Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

[Referred]MyAdAware Log Part 3 of 3


  • Please log in to reply

#1
wdc202

wdc202

    Member

  • Member
  • PipPipPip
  • 259 posts
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sid shapiro@maxserving[2].txt
Category : Data Miner
Comment :
Value : c:\WINDOWS\Cookies\sid shapiro@maxserving[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sid shapiro@www.stopzilla[1].txt
Category : Data Miner
Comment :
Value : c:\WINDOWS\Cookies\sid shapiro@www.stopzilla[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : sid shapiro@realmedia[3].txt
Category : Data Miner
Comment :
Value : c:\WINDOWS\Cookies\sid shapiro@realmedia[3].txt

DealHelper Object Recognized!
Type : File
Data : dun[1].exe
Category : Malware
Comment :
Object : c:\WINDOWS\Temporary Internet Files\Content.IE5\Y3MZAPQZ\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : UnInstallKey Application
FileDescription : UnInstallKey MFC Application
InternalName : UnInstallKey
LegalCopyright : Copyright © 2003
OriginalFilename : UnInstallKey.EXE

Object "IExploreSkins.exe" found in this archive.

IBIS Toolbar Object Recognized!
Type : File
Data : Toolbar3[1].cab
Category : Data Miner
Comment : Object "IExploreSkins.exe" found in this archive.
Object : c:\WINDOWS\Temporary Internet Files\Content.IE5\I9VW1W7A\


Object "ceres.dll" found in this archive.

VX2 Object Recognized!
Type : File
Data : ceres[1].cab
Category : Malware
Comment : Object "ceres.dll" found in this archive.
Object : c:\WINDOWS\Temporary Internet Files\Content.IE5\VVXB3XSK\


Object "spike.exe" found in this archive.

MediaMotor Object Recognized!
Type : File
Data : ceres[1].cab
Category : Malware
Comment : Object "spike.exe" found in this archive.
Object : c:\WINDOWS\Temporary Internet Files\Content.IE5\VVXB3XSK\



VX2 Object Recognized!
Type : File
Data : polall2c[1].exe
Category : Malware
Comment :
Object : c:\WINDOWS\Temporary Internet Files\Content.IE5\VVXB3XSK\
FileVersion : 1, 0, 2, 17
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.


PeopleOnPage Object Recognized!
Type : File
Data : AutoUpdaterInstaller[1].exe
Category : Data Miner
Comment :
Object : c:\WINDOWS\Temporary Internet Files\Content.IE5\VVXB3XSK\



VX2 Object Recognized!
Type : File
Data : thnall2c[1].exe
Category : Malware
Comment :
Object : c:\WINDOWS\Temporary Internet Files\Content.IE5\OTGV8BCR\
FileVersion : 2, 0, 1, 8
ProductVersion : 2, 0, 1, 8
ProductName : Thinstaller
CompanyName : BetterInternet, Inc.
FileDescription : www.abetterinternet.com - Utility for downloading files and upgrading software.
InternalName : Install Utility
LegalCopyright : BetterInternet, Inc. © 2005
OriginalFilename : Thinstaller.exe
Comments : Utility for downloading files and upgrading software. Visit www.abetterinternet.com for more info.


VX2 Object Recognized!
Type : File
Data : CERES.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\
FileVersion : 0, 12, 4, 100
ProductVersion : 0, 12, 4, 100
ProductName : Ceres
CompanyName : Ceres
FileDescription : www.abetterinternet.com
InternalName : Ceres
LegalCopyright : Copyright © 2005
OriginalFilename : Ceres.dll
Comments : www.abetterinternet.com


VX2 Object Recognized!
Type : File
Data : Buddy.exe
Category : Malware
Comment :
Object : c:\WINDOWS\
FileVersion : 1.0.2.5
ProductVersion : 1.0.2.5
ProductName : Buddy Window
CompanyName : Direct Revenue
FileDescription : Buddy
InternalName : Buddy.exe
LegalCopyright : © Direct Revenue. All rights reserved.
OriginalFilename : Buddy.exe
Comments : Browser window for Direct Revenue


ImIServer IEPlugin Object Recognized!
Type : File
Data : systb.exe
Category : Data Miner
Comment :
Object : c:\WINDOWS\
FileVersion : 5.0.2001.10043
ProductVersion : 2001, 0, 0, 0
ProductName : MimarSinan Emissary, MimarSinan Charm Family
CompanyName : Mimar Sinan International
FileDescription : Emissary
InternalName : autonomy
LegalCopyright : Copyright © 1992-2000 Mimar Sinan International. All rights reserved.
OriginalFilename : autonomy.exe


