Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trojan-Spy.html.smitfraud.c

Started by DAMMZ , May 01 2005 12:23 PM

  • This topic is locked This topic is locked

#1
DAMMZ
Posted 01 May 2005 - 12:23 PM

DAMMZ

    Member

  • Member
  • PipPip
  • 12 posts
:tazz: ;) ok so far i still need help, ive been having this blue screen on my destop saying: SECURITY WARNING
a FATAL ERROR IN IE HAS OCCURED AT 0028:C0011E36 IN VMM<01>+
00010E36ERROR WAS CAUSED BY Trojan-Spy.HTML.Smitfraud.c
Afrer that i scan my computer with Ad-aware SE and here my logfile:
Ad-Aware SE Build 1.05
Logfile Created on:Sunday, May 01, 2005 10:20:03 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R42 28.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
180Solutions(TAC index:6):3 total references
Alexa(TAC index:5):11 total references
ClickSpring(TAC index:6):6 total references
CoolWebSearch(TAC index:10):19 total references
DyFuCA(TAC index:3):8 total references
EffectiveBrandToolbar(TAC index:7):18 total references
IBIS Toolbar(TAC index:5):386 total references
MRU List(TAC index:0):21 total references
Other(TAC index:5):7 total references
Possible Browser Hijack attempt(TAC index:3):7 total references
SahAgent(TAC index:9):5 total references
Security iGuard(TAC index:9):1 total references
Tracking Cookie(TAC index:3):70 total references
Windows(TAC index:3):1 total references
WindUpdates(TAC index:8):29 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


5-1-2005 10:20:03 AM - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\Owner.COMP\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\mediaplayer\preferences
Description : last cd record path used in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : software\musicmatch
Description : download location of the musicmatch installer


MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv
Description : file conversion location settings in musicmatch jukebox


MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\nvidia corporation\global\nview\windowmanagement
Description : nvidia nview cached application window positions


MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 368
ThreadCreationTime : 5-1-2005 5:12:40 PM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 520
ThreadCreationTime : 5-1-2005 5:12:43 PM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 544
ThreadCreationTime : 5-1-2005 5:12:43 PM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 692
ThreadCreationTime : 5-1-2005 5:12:43 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 704
ThreadCreationTime : 5-1-2005 5:12:43 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 884
ThreadCreationTime : 5-1-2005 5:12:44 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 984
ThreadCreationTime : 5-1-2005 5:12:44 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1236
ThreadCreationTime : 5-1-2005 5:12:56 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1268
ThreadCreationTime : 5-1-2005 5:12:56 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1372
ThreadCreationTime : 5-1-2005 5:12:56 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:11 [navapsvc.exe]
FilePath : c:\Program Files\Norton AntiVirus\
ProcessID : 1508
ThreadCreationTime : 5-1-2005 5:13:02 PM
BasePriority : Normal
FileVersion : 9.05.1015
ProductVersion : 9.05.1015
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Copyright © 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:12 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1532
ThreadCreationTime : 5-1-2005 5:13:02 PM
BasePriority : Normal
FileVersion : 6.14.10.4403
ProductVersion : 6.14.10.4403
ProductName : NVIDIA Driver Helper Service, Version 44.03
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 44.03
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:13 [omniserv.exe]
FilePath : C:\Program Files\Softex\OmniPass\
ProcessID : 1552
ThreadCreationTime : 5-1-2005 5:13:02 PM
BasePriority : Normal


#:14 [wtoolss.exe]
FilePath : C:\Program Files\Common Files\WinTools\
ProcessID : 1740
ThreadCreationTime : 5-1-2005 5:13:05 PM
BasePriority : Normal

Warning! IBIS Toolbar Object found in memory(C:\Program Files\Common Files\WinTools\WToolsS.exe)

IBIS Toolbar Object Recognized!
Type : Process
Data : WToolsS.exe
Category : Data Miner
Comment :
Object : C:\Program Files\Common Files\WinTools\


"C:\Program Files\Common Files\WinTools\WToolsS.exe"Process terminated successfully
"C:\Program Files\Common Files\WinTools\WToolsS.exe"Process terminated successfully

#:15 [opxpapp.exe]
FilePath : C:\Program Files\Softex\OmniPass\
ProcessID : 1792
ThreadCreationTime : 5-1-2005 5:13:08 PM
BasePriority : Normal


#:16 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2008
ThreadCreationTime : 5-1-2005 5:13:09 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:17 [hpsysdrv.exe]
FilePath : C:\windows\system\
ProcessID : 384
ThreadCreationTime : 5-1-2005 5:13:12 PM
BasePriority : Normal
FileVersion : 1, 7, 0, 0
ProductVersion : 1, 7, 0, 0
ProductName : hpsysdrv
CompanyName : Hewlett-Packard Company
FileDescription : hpsysdrv
InternalName : hpsysdrv
LegalCopyright : Copyright © 1998
OriginalFilename : hpsysdrv.exe

#:18 [hpqcmon.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\
ProcessID : 440
ThreadCreationTime : 5-1-2005 5:13:12 PM
BasePriority : Normal
FileVersion : 2.0.0.133
ProductVersion : 2.0.0.133
ProductName : HpqCmon Application
FileDescription : HpqCmon MFC Application
InternalName : HpqCmon
LegalCopyright : Copyright © 2001
OriginalFilename : HpqCmon.EXE

#:19 [hpwuschd.exe]
FilePath : C:\Program Files\HP\HP Software Update\
ProcessID : 464
ThreadCreationTime : 5-1-2005 5:13:12 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : Hewlett-Packard hpwuSchd
CompanyName : Hewlett-Packard
FileDescription : hpwuSchd
InternalName : hpwuSchd
LegalCopyright : Copyright © 2003
OriginalFilename : hpwuSchd.exe

#:20 [hphmon05.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 488
ThreadCreationTime : 5-1-2005 5:13:13 PM
BasePriority : Normal
FileVersion : 5,0,84
ProductVersion : 5,0,84
ProductName : HP Photosmart
CompanyName : Hewlett-Packard
FileDescription : HPHmon05
InternalName : HPHmon05
LegalCopyright : Copyright © 2003
OriginalFilename : HPHmon05.exe

#:21 [kbd.exe]
FilePath : C:\HP\KBD\
ProcessID : 496
ThreadCreationTime : 5-1-2005 5:13:13 PM
BasePriority : High


#:22 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1024
ThreadCreationTime : 5-1-2005 5:13:18 PM
BasePriority : Normal
FileVersion : 1.03.15
ProductVersion : 1.03.15
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client CC App
InternalName : ccApp
LegalCopyright : Copyright © 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:23 [shwicon2k.exe]
FilePath : C:\Program Files\Multimedia Card Reader\
ProcessID : 1248
ThreadCreationTime : 5-1-2005 5:13:18 PM
BasePriority : Idle
FileVersion : 1, 0, 0, 5
ProductVersion : 1, 0, 0, 5
ProductName : Alcor Micro Sunkist
CompanyName : Alcor Micro Corp
FileDescription : Sunkist
InternalName : Sunkist
LegalCopyright : Copyright c 2002
OriginalFilename : Sunkist.exe

#:24 [alcxmntr.exe]
FilePath : C:\WINDOWS\
ProcessID : 1328
ThreadCreationTime : 5-1-2005 5:13:18 PM
BasePriority : Normal
FileVersion : 1.2
ProductVersion : 1.2
ProductName : Realtek AC97 Audio - Event Monitor
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek AC97 Audio - Event Monitor
InternalName : Alcxmntr
LegalCopyright : Copyright © 2003 Realtek Semiconductor Corp.
OriginalFilename : Alcxmntr.exe

#:25 [hpztsb08.exe]
FilePath : C:\WINDOWS\System32\spool\drivers\w32x86\3\
ProcessID : 1776
ThreadCreationTime : 5-1-2005 5:13:19 PM
BasePriority : Normal
FileVersion : 2,224,2,0
ProductVersion : 2,224,2,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright © Hewlett-Packard Company 1999-2003

#:26 [gamechannel.exe]
FilePath : C:\Program Files\WildTangent\Apps\
ProcessID : 1848
ThreadCreationTime : 5-1-2005 5:13:19 PM
BasePriority : Normal
FileVersion : 1, 5, 1, 19
ProductVersion : 1, 5, 1, 0
ProductName : Game Channel
CompanyName : WildTangent
FileDescription : Game Channel
InternalName : Game Channel
LegalCopyright : Copyright © 2002
OriginalFilename : GameChannel.exe

#:27 [gamedrvr.exe]
FilePath : C:\Program Files\WildTangent\Apps\CDA\
ProcessID : 1948
ThreadCreationTime : 5-1-2005 5:13:19 PM
BasePriority : Normal
FileVersion : 5.0.0.190
ProductVersion : 5.0.0.190
ProductName : WildTangent Game Loader
CompanyName : WildTangent, Inc.
FileDescription : WildTangent Automatic Update Manager
LegalCopyright : All Rights Reserved © 2003-2004 WildTangent, Inc.

#:28 [ccevtmgr.exe]
FilePath : c:\Program Files\Common Files\Symantec Shared\
ProcessID : 1976
ThreadCreationTime : 5-1-2005 5:13:19 PM
BasePriority : Normal
FileVersion : 1.03.4
ProductVersion : 1.03.4
ProductName : Event Manager
CompanyName : Symantec Corporation
FileDescription : Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:29 [winos.exe]
FilePath : C:\WINDOWS\
ProcessID : 1124
ThreadCreationTime : 5-1-2005 5:13:20 PM
BasePriority : Normal


#:30 [mediaacck.exe]
FilePath : C:\Program Files\Media Access\
ProcessID : 476
ThreadCreationTime : 5-1-2005 5:13:21 PM
BasePriority : Normal

Warning! WindUpdates Object found in memory(C:\Program Files\Media Access\MediaAccK.exe)

WindUpdates Object Recognized!
Type : Process
Data : MediaAccK.exe
Category : Malware
Comment :
Object : C:\Program Files\Media Access\


"C:\Program Files\Media Access\MediaAccK.exe"Process terminated successfully
"C:\Program Files\Media Access\MediaAccK.exe"Process terminated successfully

#:31 [mediaaccess.exe]
FilePath : C:\Program Files\Media Access\
ProcessID : 588
ThreadCreationTime : 5-1-2005 5:13:22 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : LoaderX Module
FileDescription : LoaderX Module
InternalName : LoaderX
LegalCopyright : Copyright 2005
OriginalFilename : LoaderX.EXE

WindUpdates Object Recognized!
Type : Process
Data : MediaAccC.dll
Category : Malware
Comment : (CSI MATCH)
Object : C:\Program Files\Media Access\


Warning! WindUpdates Object found in memory(C:\Program Files\Media Access\MediaAccC.dll)

"C:\Program Files\Media Access\MediaAccess.exe"Process terminated successfully

#:32 [desktop.exe]
FilePath : C:\WINDOWS\isrvs\
ProcessID : 1116
ThreadCreationTime : 5-1-2005 5:13:27 PM
BasePriority : Normal
FileVersion : 1.1.0.20
ProductVersion : 1.0.0.0
FileDescription : Desktop Search

#:33 [wtoolsa.exe]
FilePath : C:\PROGRA~1\COMMON~1\WinTools\
ProcessID : 1132
ThreadCreationTime : 5-1-2005 5:13:40 PM
BasePriority : Normal


IBIS Toolbar Object Recognized!
Type : Process
Data : WToolsA.exe
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\PROGRA~1\COMMON~1\WinTools\


Warning! IBIS Toolbar Object found in memory(C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe)

"C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe"Process terminated successfully
"C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe"Process terminated successfully

#:34 [wsup.exe]
FilePath : C:\Program Files\Common Files\WinTools\
ProcessID : 2080
ThreadCreationTime : 5-1-2005 5:13:53 PM
BasePriority : Normal


IBIS Toolbar Object Recognized!
Type : Process
Data : WSup.exe
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\Program Files\Common Files\WinTools\


Warning! IBIS Toolbar Object found in memory(C:\Program Files\Common Files\WinTools\WSup.exe)

"C:\Program Files\Common Files\WinTools\WSup.exe"Process terminated successfully
"C:\Program Files\Common Files\WinTools\WSup.exe"Process terminated successfully

#:35 [tbps.exe]
FilePath : C:\PROGRA~1\Toolbar\
ProcessID : 2152
ThreadCreationTime : 5-1-2005 5:13:57 PM
BasePriority : Normal


IBIS Toolbar Object Recognized!
Type : Process
Data : TBPS.exe
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\PROGRA~1\Toolbar\


Warning! IBIS Toolbar Object found in memory(C:\PROGRA~1\Toolbar\TBPS.exe)

"C:\PROGRA~1\Toolbar\TBPS.exe"Process terminated successfully
"C:\PROGRA~1\Toolbar\TBPS.exe"Process terminated successfully

#:36 [pib.exe]
FilePath : C:\PROGRA~1\Toolbar\
ProcessID : 2452
ThreadCreationTime : 5-1-2005 5:14:30 PM
BasePriority : Realtime


IBIS Toolbar Object Recognized!
Type : Process
Data : PIB.exe
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\PROGRA~1\Toolbar\


Warning! IBIS Toolbar Object found in memory(C:\PROGRA~1\Toolbar\PIB.exe)

"C:\PROGRA~1\Toolbar\PIB.exe"Process terminated successfully
"C:\PROGRA~1\Toolbar\PIB.exe"Process terminated successfully

#:37 [vjfbvod.exe]
FilePath : c:\windows\system32\
ProcessID : 2532
ThreadCreationTime : 5-1-2005 5:14:33 PM
BasePriority : Normal
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.

#:38 [rundll32.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2704
ThreadCreationTime : 5-1-2005 5:14:34 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE

#:39 [radio.exe]
FilePath : c:\PROGRA~1\Toolbar\
ProcessID : 2792
ThreadCreationTime : 5-1-2005 5:14:37 PM
BasePriority : Normal


#:40 [wuauclt.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2856
ThreadCreationTime : 5-1-2005 5:14:41 PM
BasePriority : Normal
FileVersion : 5.4.3630.1106 (xpsp1.020828-1920)
ProductVersion : 5.4.3630.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Update AutoUpdate Client
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe

#:41 [wp.exe]
FilePath : C:\
ProcessID : 3048
ThreadCreationTime : 5-1-2005 5:14:50 PM
BasePriority : Normal


#:42 [msconfig.exe]
FilePath : C:\WINDOWS\System32\??stem32\
ProcessID : 3124
ThreadCreationTime : 5-1-2005 5:14:55 PM
BasePriority : Normal


ClickSpring Object Recognized!
Type : Process
Data : msconfig.exe
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\System32\??stem32\


Warning! ClickSpring Object found in memory(C:\WINDOWS\System32\??stem32\msconfig.exe)

"C:\WINDOWS\System32\??stem32\msconfig.exe"Process terminated successfully
"C:\WINDOWS\System32\??stem32\msconfig.exe"Process terminated successfully

#:43 [wtta.exe]
FilePath : C:\Documents and Settings\Owner.COMP\Application Data\
ProcessID : 3292
ThreadCreationTime : 5-1-2005 5:15:03 PM
BasePriority : Normal


#:44 [aoltray.exe]
FilePath : C:\Program Files\America Online 9.0a\
ProcessID : 3344
ThreadCreationTime : 5-1-2005 5:15:09 PM
BasePriority : Normal
FileVersion : 9.00.000
ProductVersion : 9.00.000
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : AOL Tray Icon
InternalName : AolTray
LegalCopyright : Copyright © America Online, Inc. 1999 - 2003

#:45 [hpqtra08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ProcessID : 3412
ThreadCreationTime : 5-1-2005 5:15:15 PM
BasePriority : Normal
FileVersion : 5.30.0.131
ProductVersion : 005.030.000.131
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP Digital Imaging Monitor (CUE)
InternalName : HPQTRA00
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPQTRA00.EXE
Comments : HP Digital Imaging Monitor (CUE)

#:46 [gcasdtserv.exe]
FilePath : C:\Program Files\Microsoft AntiSpyware\
ProcessID : 3468
ThreadCreationTime : 5-1-2005 5:15:18 PM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet™ is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe

#:47 [wincinemamgr.exe]
FilePath : C:\Program Files\InterVideo\Common\Bin\
ProcessID : 3604
ThreadCreationTime : 5-1-2005 5:15:29 PM
BasePriority : Normal
FileVersion : 1.8.2
ProductVersion : 1, 8, 2, 0
ProductName : WinCinema Manager for InterVideo WinCinema products
CompanyName : InterVideo Inc.
FileDescription : WinCinema Manager
InternalName : WinCinema Manager
LegalCopyright : Copyright 1999-2003 InterVideo, Inc. All rights reserved.
OriginalFilename : WinCinemaMgr.EXE

#:48 [wi32.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3624
ThreadCreationTime : 5-1-2005 5:15:31 PM
BasePriority : Normal


#:49 [calcheck.exe]
FilePath : C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\
ProcessID : 3704
ThreadCreationTime : 5-1-2005 5:15:40 PM
BasePriority : Normal
FileVersion : 4, 0, 0, 0
ProductVersion : 4, 0, 0, 0
ProductName : Calendar Checker Application
CompanyName : Ulead Systems, Inc.
FileDescription : Photo Express -- Calendar Checker
InternalName : CalCheck
LegalCopyright : Copyright © 1992-1999.Ulead Systems, Inc.
LegalTrademarks : Ulead Systems, MediaStudio, PhotoImpact and Photo Express are registered trademarks of Ulead Systems, Inc.
OriginalFilename : CalCheck.EXE

#:50 [backweb-137903.exe]
FilePath : C:\Program Files\Updates from HP\137903\Program\
ProcessID : 3744
ThreadCreationTime : 5-1-2005 5:15:42 PM
BasePriority : Normal


#:51 [limewire.exe]
FilePath : C:\Program Files\LimeWire\
ProcessID : 3776
ThreadCreationTime : 5-1-2005 5:15:43 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : LimeWire
CompanyName : Lime Wire, LLC
FileDescription : LimeWire
InternalName : LimeWire
LegalCopyright : Copyright © 2004
OriginalFilename : LimeWire.exe
Comments : The most advanced file sharing program on the planet.

#:52 [tbpssvc.exe]
FilePath : C:\PROGRA~1\Toolbar\
ProcessID : 3788
ThreadCreationTime : 5-1-2005 5:15:48 PM
BasePriority : Normal


IBIS Toolbar Object Recognized!
Type : Process
Data : TBPSSvc.exe
Category : Data Miner
Comment : (CSI MATCH)
Object : C:\PROGRA~1\Toolbar\


Warning! IBIS Toolbar Object found in memory(C:\PROGRA~1\Toolbar\TBPSSvc.exe)

"C:\PROGRA~1\Toolbar\TBPSSvc.exe"Process terminated successfully
"C:\PROGRA~1\Toolbar\TBPSSvc.exe"Process terminated successfully

#:53 [ymsgr_tray.exe]
FilePath : C:\PROGRA~1\Yahoo!\MESSEN~1\
ProcessID : 3996
ThreadCreationTime : 5-1-2005 5:16:06 PM
BasePriority : Normal


#:54 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 900
ThreadCreationTime : 5-1-2005 5:16:37 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:55 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3960
ThreadCreationTime : 5-1-2005 5:19:28 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 8
Objects found so far: 30


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{1e5f0d38-214b-4085-ad2a-d2290e6a2d2c}

WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{1e5f0d38-214b-4085-ad2a-d2290e6a2d2c}
Value :

WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{1e5f0d38-214b-4085-ad2a-d2290e6a2d2c}
Value : AppID

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2c4e6d22-b71f-491f-aad3-b6972a650d50}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2c4e6d22-b71f-491f-aad3-b6972a650d50}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{310cc549-4541-46a9-940f-52b342a6e682}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{310cc549-4541-46a9-940f-52b342a6e682}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{339bb23f-a864-48c0-a59f-29ea915965ec}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{339bb23f-a864-48c0-a59f-29ea915965ec}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{69357d4e-bf4d-4651-91e9-52ecd45a0128}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{69357d4e-bf4d-4651-91e9-52ecd45a0128}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{6e21f428-5617-47f7-aed8-b2e1d8fba711}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{6e21f428-5617-47f7-aed8-b2e1d8fba711}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{708be496-e202-497b-bc31-9cf47e3bf8d6}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{708be496-e202-497b-bc31-9cf47e3bf8d6}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{87067f04-de4c-4688-bc3c-4fcf39d609e7}

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{87766247-311c-43b4-8499-3d5fec94a183}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{87766247-311c-43b4-8499-3d5fec94a183}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{8952a998-1e7e-4716-b23d-3dbe03910972}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{8952a998-1e7e-4716-b23d-3dbe03910972}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{8b0fa130-0c3d-4cb1-aeb7-2c29da5509a3}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{8b0fa130-0c3d-4cb1-aeb7-2c29da5509a3}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{a8deb4a5-d9ef-4d21-b4f6-921475004e7d}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{a8deb4a5-d9ef-4d21-b4f6-921475004e7d}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{bbf122a7-8a4d-45b5-9e00-0f68bc87c904}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{bbf122a7-8a4d-45b5-9e00-0f68bc87c904}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{cae0999f-78c5-49dc-9f30-13142aaaaba4}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{cae0999f-78c5-49dc-9f30-13142aaaaba4}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{f1616b86-9288-489d-b71a-0ccf2f1a89da}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{f1616b86-9288-489d-b71a-0ccf2f1a89da}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{ff76a5da-6158-4439-99ff-edc1b3fe100c}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{ff76a5da-6158-4439-99ff-edc1b3fe100c}
Value :

WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9}

WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{234f09fb-fe89-4c6d-9203-31832fc051c3}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{234f09fb-fe89-4c6d-9203-31832fc051c3}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{365b9a54-e613-46e5-9db1-4f91a9de80bd}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{365b9a54-e613-46e5-9db1-4f91a9de80bd}
Value :

ClickSpring Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{3e4c3e0b-6bbe-4c94-86ca-6f055a989693}

ClickSpring Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{3e4c3e0b-6bbe-4c94-86ca-6f055a989693}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{618be527-b7f5-417c-bc51-98fdc2d6de61}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{618be527-b7f5-417c-bc51-98fdc2d6de61}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{66c22569-f05c-4a70-a142-763b337e1002}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{66c22569-f05c-4a70-a142-763b337e1002}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{7b8bd940-b1ef-460c-85a2-9acaaf7f9303}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{7b8bd940-b1ef-460c-85a2-9acaaf7f9303}
Value :

ClickSpring Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{81eb72d7-3949-450f-b035-de599959814f}

ClickSpring Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{81eb72d7-3949-450f-b035-de599959814f}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{99aa88d1-d9d3-410a-be9e-044f94c183da}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{99aa88d1-d9d3-410a-be9e-044f94c183da}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{c380566d-f343-42ab-987b-6b38a1a35747}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{c380566d-f343-42ab-987b-6b38a1a35747}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{d1951679-1d52-43fc-9585-0737143585f5}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{d1951679-1d52-43fc-9585-0737143585f5}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{f273d4ea-2025-4410-8408-251a0cd46be7}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{f273d4ea-2025-4410-8408-251a0cd46be7}
Value :

WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : mediaaccess.installer

WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : mediaaccess.installer
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : protocols\handler\tpro

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : protocols\handler\tpro
Value :

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : protocols\handler\tpro
Value : CLSID

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : protocols\name-space handler\res\toolbar.resprotocol

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : protocols\name-space handler\res\toolbar.resprotocol
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : protocols\name-space handler\res\wtoolsb.resprotocol

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : protocols\name-space handler\res\wtoolsb.resprotocol
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : radio.radioplayer

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : radio.radioplayer
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.pluginconfig

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.pluginconfig
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.plugindown

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.plugindown
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.plugindownadd

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.plugindownadd
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.pluginevents

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.pluginevents
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.plugininst

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
  • 0

Advertisements

#2
Daemon
Posted 01 May 2005 - 12:32 PM

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
Please stop posting in multiple forums - stick to the thread where you are being helped
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP