThreadCreationTime : 4-28-2005 5:20:25 PM
BasePriority : Normal


#:34 [ccapp.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
ProcessID : 892
ThreadCreationTime : 4-28-2005 5:20:26 PM
BasePriority : Normal
FileVersion : 2.1.3.4
ProductVersion : 2.1.3.4
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:35 [mm_tray.exe]
ModuleName : C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe
Command Line : "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe"
ProcessID : 848
ThreadCreationTime : 4-28-2005 5:20:29 PM
BasePriority : Normal
FileVersion : 8.20.2063
ProductVersion : 8.20.2063
ProductName : Musicmatch JUKEBOX
CompanyName : Musicmatch, Inc.
FileDescription : mm_tray
InternalName : mm_tray
LegalCopyright : Copyright © Musicmatch 1998-2004
LegalTrademarks :
OriginalFilename : mm_tray.exe

#:36 [support.exe]
ModuleName : C:\Program Files\Common Files\Dell\EUSW\Support.exe
Command Line : "C:\Program Files\Common Files\Dell\EUSW\Support.exe"
ProcessID : 896
ThreadCreationTime : 4-28-2005 5:20:30 PM
BasePriority : Normal
FileVersion : 2, 1, 1, 0
ProductVersion : 1, 0, 0, 1
ProductName : Dell Support
CompanyName : Dell
FileDescription : Support
InternalName : Support
LegalCopyright : Copyright © 2002
OriginalFilename : Support.exe

#:37 [e_s4i2l1.exe]
ModuleName : C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2L1.EXE
Command Line : "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2L1.EXE" /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
ProcessID : 1588
ThreadCreationTime : 4-28-2005 5:20:32 PM
BasePriority : Normal
FileVersion : 3.00
ProductVersion : 3.00
ProductName : EPSON Status Monitor 3
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Status Monitor 3
InternalName : E_S4I2L1
LegalCopyright : Copyright © SEIKO EPSON CORP. 2003
OriginalFilename : E_S4I2L1.EXE

#:38 [avgcc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
ProcessID : 1764
ThreadCreationTime : 4-28-2005 5:20:33 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE

#:39 [ituneshelper.exe]
ModuleName : C:\Program Files\iTunes\iTunesHelper.exe
Command Line : "C:\Program Files\iTunes\iTunesHelper.exe"
ProcessID : 1836
ThreadCreationTime : 4-28-2005 5:20:35 PM
BasePriority : Normal
FileVersion : 4.7.0.42
ProductVersion : 4.7.0.42
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2004 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe

#:40 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 1140
ThreadCreationTime : 4-28-2005 5:20:36 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:41 [mmtask.exe]
ModuleName : C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe
Command Line : "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe"
ProcessID : 1052
ThreadCreationTime : 4-28-2005 5:20:37 PM
BasePriority : Normal
FileVersion : 1.0.0.1
ProductVersion : 1.0.0.1
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
InternalName : mmtask.exe
LegalCopyright : TODO: © <Company name>. All rights reserved.
OriginalFilename : mmtask.exe

#:42 [realsched.exe]
ModuleName : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
ProcessID : 1584
ThreadCreationTime : 4-28-2005 5:20:37 PM
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:43 [avgemc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe"
ProcessID : 2104
ThreadCreationTime : 4-28-2005 5:20:40 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgemc.exe

#:44 [mediaacck.exe]
ModuleName : C:\Program Files\Media Access\MediaAccK.exe
Command Line : "C:\Program Files\Media Access\MediaAccK.exe"
ProcessID : 2156
ThreadCreationTime : 4-28-2005 5:20:41 PM
BasePriority : Normal


#:45 [tbps.exe]
ModuleName : C:\PROGRA~1\Toolbar\TBPS.exe
Command Line : "C:\PROGRA~1\Toolbar\TBPS.exe"
ProcessID : 2164
ThreadCreationTime : 4-28-2005 5:20:42 PM
BasePriority : Normal


#:46 [mediaaccess.exe]
ModuleName : C:\Program Files\Media Access\MediaAccess.exe
Command Line : "C:\Program Files\Media Access\MediaAccess.exe"
ProcessID : 2204
ThreadCreationTime : 4-28-2005 5:20:44 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : LoaderX Module
FileDescription : LoaderX Module
InternalName : LoaderX
LegalCopyright : Copyright 2005
OriginalFilename : LoaderX.EXE

#:47 [pib.exe]
ModuleName : C:\PROGRA~1\Toolbar\PIB.exe
Command Line : C:\PROGRA~1\Toolbar\PIB.exe
ProcessID : 2296
ThreadCreationTime : 4-28-2005 5:20:50 PM
BasePriority : Realtime


#:48 [quickdcf.exe]
ModuleName : C:\Program Files\FinePixViewer\QuickDCF.exe
Command Line : "C:\Program Files\FinePixViewer\QuickDCF.exe"
ProcessID : 2392
ThreadCreationTime : 4-28-2005 5:20:55 PM
BasePriority : Normal
FileVersion : 4, 0, 0, 0
ProductVersion : 4, 0, 0, 0
ProductName : FinePixViewer
CompanyName : FUJI PHOTO FILM CO., LTD.
FileDescription : Exif Launcher
InternalName : QuickDCF
LegalCopyright : Copyright 2000-2003 FUJI PHOTO FILM CO.,LTD.
OriginalFilename : QuickDCF.exe

#:49 [radio.exe]
ModuleName : c:\PROGRA~1\Toolbar\radio.exe
Command Line : c:\PROGRA~1\Toolbar\radio.exe -Embedding
ProcessID : 2404
ThreadCreationTime : 4-28-2005 5:20:56 PM
BasePriority : Normal


#:50 [wzqkpick.exe]
ModuleName : C:\Program Files\WinZip\WZQKPICK.EXE
Command Line : "C:\Program Files\WinZip\WZQKPICK.EXE"
ProcessID : 2444
ThreadCreationTime : 4-28-2005 5:20:58 PM
BasePriority : Normal
FileVersion : 1.0 (32-bit)
ProductVersion : 9.0 (6224)
ProductName : WinZip
CompanyName : WinZip Computing, Inc.
FileDescription : WinZip Executable
InternalName : WZQKPICK.EXE
LegalCopyright : Copyright © WinZip Computing, Inc. 1991-2004 - All Rights Reserved
LegalTrademarks : WinZip is a registered trademark of WinZip Computing, Inc
OriginalFilename : WZQKPICK.EXE
Comments : StringFileInfo: U.S. English

#:51 [ipodservice.exe]
ModuleName : C:\Program Files\iPod\bin\iPodService.exe
Command Line : "C:\Program Files\iPod\bin\iPodService.exe"
ProcessID : 3184
ThreadCreationTime : 4-28-2005 5:21:34 PM
BasePriority : Normal
FileVersion : 4.7.0.42
ProductVersion : 4.7.0.42
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2004 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:52 [aim.exe]
ModuleName : C:\Program Files\AIM\aim.exe
Command Line : "C:\Program Files\AIM\aim.exe"
ProcessID : 1332
ThreadCreationTime : 4-28-2005 5:29:10 PM
BasePriority : Normal
FileVersion : 5.9.3690
ProductVersion : 5.9.3690
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE

#:53 [firefox.exe]
ModuleName : C:\Program Files\Mozilla Firefox\firefox.exe
Command Line : "C:\Program Files\Mozilla Firefox\firefox.exe"
ProcessID : 3692
ThreadCreationTime : 4-28-2005 6:08:45 PM
BasePriority : Normal


#:54 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 2844
ThreadCreationTime : 4-28-2005 6:10:43 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 1


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{1e5f0d38-214b-4085-ad2a-d2290e6a2d2c}

WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{1e5f0d38-214b-4085-ad2a-d2290e6a2d2c}
Value :

WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{1e5f0d38-214b-4085-ad2a-d2290e6a2d2c}
Value : AppID

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2c4e6d22-b71f-491f-aad3-b6972a650d50}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2c4e6d22-b71f-491f-aad3-b6972a650d50}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{310cc549-4541-46a9-940f-52b342a6e682}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{310cc549-4541-46a9-940f-52b342a6e682}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{339bb23f-a864-48c0-a59f-29ea915965ec}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{339bb23f-a864-48c0-a59f-29ea915965ec}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{69357d4e-bf4d-4651-91e9-52ecd45a0128}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{69357d4e-bf4d-4651-91e9-52ecd45a0128}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{6e21f428-5617-47f7-aed8-b2e1d8fba711}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{6e21f428-5617-47f7-aed8-b2e1d8fba711}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{708be496-e202-497b-bc31-9cf47e3bf8d6}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{708be496-e202-497b-bc31-9cf47e3bf8d6}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{8952a998-1e7e-4716-b23d-3dbe03910972}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{8952a998-1e7e-4716-b23d-3dbe03910972}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{8b0fa130-0c3d-4cb1-aeb7-2c29da5509a3}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{8b0fa130-0c3d-4cb1-aeb7-2c29da5509a3}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{bbf122a7-8a4d-45b5-9e00-0f68bc87c904}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{bbf122a7-8a4d-45b5-9e00-0f68bc87c904}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{cae0999f-78c5-49dc-9f30-13142aaaaba4}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{cae0999f-78c5-49dc-9f30-13142aaaaba4}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{f1616b86-9288-489d-b71a-0ccf2f1a89da}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{f1616b86-9288-489d-b71a-0ccf2f1a89da}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{ff76a5da-6158-4439-99ff-edc1b3fe100c}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{ff76a5da-6158-4439-99ff-edc1b3fe100c}
Value :

WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9}

WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{234f09fb-fe89-4c6d-9203-31832fc051c3}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{234f09fb-fe89-4c6d-9203-31832fc051c3}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{365b9a54-e613-46e5-9db1-4f91a9de80bd}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{365b9a54-e613-46e5-9db1-4f91a9de80bd}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{618be527-b7f5-417c-bc51-98fdc2d6de61}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{618be527-b7f5-417c-bc51-98fdc2d6de61}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{66c22569-f05c-4a70-a142-763b337e1002}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{66c22569-f05c-4a70-a142-763b337e1002}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{7b8bd940-b1ef-460c-85a2-9acaaf7f9303}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{7b8bd940-b1ef-460c-85a2-9acaaf7f9303}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{99aa88d1-d9d3-410a-be9e-044f94c183da}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{99aa88d1-d9d3-410a-be9e-044f94c183da}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{c380566d-f343-42ab-987b-6b38a1a35747}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{c380566d-f343-42ab-987b-6b38a1a35747}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{d1951679-1d52-43fc-9585-0737143585f5}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{d1951679-1d52-43fc-9585-0737143585f5}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{f273d4ea-2025-4410-8408-251a0cd46be7}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{f273d4ea-2025-4410-8408-251a0cd46be7}
Value :

WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : mediaaccess.installer

WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : mediaaccess.installer
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : protocols\handler\tpro

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : protocols\handler\tpro
Value :

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : protocols\handler\tpro
Value : CLSID

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : protocols\name-space handler\res\toolbar.resprotocol

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : protocols\name-space handler\res\toolbar.resprotocol
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : radio.radioplayer

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : radio.radioplayer
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.pluginconfig

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.pluginconfig
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.plugindown

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.plugindown
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.plugindownadd

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.plugindownadd
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.pluginevents

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.pluginevents
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.plugininst

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.plugininst
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.pluginserver

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.pluginserver
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.toolbarscript

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.toolbarscript
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : toolbar.resprotocol

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : toolbar.resprotocol
Value :

WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{15696ae2-6ea4-47f4-bea6-a3d32693efc7}

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{37ac49e3-e906-4bd8-ae83-d0f7fb48fd17}

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{b23b3add-84b1-414a-92b9-0cabe5a781f4}

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{d8bd4ded-5bb2-4d4e-9a6a-f10244fed7d6}

IBIS

Edited by ibassplayer205, 28 April 2005 - 02:58 PM.

[Advertisements]

Hello there

Please could you complete your current logfile

Please could you find the rest of your logfile and complete posting it here.
Logs are stored in:

C:\Documents and Settings\USERNAME\Application Data\Lavasoft\Ad-aware\Logs\.
There are in order of date,

Make sure you have all the log posted

(The Application Data is a hidden folder, so you will need to show hidden files and folders and for Windows 98*admin users your logs are stored in C:\WINDOWS\All Users\Application Data\ )

This sometimes takes 2-3 posts to get it all posted. You will know you are at the end when you see the "Summary of this scan" information has been posted.

When you have posted your log here, Team Lavasoft can advise on what to do next. Please post back if you have any questions or other problems.

Good luck

Andy

[ibassplayer205]

OOPS! Sorry about that. heres the rest...

----------------

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{8952a998-1e7e-4716-b23d-3dbe03910972}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{8952a998-1e7e-4716-b23d-3dbe03910972}
Value :

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{339BB23F-A864-48C0-A59F-29EA915965EC}"
Rootkey : HKEY_USERS
Object : S-1-5-21-1033501418-297939935-1519519878-1007\software\microsoft\internet explorer\toolbar\webbrowser
Value : {339BB23F-A864-48C0-A59F-29EA915965EC}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{339BB23F-A864-48C0-A59F-29EA915965EC}"
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\toolbar
Value : {339BB23F-A864-48C0-A59F-29EA915965EC}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 80
Objects found so far: 81


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Possible Browser Hijack attempt : Software\Microsoft\Internet Explorer\MainSearchAssistantwww.websearch.com

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://www.websearch...px?tb_id=50245"
Category : Data Miner
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : SearchAssistant
Data : "http://www.websearch...px?tb_id=50245"
Possible Browser Hijack attempt : Software\Microsoft\Internet Explorer\SearchSearchAssistantwww.websearch.com

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://www.websearch...px?tb_id=50245"
Category : Data Miner
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Search
Value : SearchAssistant
Data : "http://www.websearch...px?tb_id=50245"
Possible Browser Hijack attempt : Software\Microsoft\Internet Explorer\SearchCustomizeSearch\toolbar.dll/sa

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "res://C:\PROGRA~1\Toolbar\toolbar.dll/sa"
Category : Data Miner
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Search
Value : CustomizeSearch
Data : "res://C:\PROGRA~1\Toolbar\toolbar.dll/sa"
Possible Browser Hijack attempt : S-1-5-21-1033501418-297939935-1519519878-1007\Software\Microsoft\Internet Explorer\MainSearch Barwww.websearch.com

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://www.websearch...px?tb_id=50245"
Category : Data Miner
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : S-1-5-21-1033501418-297939935-1519519878-1007\Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : "http://www.websearch...px?tb_id=50245"

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 85


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : seth@2o7[1].txt
Category : Data Miner
Comment : Hits:10
Value : Cookie:[email protected]/
Expires : 4-27-2010 8:31:20 AM
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : seth@doubleclick[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 4-28-2005 8:46:26 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 87



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : seth@2o7[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Seth\Cookies\seth@2o7[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : seth@doubleclick[1].txt
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Seth\Cookies\seth@doubleclick[1].txt

SideFind Object Recognized!
Type : File
Data : sidefind.exe
Category : Malware
Comment :
Object : C:\Documents and Settings\Seth\Local Settings\Temp\



IBIS Toolbar Object Recognized!
Type : File
Data : temp.fr2DEB
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Seth\Local Settings\Temp\



IBIS Toolbar Object Recognized!
Type : File
Data : temp.fr4FD1
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Seth\Local Settings\Temp\



IBIS Toolbar Object Recognized!
Type : File
Data : WToolsB.dll
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Seth\Local Settings\Temp\temp.fr95D0\



IBIS Toolbar Object Recognized!
Type : File
Data : WToolsD.cfg
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Seth\Local Settings\Temp\temp.fr95D0\



SideFind Object Recognized!
Type : File
Data : sidefind[1].exe
Category : Malware
Comment :
Object : C:\Documents and Settings\Seth\Local Settings\Temporary Internet Files\Content.IE5\61RSLSZA\



SideFind Object Recognized!
Type : File
Data : A0014481.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP153\



BargainBuddy Object Recognized!
Type : File
Data : A0014484.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP153\
FileVersion : 1.00
ProductVersion : 1.00
ProductName : adv
CompanyName : eXact Advertising
InternalName : adv
LegalCopyright : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved.
OriginalFilename : adv.exe


BargainBuddy Object Recognized!
Type : File
Data : A0014485.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP153\
FileVersion : 1.00
ProductVersion : 1.00
ProductName : adx
CompanyName : eXact Advertising
InternalName : adx
LegalCopyright : Copyright © 2003, 2004. eXact Advertising, LLC. All Rights Reserved.
OriginalFilename : adx.exe


WindUpdates Object Recognized!
Type : File
Data : A0016074.vxd
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP189\



IBIS Toolbar Object Recognized!
Type : File
Data : A0016076.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP189\



IBIS Toolbar Object Recognized!
Type : File
Data : A0016086.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP190\



IBIS Toolbar Object Recognized!
Type : File
Data : A0016087.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP190\



IBIS Toolbar Object Recognized!
Type : File
Data : A0016088.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP190\



IBIS Toolbar Object Recognized!
Type : File
Data : A0016090.cfg
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP190\



IBIS Toolbar Object Recognized!
Type : File
Data : MFEX-1.DAT
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP190\snapshot\



WindUpdates Object Recognized!
Type : File
Data : ide21201.vxd
Category : Malware
Comment :
Object : C:\WINDOWS\SYSTEM32\



Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 106


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 106




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : common.buttons\clsid

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : common.buttons\clsid
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\mediaplayer\control\playbar

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\mediaplayer\control\playbar
Value : ClrShadow

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\mediaplayer\control\playbar
Value : ClrHighlight

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\mediaplayer\control\playbar
Value : ClrForeColor

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\mediaplayer\control\playbar
Value : ClrBackColor

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\mediaplayer\control\playbar
Value : ClrDownload

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\mediaplayer\control\playbar
Value : ClrViewed

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\mediaplayer\control\playbar
Value : ClrStatic

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : ErCount

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : LastSA

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : JDBINFO

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : JDBINFOShow

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : SEAINFO

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : SEAINFOShow

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : KImport_Hash

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : LastDll

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : FirstHomeAsk

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : AsQ

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : CSHOW

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : LastSE

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : ShowTray

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : FirstDone

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : Defskinused

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : BCount

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar
Value : ST_AUTOSHOW

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\installer\userdata\sto

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\installer\userdata\sto
Value : C

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\installer\userdata\sto
Value : A

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ttool_uninstall

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ttool_uninstall
Value : DisplayName

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ttool_uninstall
Value : UninstallString

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ttool_uninstall
Value : DisplayIcon

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : AllowUseDefskin

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : TB_ID

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : CFG_VER

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : CHECK_DAYS

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : CAPTION

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : AUTOHIGHLIGHT

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : AUTOSEARCH

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : AUTOSESEARCH

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : AUTOCOMPLETE

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : USECTRLENTER

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : USEALTENTER

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : USESHIFTENTER

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : ALLOWUPDATE

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : KEEPHISTORY

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : PRESERVEHISTORY

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : NARROWSEARCH

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : AUTOSHOW

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : TAKEADSUPPORTSETTINGS

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : DISABLEADSUPPORTSEARCH

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : DIALOG_PAUSE

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : REGISTRATION_PAUSE

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : URL_FOLDER_NAME

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : URL_ITEMS_1

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : URL_ITEMS_2

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : URL_ITEMS_3

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : URL_ITEMS_4

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : INSTALL_CONFIRM_1

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : UNINSTALL_CONFIRM

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : INSTALL_CONFIRM_SYS

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : INSTALL_CONFIRM_SYSEX

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : RECOVERY_URL

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : NONUTF_DOMAINS

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : KEYWORDS_IMPORT

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : BB_HELP_URL

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : SEARCH_INST

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : BBDSERVICE

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : OBE_FCAP

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : OVERRIDE_HOMEPAGE_DIALOG

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : USEENTER

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : USEAUTOSEARCH

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : ERROR404

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : OVERRIDE_AUTOSEARCH_DIALOG

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : AUTO_SEARCH

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : ERROR_PAGE

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : NO_AUTOSEARCH_HOOK

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : USESEARCHASSISTANT

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : OVERRIDE_IESEARCH_DIALOG

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : SEARCH_PAGE

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : SEARCH_PAGE_INFO

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : USEBB

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : OVERRIDE_BBACTIVATE_DIALOG

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : ACSIZE

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : USEBBENH

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : POPUPBLOCKER

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : OVERRIDE_JSDEBUG_DIALOG

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : DEACTIVATETOOLBARS

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : OVERRIDE_DEACTIVATE_DIALOG

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : IE_RESET

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : ITime

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : IGU

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : STUI

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : IEC

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : SEC

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : SOC

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : GSTC

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : UC

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : RTime

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : UCL

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : LastCFG

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : FIT

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : LogCount

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : IE4

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : IAS

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : STC

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : AVGSEARCH

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\tbpssvc

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\tbpssvc
Value : Type

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\tbpssvc
Value : Start

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\tbpssvc
Value : ErrorControl

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\tbpssvc
Value : ImagePath

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\tbpssvc
Value : DisplayName

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\tbpssvc
Value : ObjectName

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\tbpssvc
Value : Description

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\enum\root\legacy_tbpssvc

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\enum\root\legacy_tbpssvc
Value : NextInstance

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\enum\root\legacy_wintoolssvc

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\services\tbpssvc

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\services\tbpssvc
Value : Type

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\services\tbpssvc
Value : Start

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\services\tbpssvc
Value : ErrorControl

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\services\tbpssvc
Value : ImagePath

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\services\tbpssvc
Value : DisplayName

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\services\tbpssvc
Value : ObjectName

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\services\tbpssvc
Value : Description

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\main
Value : CustomizeSearch

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\installer\userdata
Value : TUID

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\run
Value : TBPS

IBIS Toolbar Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : C:\Program Files\Toolbar

IBIS Toolbar Object Recognized!
Type : File
Data : common.dll
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : nzqlihv.wzg
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : PIB.exe
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : radio.exe
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : rw.wzg
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : TBPS.exe
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : TBPSSvc.exe
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : toolbar.dll
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : xlmurin.wzg
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : xzxsv.wzg
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : yildhvi.olt
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : yywr.wzg
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : yywsv.wzg
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : zwipvbh.wzg
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : TBPS.ini
Category : Data Miner
Comment :
Object : C:\WINDOWS\System32\



WindUpdates Object Recognized!

[ibassplayer205]

WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\loaderx.exe

WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\loaderx.exe
Value : AppID

WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{735c5a0c-f79f-47a1-8ca1-2a2e482662a8}

WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{735c5a0c-f79f-47a1-8ca1-2a2e482662a8}
Value :

WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\downloadmanager

WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\media access

WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\media access
Value : UninstallString

WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\media access
Value : DisplayName

WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\run
Value : Media Access

WindUpdates Object Recognized!
Type : Folder
Category : Malware
Comment :
Object : C:\Program Files\Media Access

WindUpdates Object Recognized!
Type : File
Data : Info.txt
Category : Malware
Comment :
Object : C:\Program Files\media access\



WindUpdates Object Recognized!
Type : File
Data : MediaAccC.dll
Category : Malware
Comment :
Object : C:\Program Files\media access\



WindUpdates Object Recognized!
Type : File
Data : MediaAccess.exe
Category : Malware
Comment :
Object : C:\Program Files\media access\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : LoaderX Module
FileDescription : LoaderX Module
InternalName : LoaderX
LegalCopyright : Copyright 2005
OriginalFilename : LoaderX.EXE


WindUpdates Object Recognized!
Type : File
Data : MediaAccK.exe
Category : Malware
Comment :
Object : C:\Program Files\media access\



Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 169
Objects found so far: 275

2:30:44 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:01:16:53.815
Objects scanned:161136
Objects identified:275
Objects ignored:0
New critical objects:275

[ibassplayer205]

Thank you so much for taking the time to help me out. I really appreciate it.

[Rawe]

Welcome!

Ad-aware has found object(s) on your computer

If you chose to clean your computer from what Ad-aware found, follow these instructions below…

Make sure that you are using the * SE1R42 28.04.2005 * definition file.


Open up Ad-Aware SE and click on the gear to access the Configuration menu. Make sure that this setting is applied.

Click on Tweak > Cleaning engine > UNcheck "Always try to unload modules before deletion".

Disconnect from the internet (for broadband/cable users, it is recommended that you disconnect the cable connection) and close all open browsers or other programs you have running.

Then boot into Safe Mode

To clean your machine, it is highly recommended that you clean the following directory contents (but not the directory folder);

Run CCleaner to assist in this process.
Download CCleaner (Setup: go to >options > settings > Uncheck "Only delete files in Windows Temp folders older than 48 hours" for cleaning malware files!)

* C:\Windows\Temp\
* C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ <- This will delete all your cached internet content including cookies.
* C:\Documents and Settings\<Your Profile>\Local Settings\Temp\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temporary Internet Files\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temp\
* Empty your "Recycle Bin".

Run Ad-Aware SE from the command lines shown in the instructions shown below.

Click "Start" > select "Run" > type the text shown below (including the quotation marks and with the same spacing as shown)

"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" /full +procnuke
(For the Professional version)

"C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe" /full +procnuke
(For the Plus version)

"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnuke
(For the Personal version)


Click Ok.

Note; the path above is of the default installation location for Ad-aware SE, if this is different, adjust it to the location that you have installed it to.

When the scan has completed, select next. In the Scanning Results window, select the "Scan Summary"- tab. Check the box next to each "target family" you wish to remove. Click next, Click Ok.

If problems are caused by deleting a family, just leave it.


Reboot your computer after removal, run a new "full system scan" and post the results as a reply. Don't open any programs or connect to the internet at this time.

Then copy & paste the complete log file here. Don't quarantine or remove anything at this time, just post a complete logfile. This can sometimes takes 2-3 posts to get it all posted, once the "Summary of this scan" information is shown, you have posted all of your logfile.

Also, keep in mind that when you are posting another logfile keep "Search for negligible risk entries" deselected as negligible risk entries (Mru's) aren't considered as a threat. This option can be changed when choosing your scan type.

Remember to post your fresh scanlog in THIS topic.

- Rawe

[ibassplayer205]

Went through the steps you told me to and here is the new log file Ad-Aware gives me...

--------------------

Ad-Aware SE Build 1.05
Logfile Created on:Saturday, April 30, 2005 9:59:49 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R42 28.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
IBIS Toolbar(TAC index:5):7 total references
WindUpdates(TAC index:8):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:26 %
Total physical memory:260436 kb
Available physical memory:66232 kb
Total page file size:638148 kb
Available on page file:425432 kb
Total virtual memory:2097024 kb
Available virtual memory:2044984 kb
OS:Microsoft Windows XP Home Edition Service Pack 1 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


4-30-2005 9:59:49 AM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 644
ThreadCreationTime : 4-30-2005 2:56:51 PM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 752
ThreadCreationTime : 4-30-2005 2:56:56 PM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 776
ThreadCreationTime : 4-30-2005 2:56:57 PM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 820
ThreadCreationTime : 4-30-2005 2:56:59 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 832
ThreadCreationTime : 4-30-2005 2:57:00 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 1024
ThreadCreationTime : 4-30-2005 2:57:05 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 1088
ThreadCreationTime : 4-30-2005 2:57:07 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 1228
ThreadCreationTime : 4-30-2005 2:57:09 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 1264
ThreadCreationTime : 4-30-2005 2:57:10 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [ccsetmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
ProcessID : 1512
ThreadCreationTime : 4-30-2005 2:57:11 PM
BasePriority : Normal
FileVersion : 2.1.3.4
ProductVersion : 2.1.3.4
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:11 [ccevtmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
ProcessID : 1536
ThreadCreationTime : 4-30-2005 2:57:12 PM
BasePriority : Normal
FileVersion : 2.1.3.4
ProductVersion : 2.1.3.4
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:12 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1916
ThreadCreationTime : 4-30-2005 2:57:17 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:13 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1940
ThreadCreationTime : 4-30-2005 2:57:17 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:14 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 228
ThreadCreationTime : 4-30-2005 2:57:20 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:15 [avgamsvr.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
ProcessID : 260
ThreadCreationTime : 4-30-2005 2:57:21 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE

#:16 [avgupsvc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
ProcessID : 304
ThreadCreationTime : 4-30-2005 2:57:22 PM
BasePriority : Normal
FileVersion : 7,1,0,285
ProductVersion : 7.1.0.285
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE

#:17 [ccproxy.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccProxy.exe"
ProcessID : 324
ThreadCreationTime : 4-30-2005 2:57:23 PM
BasePriority : Normal
FileVersion : 2.1.2.800
ProductVersion : 2.1.2.800
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Network Proxy Service
InternalName : ccProxy
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccProxy.exe

#:18 [bcmsmmsg.exe]
ModuleName : C:\WINDOWS\BCMSMMSG.exe
Command Line : "C:\WINDOWS\BCMSMMSG.exe"
ProcessID : 344
ThreadCreationTime : 4-30-2005 2:57:24 PM
BasePriority : Normal
FileVersion : 3.5.25 08/27/2003 20:04:35
ProductVersion : 3.5.25 08/27/2003 20:04:35
ProductName : BCM Modem Messaging Applet
CompanyName : Broadcom Corporation
FileDescription : Modem Messaging Applet
InternalName : smdmstat.exe
LegalCopyright : Copyright © Broadcom Corporation 1998-2000
OriginalFilename : smdmstat.exe

#:19 [hkcmd.exe]
ModuleName : C:\WINDOWS\System32\hkcmd.exe
Command Line : "C:\WINDOWS\System32\hkcmd.exe"
ProcessID : 384
ThreadCreationTime : 4-30-2005 2:57:25 PM
BasePriority : Normal
FileVersion : 3.0.0.2311
ProductVersion : 7.0.0.2311
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2003, Intel Corporation
OriginalFilename : HKCMD.EXE

#:20 [navapsvc.exe]
ModuleName : C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
Command Line : "C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe"
ProcessID : 448
ThreadCreationTime : 4-30-2005 2:57:27 PM
BasePriority : Normal
FileVersion : 10.00.2
ProductVersion : 10.00.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright © 2003 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:21 [jusched.exe]
ModuleName : C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
Command Line : "C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe"
ProcessID : 452
ThreadCreationTime : 4-30-2005 2:57:27 PM
BasePriority : Normal


#:22 [syntplpr.exe]
ModuleName : C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
Command Line : "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
ProcessID : 468
ThreadCreationTime : 4-30-2005 2:57:28 PM
BasePriority : Normal
FileVersion : 7.6.4 15Aug03
ProductVersion : 7.6.4 15Aug03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright © Synaptics, Inc. 1996-2003
OriginalFilename : SynTPLpr.exe

#:23 [syntpenh.exe]
ModuleName : C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Command Line : "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
ProcessID : 480
ThreadCreationTime : 4-30-2005 2:57:29 PM
BasePriority : Normal
FileVersion : 7.6.4 15Aug03
ProductVersion : 7.6.4 15Aug03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright © Synaptics, Inc. 1996-2003
OriginalFilename : SynTPEnh.exe

#:24 [tfswctrl.exe]
ModuleName : C:\WINDOWS\system32\dla\tfswctrl.exe
Command Line : "C:\WINDOWS\system32\dla\tfswctrl.exe"
ProcessID : 492
ThreadCreationTime : 4-30-2005 2:57:30 PM
BasePriority : Normal
FileVersion : 1.04.07b
CompanyName : Sonic Solutions
FileDescription : Drive Letter Access Component
LegalCopyright : Copyright © 2004 Sonic Solutions

#:25 [sgtray.exe]
ModuleName : C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
Command Line : "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
ProcessID : 540
ThreadCreationTime : 4-30-2005 2:57:31 PM
BasePriority : Normal
FileVersion : 1.01.32a
CompanyName : Sonic Solutions
FileDescription : Sonic Update Manager
LegalCopyright : Copyright © 2002 Sonic Solutions

#:26 [pcmservice.exe]
ModuleName : C:\Program Files\Dell\Media Experience\PCMService.exe
Command Line : "C:\Program Files\Dell\Media Experience\PCMService.exe"
ProcessID : 568
ThreadCreationTime : 4-30-2005 2:57:32 PM
BasePriority : Normal
FileVersion : 1.0.1611
ProductVersion : 1.0.1611
ProductName : PCM2Launcher Application
CompanyName : CyberLink Corp.
FileDescription : PowerCinema Resident Program for Dell
InternalName : PowerCinema Resident Program for Dell
LegalCopyright : Copyright c 2003 CyberLink Corp.
OriginalFilename : PCM2Launcher.EXE

#:27 [dvdlauncher.exe]
ModuleName : C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
Command Line : "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
ProcessID : 600
ThreadCreationTime : 4-30-2005 2:57:32 PM
BasePriority : Normal
FileVersion : 3.00.0000
ProductVersion : 3.00.0000
ProductName : Cyberlink PowerCinema 3.0
CompanyName : CyberLink Corp.
FileDescription : CyberLink PowerCinema Resident Program
InternalName : CyberLink PowerCinema Resident Program
LegalCopyright : Copyright © 2003 CyberLink Corp.
OriginalFilename : DVDLauncher.EXE

#:28 [dadapp.exe]
ModuleName : C:\Program Files\Dell\AccessDirect\dadapp.exe
Command Line : "C:\Program Files\Dell\AccessDirect\dadapp.exe"
ProcessID : 660
ThreadCreationTime : 4-30-2005 2:57:33 PM
BasePriority : Normal


#:29 [ccapp.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
ProcessID : 700
ThreadCreationTime : 4-30-2005 2:57:34 PM
BasePriority : Normal
FileVersion : 2.1.3.4
ProductVersion : 2.1.3.4
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:30 [sndsrvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
Command Line : "C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
ProcessID : 724
ThreadCreationTime : 4-30-2005 2:57:36 PM
BasePriority : Normal
FileVersion : 5.3.2.67
ProductVersion : 5.3
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:31 [support.exe]
ModuleName : C:\Program Files\Common Files\Dell\EUSW\Support.exe
Command Line : "C:\Program Files\Common Files\Dell\EUSW\Support.exe"
ProcessID : 796
ThreadCreationTime : 4-30-2005 2:57:37 PM
BasePriority : Normal
FileVersion : 2, 1, 1, 0
ProductVersion : 1, 0, 0, 1
ProductName : Dell Support
CompanyName : Dell
FileDescription : Support
InternalName : Support
LegalCopyright : Copyright © 2002
OriginalFilename : Support.exe

#:32 [e_s4i2l1.exe]
ModuleName : C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2L1.EXE
Command Line : "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2L1.EXE" /P19 "EPSON Stylus CX6400" /O6 "USB001" /M "Stylus CX6400"
ProcessID : 1148
ThreadCreationTime : 4-30-2005 2:57:38 PM
BasePriority : Normal
FileVersion : 3.00
ProductVersion : 3.00
ProductName : EPSON Status Monitor 3
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Status Monitor 3
InternalName : E_S4I2L1
LegalCopyright : Copyright © SEIKO EPSON CORP. 2003
OriginalFilename : E_S4I2L1.EXE

#:33 [avgcc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
ProcessID : 1188
ThreadCreationTime : 4-30-2005 2:57:41 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE

#:34 [ituneshelper.exe]
ModuleName : C:\Program Files\iTunes\iTunesHelper.exe
Command Line : "C:\Program Files\iTunes\iTunesHelper.exe"
ProcessID : 940
ThreadCreationTime : 4-30-2005 2:57:43 PM
BasePriority : Normal
FileVersion : 4.7.0.42
ProductVersion : 4.7.0.42
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2004 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe

#:35 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 1232
ThreadCreationTime : 4-30-2005 2:57:44 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:36 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 1260
ThreadCreationTime : 4-30-2005 2:57:44 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:37 [mmtask.exe]
ModuleName : C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe
Command Line : "C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe"
ProcessID : 1328
ThreadCreationTime : 4-30-2005 2:57:45 PM
BasePriority : Normal
FileVersion : 1.0.0.1
ProductVersion : 1.0.0.1
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
InternalName : mmtask.exe
LegalCopyright : TODO: © <Company name>. All rights reserved.
OriginalFilename : mmtask.exe

#:38 [wltrysvc.exe]
ModuleName : C:\WINDOWS\System32\WLTRYSVC.EXE
Command Line : C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe
ProcessID : 1336
ThreadCreationTime : 4-30-2005 2:57:45 PM
BasePriority : Normal


#:39 [realsched.exe]
ModuleName : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
ProcessID : 1380
ThreadCreationTime : 4-30-2005 2:57:46 PM
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:40 [bcmwltry.exe]
ModuleName : C:\WINDOWS\System32\bcmwltry.exe
Command Line : C:\WINDOWS\System32\bcmwltry.exe
ProcessID : 1408
ThreadCreationTime : 4-30-2005 2:57:48 PM
BasePriority : Normal
FileVersion : 3.40.67.0
ProductVersion : 3.40.67.0
ProductName : Dell Wireless WLAN Card Wireless Network Tray Applet
CompanyName : Dell Computer Corporation
FileDescription : Dell Wireless WLAN Card Wireless Network Tray Applet
InternalName : bcmwltry.exe
LegalCopyright : 1998-2003, Dell Computer Corporation All Rights Reserved.
OriginalFilename : bcmwltry.exe

#:41 [avgemc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe"
ProcessID : 1428
ThreadCreationTime : 4-30-2005 2:57:49 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgemc.exe

#:42 [quickdcf.exe]
ModuleName : C:\Program Files\FinePixViewer\QuickDCF.exe
Command Line : "C:\Program Files\FinePixViewer\QuickDCF.exe"
ProcessID : 2136
ThreadCreationTime : 4-30-2005 2:58:07 PM
BasePriority : Normal
FileVersion : 4, 0, 0, 0
ProductVersion : 4, 0, 0, 0
ProductName : FinePixViewer
CompanyName : FUJI PHOTO FILM CO., LTD.
FileDescription : Exif Launcher
InternalName : QuickDCF
LegalCopyright : Copyright 2000-2003 FUJI PHOTO FILM CO.,LTD.
OriginalFilename : QuickDCF.exe

#:43 [wzqkpick.exe]
ModuleName : C:\Program Files\WinZip\WZQKPICK.EXE
Command Line : "C:\Program Files\WinZip\WZQKPICK.EXE"
ProcessID : 2176
ThreadCreationTime : 4-30-2005 2:58:10 PM
BasePriority : Normal
FileVersion : 1.0 (32-bit)
ProductVersion : 9.0 (6224)
ProductName : WinZip
CompanyName : WinZip Computing, Inc.
FileDescription : WinZip Executable
InternalName : WZQKPICK.EXE
LegalCopyright : Copyright © WinZip Computing, Inc. 1991-2004 - All Rights Reserved
LegalTrademarks : WinZip is a registered trademark of WinZip Computing, Inc
OriginalFilename : WZQKPICK.EXE
Comments : StringFileInfo: U.S. English

#:44 [msmsgs.exe]
ModuleName : C:\Program Files\Messenger\msmsgs.exe
Command Line : "C:\Program Files\Messenger\msmsgs.exe" -Embedding
ProcessID : 2760
ThreadCreationTime : 4-30-2005 2:58:48 PM
BasePriority : Normal
FileVersion : 4.7.0041
ProductVersion : Version 4.7
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 1997-2001
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:45 [ipodservice.exe]
ModuleName : C:\Program Files\iPod\bin\iPodService.exe
Command Line : "C:\Program Files\iPod\bin\iPodService.exe"
ProcessID : 3040
ThreadCreationTime : 4-30-2005 2:58:58 PM
BasePriority : Normal
FileVersion : 4.7.0.42
ProductVersion : 4.7.0.42
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2004 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:46 [wmiprvse.exe]
ModuleName : C:\WINDOWS\System32\wbem\wmiprvse.exe
Command Line : C:\WINDOWS\System32\wbem\wmiprvse.exe -Embedding
ProcessID : 3256
ThreadCreationTime : 4-30-2005 2:59:09 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:47 [wmiprvse.exe]
ModuleName : C:\WINDOWS\System32\wbem\wmiprvse.exe
Command Line : C:\WINDOWS\System32\wbem\wmiprvse.exe -Embedding
ProcessID : 3344
ThreadCreationTime : 4-30-2005 2:59:16 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:48 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 3388
ThreadCreationTime : 4-30-2005 2:59:28 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

IBIS Toolbar Object Recognized!
Type : File
Data : A0016380.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\



IBIS Toolbar Object Recognized!
Type : File
Data : A0016382.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\



IBIS Toolbar Object Recognized!
Type : File
Data : A0016383.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\



WindUpdates Object Recognized!
Type : File
Data : A0016385.vxd
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP198\



Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 4


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 4




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\enum\root\legacy_tbpssvc

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\enum\root\legacy_wintoolssvc

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer
Value : ServerProc

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\run
Value : WinTools

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 8

10:38:47 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:38:58.82
Objects scanned:151338
Objects identified:8
Objects ignored:0
New critical objects:8

[Rawe]

Hi again!
Run at least two if not all of these online virus scans here;
- F-secure
- Mcafee
- Trend Micro
- Panda Activescan

After scanned, post the results here.

- Rawe

[ibassplayer205]

Okay, scanned my computer with the online virus scans you told me to and here is what happend. When I scanned with F-secure and McAfee my computer shut down after about 3 minutes after I started the scan. When I tried rebooting after the McAfee failure, it shutdown when I got to the log-on screen. When I scanned with Trend Micro, it found no virus. And when I scanned with Panda Active Scan, it DID find a few things. Here are the results of that scan:

(I put the results in a code box so its easier to read)

[codebox]
Incident Status Location

Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Fun & Games\Betting.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Fun & Games\Casino Palace.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Fun & Games\Casino.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Fun & Games\Games.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Fun & Games\Horoscope.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Going Places\Air Tickets.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Going Places\Car Rentals.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Going Places\Hotel Deals.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Going Places\Luggage.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Going Places\Travel.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Living\Dating.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Living\Find a Degree.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Living\Find a job.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Living\Home.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Living\Insurance.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Shop\Auctions.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Shop\Books.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Shop\Computers.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Shop\Discount.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Shop\Flowers.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Shop\Golf.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Shop\Jewelry.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Shop\Movies.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Shop\Music.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Shop\Online Store.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Shop\Perfume.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Shop\Sleepwear.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Technology\Adware Remover.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Technology\Anti-Virus.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Technology\PC Cleaner.lnk
Adware:Adware/CWS No disinfected C:\Documents and Settings\Seth\Favorites\Technology\Tech & gadgets.lnk
Adware:Adware/Minibug No disinfected C:\Program Files\AIM\Sysfiles\WxBug.EXE
Adware:Adware/Minibug No disinfected C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll
Virus:Trj/Multidropper.TY Disinfected C:\temp\Bargains.exe
Adware:Adware/nCase No disinfected C:\temp\salmau.dat
Adware:Adware/nCase No disinfected C:\temp\salm_gdf.dat
Adware:Adware/nCase No disinfected C:\temp\salm_kyf.dat
Adware:Adware/nCase No disinfected C:\WINDOWS\180ax.exe
Adware:Adware/FunWeb No disinfected C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.8.inf
Adware:Adware/WinAD No disinfected C:\WINDOWS\Downloaded Program Files\MediaAccX.dll
Adware:Adware/Look2Me No disinfected C:\WINDOWS\SYSTEM\UpdInstall.exe
Adware:Adware/PowerScan No disinfected C:\WINDOWS\SYSTEM32\intrigue.dll
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\SYSTEM32\xmlparse.dll
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\SYSTEM32\xmltok.dll
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\unstall.exe

[/codebox]

[Rawe]

Please follow andy's instructions...
Then we will take another look

- Rawe