VX2 Object Recognized!
Type : File
Data : wupdsnff.exe
Category : Malware
Comment :
Object : c:\WINDOWS\
FileVersion : 1, 0, 0, 12
ProductVersion : 1, 0, 0, 12
ProductName : Install Utility
CompanyName : BetterInternet, Inc.
FileDescription : www.abetterinternet.com - Utility for downloading files and upgrading software.
InternalName : Install Utility
LegalCopyright : BetterInternet, Inc. © 2004
OriginalFilename : InstUtil.exe
Comments : Utility for downloading files and upgrading software. Visit www.abetterinternet.com for more info.


IBIS Toolbar Object Recognized!
Type : File
Data : WToolsA.exe
Category : Data Miner
Comment :
Object : c:\Program Files\Common Files\WinTools\



IBIS Toolbar Object Recognized!
Type : File
Data : WToolsB.dll
Category : Data Miner
Comment :
Object : c:\Program Files\Common Files\WinTools\



IBIS Toolbar Object Recognized!
Type : File
Data : WSup.exe
Category : Data Miner
Comment :
Object : c:\Program Files\Common Files\WinTools\



IBIS Toolbar Object Recognized!
Type : File
Data : WToolsD.cfg
Category : Data Miner
Comment :
Object : c:\Program Files\Common Files\WinTools\



WindUpdates Object Recognized!
Type : File
Data : MediaAccC.dll
Category : Malware
Comment :
Object : c:\Program Files\Media Access\



Disk Scan Result for c:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 400


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 400




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adintelligence.AproposToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\autoloader

Adintelligence.AproposToolbar Object Recognized!
Type : Folder
Category : Misc
Comment :
Object : C:\Program Files\AutoUpdate

Adintelligence.AproposToolbar Object Recognized!
Type : File
Data : libexpat.dll
Category : Misc
Comment :
Object : C:\Program Files\autoupdate\



AdRotator Object Recognized!
Type : File
Data : hiwinnager.dat
Category : Malware
Comment :
Object : C:\WINDOWS\SYSTEM\



BookedSpace Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\vendor

BookedSpace Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\vendor\xml

BookedSpace Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\vendor\xml
Value :

BookedSpace Object Recognized!
Type : File
Data : bsx32.ini
Category : Malware
Comment :
Object : C:\WINDOWS\



IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : common.buttons\clsid

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : common.buttons\clsid
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\mediaplayer\control\playbar

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\mediaplayer\control\playbar
Value : ClrShadow

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\mediaplayer\control\playbar
Value : ClrHighlight

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\mediaplayer\control\playbar
Value : ClrForeColor

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\mediaplayer\control\playbar
Value : ClrBackColor

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\mediaplayer\control\playbar
Value : ClrDownload

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\mediaplayer\control\playbar
Value : ClrViewed

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\mediaplayer\control\playbar
Value : ClrStatic

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\toolbar

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\installer\userdata\sto

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\installer\userdata\sto
Value : C

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\installer\userdata\sto
Value : A

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ttool_uninstall

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ttool_uninstall
Value : DisplayName

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner

Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ttool_uninstall
Value : UninstallString

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ttool_uninstall
Value : DisplayIcon

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\wintools

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\wintools
Value : DisplayName

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\wintools
Value : UninstallString

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\wintools
Value : Publisher

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\wintools
Value : URLInfoAbout

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : ITime

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\toolbar
Value : AVGSEARCH

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\main
Value : CustomizeSearch

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\installer\userdata
Value : TUID

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\run
Value : TBPS

IBIS Toolbar Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : C:\Program Files\Toolbar

IBIS Toolbar Object Recognized!
Type : File
Data : TBPS.exe
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : gykhxlmu.rmr
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : zwipvbh.wzg
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : TOOLBAR.DLL
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : tbps.dat
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : PIB.exe
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : xlmurin.wzg
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : radio.exe
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : common.dll
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : nzqlihv.wzg
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : yildhvi.olt
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : rw.wzg
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : xzxsv.wzg
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : yywr.wzg
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



IBIS Toolbar Object Recognized!
Type : File
Data : yywsv.wzg
Category : Data Miner
Comment :
Object : C:\Program Files\toolbar\



AdDestroyer Object Recognized!
Type : Folder
Category : Malware
Comment :
Object : C:\Program Files\AdDestroyer

AdDestroyer Object Recognized!
Type : File
Data : UNWISE.EXE
Category : Malware
Comment :
Object : C:\Program Files\addestroyer\



AdDestroyer Object Recognized!
Type : File
Data : AdDestroyer.WAV
Category : Malware
Comment :
Object : C:\Program Files\addestroyer\



AdDestroyer Object Recognized!
Type : File
Data : AdDestroyer.exe
Category : Malware
Comment :
Object : C:\Program Files\addestroyer\
FileVersion : 0.00.0108
ProductVersion : 0.00.0108
ProductName : AdDestroyer
CompanyName : Spyware Labs
InternalName : AdDestroyer
OriginalFilename : AdDestroyer.exe


AdDestroyer Object Recognized!
Type : File
Data : PopOops.dll
Category : Malware
Comment :
Object : C:\WINDOWS\SYSTEM\
FileVersion : 2, 1, 0, 3
ProductVersion : 2, 1, 0, 3
ProductName : PopOops
CompanyName : Shahin Gasanov
FileDescription : PopOops
InternalName : PopOops
LegalCopyright : © 2002-2003 Gasanov.net
LegalTrademarks : Gasanov.net
OriginalFilename : PopOops.dll
Comments : Freeware


AdDestroyer Object Recognized!
Type : File
Data : PopOops2.dll
Category : Malware
Comment :
Object : C:\WINDOWS\SYSTEM\
FileVersion : 1.01.0001
ProductVersion : 1.01.0001
ProductName : PopOops2
CompanyName : Shahin Gasanov
FileDescription : PopOops2
InternalName : PopOops2
LegalCopyright : © 2002-2003 Gasanov.net
LegalTrademarks : Gasanov.net
OriginalFilename : PopOops2.dll
Comments : PopOops2


PeopleOnPage Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : C:\WINDOWS\TEMP\AutoUpdate0

PeopleOnPage Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : C:\WINDOWS\TEMP\Atf

PeopleOnPage Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : C:\Program Files\CxtPls

PeopleOnPage Object Recognized!
Type : File
Data : auto_update_uninstall.exe
Category : Data Miner
Comment :
Object : C:\WINDOWS\SYSTEM\



PeopleOnPage Object Recognized!
Type : File
Data : auto_update_uninstall.log
Category : Data Miner
Comment :
Object : C:\WINDOWS\SYSTEM\



PeopleOnPage Object Recognized!
Type : File
Data : auf0.exe
Category : Data Miner
Comment :
Object : C:\WINDOWS\TEMP\



PeopleOnPage Object Recognized!
Type : File
Data : setup.inf
Category : Data Miner
Comment :
Object : C:\WINDOWS\TEMP\autoupdate0\



PeopleOnPage Object Recognized!
Type : File
Data : ace.dll
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\
FileVersion : 5.1.18
ProductVersion : 5.1.18
ProductName : ACE
FileDescription : ACE
InternalName : ACEDLL
OriginalFilename : ACE.DLL


PeopleOnPage Object Recognized!
Type : File
Data : CxtPls.dll
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\



PeopleOnPage Object Recognized!
Type : File
Data : CXTPLS.exe
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Ads
CompanyName : Apropos Media
FileDescription : Internet Explorer
InternalName : Ads.
LegalCopyright : Copyright © 2003
OriginalFilename : SysAI.exe


PeopleOnPage Object Recognized!
Type : File
Data : ProxyStub.dll
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\



PeopleOnPage Object Recognized!
Type : File
Data : libexpat.dll
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\



PeopleOnPage Object Recognized!
Type : File
Data : WinGenerics.dll
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\



PeopleOnPage Object Recognized!
Type : File
Data : uninstaller.exe
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\



PeopleOnPage Object Recognized!
Type : File
Data : atl.dll
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\
FileVersion : 3.00.8449
ProductVersion : 6.00.8449
ProductName : Microsoft ® Visual C++
CompanyName : Microsoft Corporation
FileDescription : ATL Module for Windows (ANSI)
InternalName : ATL
LegalCopyright : Copyright © Microsoft Corp. 1996-1998
OriginalFilename : ATL.DLL


PeopleOnPage Object Recognized!
Type : File
Data : data.bin
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\



PeopleOnPage Object Recognized!
Type : File
Data : AI_04-06-2005.log
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\



PeopleOnPage Object Recognized!
Type : File
Data : AI_05-06-2005.log
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\



VirtualBouncer Object Recognized!
Type : File
Data : wrapperouter.exe
Category : Malware
Comment :
Object : C:\WINDOWS\SYSTEM\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Extractor
FileDescription : Extractor
InternalName : Starter
LegalCopyright : Copyright © AlexBS 2004
OriginalFilename : Starter.exe
Comments : Extractor


ClickSpring Object Recognized!
Type : File
Data : wapicc.exe
Category : Malware
Comment :
Object : C:\WINDOWS\SYSTEM\



ClickSpring Object Recognized!
Type : File
Data : crash.txt
Category : Malware
Comment :
Object : c:\



DealHelper Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\toolbar\webbrowser
Value : {01E04581-4EEE-11D0-BFE9-00AA005B4383}

DealHelper Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\run
Value : secure

DealHelper Object Recognized!
Type : Folder
Category : Malware
Comment :
Object : C:\WINDOWS\SYSTEM\DealHelper

Elitum.ElitebarBHO Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : TM

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : U

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AD

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AC

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : I

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AM

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AT

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : TR

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : leck

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : country

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : city

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : state

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX2.8

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX2.9

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX3.0

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX3.1

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX3.2

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : RX3.3

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : FU3.4

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : FU3.5

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : FU3.6

Elitum.ElitebarBHO Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : LU3.7

VX2 Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\toolbar\webbrowser
Value : {0E5CBF21-D15F-11D0-8301-00AA005B4383}

VX2 Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\run
Value : KavSvc

VX2 Object Recognized!
Type : Folder
Category : Malware
Comment :
Object : C:\WINDOWS\TEMP\DrTemp

VX2 Object Recognized!
Type : File
Data : FARMMEXT.INI
Category : Malware
Comment :
Object : C:\WINDOWS\



VX2 Object Recognized!
Type : File
Data : wmconfig.cpl
Category : Malware
Comment :
Object : C:\WINDOWS\SYSTEM\



VX2 Object Recognized!
Type : File
Data : CERES.INF
Category : Malware
Comment :
Object : C:\WINDOWS\inf\



Roings Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\intexp

Roings Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\intexp
Value : IID

Roings Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\intexp
Value : Version

Roings Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\intexp
Value : Date

Roings Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\intexp
Value : bid

ImIServer IEPlugin Object Recognized!
Type : File
Data : lu.dat
Category : Data Miner
Comment :
Object : C:\WINDOWS\



ImIServer IEPlugin Object Recognized!
Type : File
Data : redir.txt
Category : Data Miner
Comment :
Object : C:\WINDOWS\



WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\downloadmanager

WindUpdates Object Recognized!
Type : Folder
Category : Malware
Comment :
Object : C:\Program Files\Media Access

WindUpdates Object Recognized!
Type : File
Data : NETBEUI.VXD
Category : Malware
Comment :
Object : C:\WINDOWS\SYSTEM\
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : NETBEUI Virtual Device (Version 4.0)
InternalName : NETBEUI
LegalCopyright : Copyright © Microsoft Corp. 1988-1998
OriginalFilename : NETBEUI.VXD


WindUpdates Object Recognized!
Type : File
Data : MediaAccK.exe
Category : Malware
Comment :
Object : C:\Program Files\media access\



WindUpdates Object Recognized!
Type : File
Data : Info.txt
Category : Malware
Comment :
Object : C:\Program Files\media access\



WindUpdates Object Recognized!
Type : File
Data : MediaAccess.exe
Category : Malware
Comment :
Object : C:\Program Files\media access\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : LoaderX Module
FileDescription : LoaderX Module
InternalName : LoaderX
LegalCopyright : Copyright 2005
OriginalFilename : LoaderX.EXE


AdDestroyer Object Recognized!
Type : File
Data : AdDestroyer.lnk
Category : Malware
Comment : Shortcut to bad file : C:\WINDOWS\Start Menu\Programs\Disabled Startup Items\AdDestroyer.lnk
Object : C:\WINDOWS\Start Menu\Programs\Disabled Startup Items\



Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 127
Objects found so far: 527

10:29:46 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:23:39.390
Objects scanned:164634
Objects identified:527
Objects ignored:0
New critical objects:527
  • 0

Advertisements


#2
don77

don77

    Malware Expert

  • Retired Staff
  • 18,526 posts
Please follow the instructions located in Step Five: Posting a Hijack This Log. Post your HJT log as a reply to this thread, which has been relocated to the Malware Removal Forum for providing you with further assistance.

Kindly note that it is very busy in the Malware Removal Forum, so there may be a delay in receiving a reply. Please also note that HJT logfiles are reviewed on a first come/first served basis.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP