Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

[Referred]My Log File [CLOSED]

Started by Kirjava , Jul 05 2005 10:44 AM

  • This topic is locked This topic is locked

#1
Kirjava
Posted 05 July 2005 - 10:44 AM

Kirjava

    New Member

  • Member
  • Pip
  • 6 posts
Hello,

I am posting a recent log file. I've had problems on my computer for some time, and it's been a while that I've had any time to attempt to fix it. Any help is appreciated. :tazz:


Ad-Aware SE Build 1.06r1
Logfile Created on:Tuesday, July 05, 2005 11:16:23 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R52 30.06.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
7-5-2005 11:11:25 AM - Definitions not loaded or invalid!

7-5-2005 11:11:28 AM WebUpdate

Installing Update...
Definitions File Loaded:
Reference Number : SE1R52 30.06.2005
Internal build : 60
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 485588 Bytes
Total size : 1468054 Bytes
Signature data size : 1436270 Bytes
Reference data size : 31272 Bytes
Signatures total : 40920
CSI Fingerprints total : 919
CSI data size : 31888 Bytes
Target categories : 15
Target families : 697


7-5-2005 11:11:39 AM Success
Update successfully downlodaded and installed.


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:56 %
Total physical memory:523568 kb
Available physical memory:290824 kb
Total page file size:1280448 kb
Available on page file:1112532 kb
Total virtual memory:2097024 kb
Available virtual memory:2040064 kb
OS:Microsoft Windows XP Professional (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Prior to deletion, allow unloading Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic settings in log file
Set : Include additional settings in log file
Set : Play sound at scan completion if scan locates critical objects


7/5/2005 11:16:23 AM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 616
ThreadCreationTime : 7/5/2005 2:54:23 PM
BasePriority : Normal


#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 696
ThreadCreationTime : 7/5/2005 2:55:26 PM
BasePriority : Normal


#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 720
ThreadCreationTime : 7/5/2005 2:55:31 PM
BasePriority : High


#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 764
ThreadCreationTime : 7/5/2005 2:55:35 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 776
ThreadCreationTime : 7/5/2005 2:55:35 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 960
ThreadCreationTime : 7/5/2005 2:55:49 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 1076
ThreadCreationTime : 7/5/2005 2:55:57 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 1240
ThreadCreationTime : 7/5/2005 2:56:34 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 1316
ThreadCreationTime : 7/5/2005 2:57:00 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1436
ThreadCreationTime : 7/5/2005 2:57:45 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:11 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 1540
ThreadCreationTime : 7/5/2005 2:57:53 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:12 [netmdsb.exe]
ModuleName : C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
Command Line : "C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe"
ProcessID : 1612
ThreadCreationTime : 7/5/2005 2:57:56 PM
BasePriority : Normal
FileVersion : 2.0.03.16212
ProductVersion : 2.0.03.16212
ProductName : MD Simple Burner
CompanyName : Sony Corporation
FileDescription : MD Simple Burner
InternalName : MD Simple Burner
LegalCopyright : Copyright 2001, 2002, 2003 Sony Corporation
OriginalFilename : NetMDSB.exe
Comments : MD Simple Burner

#:13 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 1652
ThreadCreationTime : 7/5/2005 2:58:01 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:14 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 232
ThreadCreationTime : 7/5/2005 2:59:01 PM
BasePriority : Normal
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:15 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 1424
ThreadCreationTime : 7/5/2005 2:59:47 PM
BasePriority : Normal
FileVersion : 6.4
ProductVersion : QuickTime 6.4
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2003
OriginalFilename : QTTask.exe

#:16 [vkalmz.exe]
ModuleName : C:\WINDOWS\System32\vkalmz.exe
Command Line : "C:\WINDOWS\System32\vkalmz.exe" reg_run
ProcessID : 1904
ThreadCreationTime : 7/5/2005 2:59:50 PM
BasePriority : Normal


#:17 [msgplus.exe]
ModuleName : C:\Program Files\Messenger Plus! 3\MsgPlus.exe
Command Line : "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
ProcessID : 2008
ThreadCreationTime : 7/5/2005 3:00:01 PM
BasePriority : Normal


#:18 [dvpapi.exe]
ModuleName : C:\Program Files\Common Files\Command Software\dvpapi.exe
Command Line : "C:\Program Files\Common Files\Command Software\dvpapi.exe"
ProcessID : 3076
ThreadCreationTime : 7/5/2005 3:04:51 PM
BasePriority : Normal


#:19 [iexplore.exe]
ModuleName : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Command Line : "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
ProcessID : 1564
ThreadCreationTime : 7/5/2005 3:06:26 PM
BasePriority : Normal
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:20 [iexplore.exe]
ModuleName : c:\progra~1\intern~1\iexplore.exe
Command Line : "c:\progra~1\intern~1\iexplore.exe"
ProcessID : 3120
ThreadCreationTime : 7/5/2005 3:06:58 PM
BasePriority : Normal
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:21 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 1256
ThreadCreationTime : 7/5/2005 3:11:12 PM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{40b1d454-9ca4-43cc-86aa-cb175eac52fb}

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{1c01d150-91a4-4de0-9bf8-a35d1bdf1001}

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dyfuca_bh.bhobj.1

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dyfuca_bh.bhobj

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{00000010-6f7d-442c-93e3-4a4827c2e4c8}

GetMirar Object Recognized:
Type : RegKey
Data :
TAC Index : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e}

GetMirar Object Recognized:
Type : RegKey
Data :
TAC Index : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{1037b06c-84b7-4240-8d80-485810a0497d}

GetMirar Object Recognized:
Type : RegKey
Data :
TAC Index : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{224302b0-94e9-45c2-9e5b-ba989ee556e1}

GetMirar Object Recognized:
Type : RegKey
Data :
TAC Index : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{54b287f9-fd90-4457-b65e-cb91560c021d}

GetMirar Object Recognized:
Type : RegKey
Data :
TAC Index : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{6e4c7afc-9915-4036-b7f9-8b3f1710788f}

GetMirar Object Recognized:
Type : RegKey
Data :
TAC Index : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : nn_bar_dummy.nn_bardummy

GetMirar Object Recognized:
Type : RegKey
Data :
TAC Index : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : nn_bar_dummy.nn_bardummy.1

GetMirar Object Recognized:
Type : RegKey
Data :
TAC Index : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{566dede9-9ed8-45da-9be6-9b2eeab17f49}

GetMirar Object Recognized:
Type : RegKey
Data :
TAC Index : 8
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{f8310e7d-4c4d-46a4-a068-b5bb99411cc7}

istbar Object Recognized:
Type : RegKey
Data :
TAC Index : 7
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{86227d9c-0efe-4f8a-aa55-30386a3f5686}

VX2 Object Recognized:
Type : RegKey
Data :
TAC Index : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : folder\shellex\columnhandlers\{6ec11407-5b2e-4e25-8bdf-77445b52ab37}

VX2 Object Recognized:
Type : RegKey
Data :
TAC Index : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{6ec11407-5b2e-4e25-8bdf-77445b52ab37}

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\policies\avenue media

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\ist

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\ist
Value : account_id

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\ist
Value : config

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\ist
Value : Recover

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\avenue media

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : last_conn_l

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : we

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : cdata

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : TimeOffset

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : action_url_version

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : action_url_last_chunk

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : action_url_last_full_version

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : key_file

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : kw_last_chunk

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : geourl_last_full_version

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : geourl_current_version

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : actionurl_last_full_version

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : actionurl_current_version

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : keyword_last_full_version

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : keyword_current_version

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : recent_shown

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : key_int_high

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\sais
Value : key_int_low

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\sais

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\sais
Value : mt2

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\sais
Value : mt3

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\sais
Value : gma

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\sais
Value : gvi

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\sais
Value : gpi

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\sais
Value : boom

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\sais
Value : boom_ver

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\sais
Value : did

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\sais
Value : duid

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\sais
Value : partner_id

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\sais
Value : product_id

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\sais
Value : umt

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\policies\avenue media

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\dyfuca

DyFuCA Object Recognized:
Type : RegKey
Data : DyFuCA
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\windows\currentversion\uninstall\DyFuCA

DyFuCA Object Recognized:
Type : RegKey
Data : DyFuCA
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-18\software\microsoft\windows\currentversion\uninstall\DyFuCA

DyFuCA Object Recognized:
Type : RegKey
Data : DyFuCA
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-19\software\microsoft\windows\currentversion\uninstall\DyFuCA

DyFuCA Object Recognized:
Type : RegKey
Data : DyFuCA
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-20\software\microsoft\windows\currentversion\uninstall\DyFuCA

DyFuCA Object Recognized:
Type : RegKey
Data : DyFuCA
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\microsoft\windows\currentversion\uninstall\DyFuCA

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{00000010-6f7d-442c-93e3-4a4827c2e4c8}

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\avenue media

istbar Object Recognized:
Type : RegValue
Data :
TAC Index : 7
Category : Malware
Comment : "{86227D9C-0EFE-4f8a-AA55-30386A3F5686}"
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\microsoft\internet explorer\toolbar\webbrowser
Value : {86227D9C-0EFE-4f8a-AA55-30386A3F5686}

Powerscan Object Recognized:
Type : RegValue
Data :
TAC Index : 5
Category : Malware
Comment : "account_id"
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\software\powerscan
Value : account_id

Powerscan Object Recognized:
Type : RegValue
Data :
TAC Index : 5
Category : Malware
Comment : "LoadNum"
Rootkey : HKEY_LOCAL_MACHINE
Object : software\powerscan
Value : LoadNum

Powerscan Object Recognized:
Type : RegValue
Data :
TAC Index : 5
Category : Malware
Comment : "account_id"
Rootkey : HKEY_USERS
Object : S-1-5-21-448539723-1563985344-682003330-1004\\software\powerscan
Value : account_id

Registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 68
Objects found so far: 68


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 68


Started tracking cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized:
Type : IECache Entry
Data : katherine@trafficmp[2].txt
TAC Index : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:[email protected]/
Expires : 7/5/2006 11:28:48 AM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : katherine@casalemedia[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Katherine\Cookies\katherine@casalemedia[1].txt

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 2
Objects found so far: 70



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@247realmedia[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@247realmedia[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@2o7[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@2o7[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@ad-logics[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@ad-logics[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@adrevolver[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@adrevolver[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@adrevolver[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@adrevolver[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@advertising[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@advertising[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@adviva[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@adviva[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@apmebf[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@apmebf[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@atdmt[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@atdmt[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@bfast[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@bfast[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@bluestreak[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@bluestreak[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@casalemedia[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@casalemedia[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@centrport[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@centrport[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@cgi-bin[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@cgi-bin[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@cgi-bin[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@cgi-bin[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@doubleclick[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@doubleclick[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@estat[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@estat[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@euniverseads[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@euniverseads[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@fastclick[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@fastclick[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@findwhat[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@findwhat[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@hitbox[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@hitbox[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@lop[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@lop[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@maxserving[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@maxserving[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@mediaplex[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@mediaplex[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@okcounter[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@okcounter[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@qksrv[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@qksrv[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@questionmarket[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@questionmarket[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@realmedia[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@realmedia[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@revenue[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@revenue[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@serving-sys[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@serving-sys[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@statcounter[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@statcounter[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@targetnet[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@targetnet[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@tickle[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@tickle[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@tradedoubler[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@tradedoubler[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@trafficmp[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@trafficmp[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@tribalfusion[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@tribalfusion[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@valueclick[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@valueclick[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@weborama[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@weborama[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : carmina@zedo[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Carmina\Cookies\carmina@zedo[1].txt

Lop Object Recognized:
  • 0

Advertisements

#2
Kirjava
Posted 05 July 2005 - 10:47 AM

Kirjava

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Lop Object Recognized:
Type : File
Data : walhazhn.exe
TAC Index : 7
Category : Malware
Comment :
Object : C:\Documents and Settings\Ismael Picazo\Application Data\Internet rect bold\



Tracking Cookie Object Recognized:
Type : IECache Entry
Data : ismael picazo@2o7[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Ismael Picazo\Cookies\ismael picazo@2o7[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : ismael [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Ismael Picazo\Cookies\ismael [email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : ismael [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Ismael Picazo\Cookies\ismael [email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : ismael [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Ismael Picazo\Cookies\ismael [email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : ismael picazo@lop[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Ismael Picazo\Cookies\ismael picazo@lop[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : ismael [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Ismael Picazo\Cookies\ismael [email protected][1].txt

Coulomb Dialer Object Recognized:
Type : File
Data : Groove.x32
TAC Index : 5
Category : Dialer
Comment :
Object : C:\Documents and Settings\Katherine\Application Data\Macromedia\Shockwave Player\xtras\download\TheGrooveAlliance\3DGrooveXtrav181\
FileVersion : 1, 8, 1, 0
ProductVersion : 1, 8, 1, 0
ProductName : GROOVE
FileDescription : GROOVE
InternalName : GROOVE
LegalCopyright : Copyright 2001
OriginalFilename : GROOVE.x32


YourSiteBar Object Recognized:
Type : File
Data : ysb.dll
TAC Index : 6
Category : Malware
Comment :
Object : C:\Documents and Settings\Katherine\Local Settings\Temp\temp.fr0BE7\
FileVersion : 1, 2, 0, 4
ProductVersion : 1, 2, 0, 4
ProductName : YourSiteBar
FileDescription : YourSiteBar
InternalName : YourSiteBar
LegalCopyright : Copyright 2004
OriginalFilename : ysb.dll


Coulomb Dialer Object Recognized:
Type : File
Data : Groove.x32
TAC Index : 5
Category : Dialer
Comment :
Object : C:\Documents and Settings\Melissa-Melvin\Application Data\Macromedia\Shockwave Player\xtras\download\TheGrooveAlliance\3DGrooveXtrav181\
FileVersion : 1, 8, 1, 0
ProductVersion : 1, 8, 1, 0
ProductName : GROOVE
FileDescription : GROOVE
InternalName : GROOVE
LegalCopyright : Copyright 2001
OriginalFilename : GROOVE.x32


Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@2o7[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@2o7[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@adtech[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@adtech[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@advertising[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@advertising[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@adviva[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@adviva[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@apmebf[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@apmebf[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@atdmt[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@atdmt[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@bfast[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@bfast[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@bluestreak[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@bluestreak[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@bravenet[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@bravenet[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@casalemedia[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@casalemedia[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@centrport[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@centrport[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@cgi-bin[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@cgi-bin[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@cgi-bin[3].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@cgi-bin[3].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@cgi-bin[4].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@cgi-bin[4].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@doubleclick[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@doubleclick[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@estat[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@estat[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@fastclick[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@fastclick[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@goclick[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@goclick[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@hitbox[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@hitbox[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@internetfuel[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@internetfuel[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@kelkoo[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@kelkoo[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@kelkoo[3].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@kelkoo[3].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@linksynergy[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@linksynergy[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@lop[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@lop[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@maxserving[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@maxserving[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@mediaplex[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@mediaplex[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@qksrv[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@qksrv[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@qsrch[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@qsrch[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@questionmarket[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@questionmarket[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@realmedia[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@realmedia[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@real[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@real[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@revenue[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@revenue[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@serving-sys[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@serving-sys[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@sextracker[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@sextracker[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@statcounter[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@statcounter[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@targetnet[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@targetnet[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@tickle[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@tickle[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@trafficmp[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@trafficmp[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@tribalfusion[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@tribalfusion[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@tripod[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@tripod[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@valuead[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@valuead[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@valueclick[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@valueclick[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@weborama[1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@weborama[1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@x10[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@x10[2].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : [email protected][1].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized:
Type : IECache Entry
Data : melissa-melvin@zedo[2].txt
TAC Index : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Melissa-Melvin\Cookies\melissa-melvin@zedo[2].txt

DyFuCA Object Recognized:
Type : File
Data : A0021947.exe
TAC Index : 3
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7A4592CA-1E82-4BCF-A7E0-53E8E59AFA7A}\RP256\
FileVersion : 5, 12, 0, 13
ProductVersion : 5, 12, 0, 13
ProductName : Search Assistant
CompanyName : 180solutions, Inc.
FileDescription : Search Assistant
LegalCopyright : Copyright © 2004, 180solutions Inc.


DyFuCA Object Recognized:
Type : File
Data : A0021948.exe
TAC Index : 3
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7A4592CA-1E82-4BCF-A7E0-53E8E59AFA7A}\RP256\



Powerscan Object Recognized:
Type : File
Data : A0021949.exe
TAC Index : 5
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7A4592CA-1E82-4BCF-A7E0-53E8E59AFA7A}\RP256\
FileVersion : 1, 1, 0, 2
ProductVersion : 1, 1, 0, 2
ProductName : PowerScan v1.1
FileDescription : PowerScan v1.1
InternalName : PowerScan v1.1
LegalCopyright : Copyright © 2004
OriginalFilename : Power-Scan.exe


GetMirar Object Recognized:
Type : File
Data : A0021951.dll
TAC Index : 8
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7A4592CA-1E82-4BCF-A7E0-53E8E59AFA7A}\RP256\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : NN_Bar_Dummy Module
FileDescription : NN_Bar_Dummy Module
InternalName : NN_Bar_Dummy
LegalCopyright : Copyright 2004
OriginalFilename : NN_Bar_Dummy.DLL


YourSiteBar Object Recognized:
Type : File
Data : A0022637.dll
TAC Index : 6
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7A4592CA-1E82-4BCF-A7E0-53E8E59AFA7A}\RP256\
FileVersion : 1, 2, 0, 4
ProductVersion : 1, 2, 0, 4
ProductName : YourSiteBar
FileDescription : YourSiteBar
InternalName : YourSiteBar
LegalCopyright : Copyright 2004
OriginalFilename : ysb.dll


YourSiteBar Object Recognized:
Type : File
Data : A0023918.dll
TAC Index : 6
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7A4592CA-1E82-4BCF-A7E0-53E8E59AFA7A}\RP266\
FileVersion : 1, 2, 0, 4
ProductVersion : 1, 2, 0, 4
ProductName : YourSiteBar
FileDescription : YourSiteBar
InternalName : YourSiteBar
LegalCopyright : Copyright 2004
OriginalFilename : ysb.dll


Powerscan Object Recognized:
Type : File
Data : A0023919.exe
TAC Index : 5
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7A4592CA-1E82-4BCF-A7E0-53E8E59AFA7A}\RP266\
FileVersion : 1, 1, 0, 2
ProductVersion : 1, 1, 0, 2
ProductName : PowerScan v1.1
FileDescription : PowerScan v1.1
InternalName : PowerScan v1.1
LegalCopyright : Copyright © 2004
OriginalFilename : Power-Scan.exe


DyFuCA Object Recognized:
Type : File
Data : A0023923.exe
TAC Index : 3
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7A4592CA-1E82-4BCF-A7E0-53E8E59AFA7A}\RP266\



GetMirar Object Recognized:
Type : File
Data : A0024215.dll
TAC Index : 8
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7A4592CA-1E82-4BCF-A7E0-53E8E59AFA7A}\RP277\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : NN_Bar_Dummy Module
FileDescription : NN_Bar_Dummy Module
InternalName : NN_Bar_Dummy
LegalCopyright : Copyright 2004
OriginalFilename : NN_Bar_Dummy.DLL


VX2 Object Recognized:
Type : File
Data : A0024544.exe
TAC Index : 10
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7A4592CA-1E82-4BCF-A7E0-53E8E59AFA7A}\RP290\



VX2 Object Recognized:
Type : File
Data : A0024547.exe
TAC Index : 10
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7A4592CA-1E82-4BCF-A7E0-53E8E59AFA7A}\RP290\



VX2 Object Recognized:
Type : File
Data : A0024549.dll
TAC Index : 10
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7A4592CA-1E82-4BCF-A7E0-53E8E59AFA7A}\RP290\



VX2 Object Recognized:
Type : File
Data : A0026914.dll
TAC Index : 10
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7A4592CA-1E82-4BCF-A7E0-53E8E59AFA7A}\RP310\



DealHelper Object Recognized:
Type : File
Data : dun.exe
TAC Index : 7
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : UnInstallKey Application
FileDescription : UnInstallKey MFC Application
InternalName : UnInstallKey
LegalCopyright : Copyright © 2003
OriginalFilename : UnInstallKey.EXE


DealHelper Object Recognized:
Type : File
Data : Pqvghn.exe
TAC Index : 7
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Redirect Application
FileDescription : Redirect MFC Application
InternalName : Redirect
LegalCopyright : Copyright © 2003
OriginalFilename : Redirect.EXE


Disk scan result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 221


Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk scan result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 221


Deep scanning and examining files (E:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk scan result for E:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 221


Scanning Hosts file...
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New Critical Objects:0
Objects found so far: 221




Performing conditional scans..
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\ameopt

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\kapabout

DyFuCA Object Recognized:
Type : RegValue
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\kapabout
Value : DComment

DyFuCA Object Recognized:
Type : RegKey
Data :
TAC Index : 3
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\policies\ameopt

istbar Object Recognized:
Type : RegKey
Data :
TAC Index : 7
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\downloadmanager

VX2 Object Recognized:
Type : RegValue
Data :
TAC Index : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\toolbar\webbrowser
Value : {0E5CBF21-D15F-11D0-8301-00AA005B4383}

Powerscan Object Recognized:
Type : RegKey
Data :
TAC Index : 5
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\powerscan

Powerscan Object Recognized:
Type : RegKey
Data :
TAC Index : 5
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\powerscan

YourSiteBar Object Recognized:
Type : RegKey
Data :
TAC Index : 6
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\ist

YourSiteBar Object Recognized:
Type : RegValue
Data :
TAC Index : 6
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\ist
Value : account_id

YourSiteBar Object Recognized:
Type : RegValue
Data :
TAC Index : 6
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\ist
Value : config

YourSiteBar Object Recognized:
Type : RegValue
Data :
TAC Index : 6
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\ist
Value : Recover

YourSiteBar Object Recognized:
Type : RegValue
Data :
TAC Index : 6
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\toolbar
Value : Locked

DealHelper Object Recognized:
Type : RegValue
Data :
TAC Index : 7
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\toolbar\webbrowser
Value : {01E04581-4EEE-11D0-BFE9-00AA005B4383}

DealHelper Object Recognized:
Type : Folder
TAC Index : 7
Category : Malware
Comment : DealHelper
Object : C:\WINDOWS\System32\DealHelper

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 15
Objects found so far: 236

12:34:11 PM Scan Complete

Summary of this scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:01:17:48.500
Objects scanned:387387
Objects identified:236
Objects ignored:0
New Critical Objects:236
  • 0

#3
Kat
Posted 05 July 2005 - 10:38 PM

Kat

    Retired

  • Retired Staff
  • 19,711 posts
  • MVP
Please follow the instructions located in Step Five: Posting a Hijack This Log. Post your HJT log as a reply to this thread, which has been relocated to the Malware Removal Forum for providing you with further assistance.

Kindly note that it is very busy in the Malware Removal Forum, so there may be a delay in receiving a reply. Please also note that HJT logfiles are reviewed on a first come/first served basis.
  • 0

#4
Kirjava
Posted 06 July 2005 - 05:43 AM

Kirjava

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Logfile of HijackThis v1.99.1
Scan saved at 7:40:50 AM, on 7/6/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\vkalmz.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Katherine\Desktop\Katherine's Folder\Hijack This\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapp...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapp...//www.yahoo.com
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: PopKill Class - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Zero Knowledge\Freedom\pkR.dll
O2 - BHO: ZKBho Class - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Zero Knowledge\Freedom\FreeBHOR.dll
O2 - BHO: (no name) - {5EE3CAFD-1285-2A42-64DC-231C7923A946} - C:\DOCUME~1\ISMAEL~1\APPLIC~1\REFPOP~1\FORD DEFY.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Freedom] C:\Program Files\Zero Knowledge\Freedom\Freedom.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KavSvc] C:\WINDOWS\System32\vkalmz.exe reg_run
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [Microsoft DirectX] PDSched.exe
O4 - HKCU\..\Run: [ATI VIDEO REGKEY] ati2vid.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: PowerReg Scheduler.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O15 - Trusted Zone: http://awbeta.net-nucleus.com (HKLM)
O16 - DPF: RaptisoftGameLoader - http://www.miniclip....tgameloader.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup.../bridge-c10.cab
O16 - DPF: {24311111-1111-1121-1111-111191113457} - file://c:\eied_s7.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip....pGameLoader.dll
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...er.cab30149.cab
O16 - DPF: {33331111-1111-1111-1111-611111193457} - file://c:\ex.cab
O16 - DPF: {33331111-1111-1111-1111-611111193458} - file://c:\ex.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://static.35mb.c...et/applet_y.cab
O16 - DPF: {43331111-1111-1111-1111-611111195622} - file://c:\ex.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.r...ip/RdxIE601.cab
O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifes...ll/pinstall.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - http://www.nick.com/.../GrooveAX27.cab
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab30149.cab
O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} (Seekford Solutions, Inc.'s ssiPictureUploader Control) - http://img.funtigo.c...ureUploader.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab30149.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.c...utocomplete.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zon...oF.cab31267.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://utu.popcap.co...aploader_v6.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalci...illama/ampx.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F02E2B4-C593-427D-B0EE-5E4A86400DD5}: NameServer = 206.47.244.139 198.235.216.114
O20 - AppInit_DLLs: MsgPlusLoader.dll
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34545} - C:\WINDOWS\System32\vbsys2.dll
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: MD Simple Burner Service (NetMDSB) - Sony Corporation - C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
  • 0

#5
ukbiker
Posted 12 July 2005 - 01:53 PM

ukbiker

    Rest in Peace, ukbiker

  • Retired Staff
  • 2,014 posts
Hi Kirjava and welcome to GeeksToGo ;)

I am UKBiker and I will be helping you with this log. :tazz:

We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP. Without this update, you're wide open to re-infection, and we're both just wasting our time.
Click HERE.
Apply the update, reboot, and post a fresh Hijack This log.

UKBiker
  • 0

#6
Kirjava
Posted 13 July 2005 - 11:47 AM

Kirjava

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
UKBiker,

Thanks for the response. I've tried applying this update to my computer, but unfortunately I keep getting ActiveX warnings that prevent from downloading. I've checked my security settings, but they all allow ActiveX to run. The troubleshooting section hasn't helped much. Did I forget something? :tazz:
  • 0

#7
ukbiker
Posted 13 July 2005 - 02:45 PM

ukbiker

    Rest in Peace, ukbiker

  • Retired Staff
  • 2,014 posts
Hi There Kirjava

SP1A is also available from this source at download.com.

Here is the link:
http://www.download....ml?tag=lst-0-19


Let me know how you get on :tazz:

UKBiker
  • 0

#8
Kirjava
Posted 14 July 2005 - 07:07 AM

Kirjava

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts
Hello again,

It says that I should backup my system before continuing. Is that absolutely necessary or can I proceed with the update without having to do it? Heh, I'm sorry for all the silly questions, but I'm deathly afraid of screwing anything up. :tazz:
  • 0

#9
ukbiker
Posted 14 July 2005 - 09:29 AM

ukbiker

    Rest in Peace, ukbiker

  • Retired Staff
  • 2,014 posts
Hi kirjava

there is no such thing as a silly question :tazz: , it is good policy to ALWAYS back up your system regularly, preserving documents and files that you do not want to risk losing. In addition, always create a restore point prior to making system changes, that way, if it goes wrong you can revert to the existing configuration.

UKBiker
  • 0

#10
ukbiker
Posted 31 July 2005 - 02:17 PM

ukbiker

    Rest in Peace, ukbiker

  • Retired Staff
  • 2,014 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP