Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PS Guard Virus [RESOLVED]

Started by cosmo0026 , Aug 19 2005 10:45 AM

  • This topic is locked This topic is locked

#16
Daemon
Posted 22 August 2005 - 03:04 PM

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
OK, this is the file you sent to me:

File: WININET.DLL

Status: OK

MD5 21733e7b4983a2251797b043685f3978
Packers detected: -

Scanner results
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
UNA Found nothing
VBA32 Found nothing

I've sent it back. Save it to your desktop, replacing the file that is currently there.

Then do this. Click start>run and type command.

Type:

del c:\windows\system\wininet.dll

del c:\windows\system\oleadm.dll

copy c:\windows\desktop\wininet.dll c:\windows\system

Let me know if you can access IE now.
  • 0

Advertisements

#17
cosmo0026
Posted 23 August 2005 - 08:40 AM

cosmo0026

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
I was able to save the attachment onto my desktop successfully.

However when attempting to enter:

del c:\windows\system\wininet.dll

I am prompted with: ACCESS DENIED

The same happens when entering in:

del c:\windows\system\oleadm.dll

Finally when trying to enter

copy c:\windows\desktop\wininet.dll c:\windows\system

I am prompted with a sharing violation and it states that no files are copied.

Please advise.

Thanks,


Nate
  • 0

#18
Daemon
Posted 23 August 2005 - 09:48 AM

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
Can you see either of these files on your system:

c:\windows\system\oleadm.dll
c:\windows\system\oleext.dll

Using Windows Explorer, try to copy the clean file from your desktop to c:\windows\system

Run the smitrem application again and post the log it generates.
  • 0

#19
cosmo0026
Posted 23 August 2005 - 10:25 AM

cosmo0026

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Negative, I was unable to locate the two files anywhere on my comp.

I went ahead and ran the Smitrem scan again however unable to copy results.

Please advise,


Nate
  • 0

#20
Daemon
Posted 23 August 2005 - 10:33 AM

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
I need to see the results - did you copy the file over?
  • 0

#21
cosmo0026
Posted 23 August 2005 - 10:43 AM

cosmo0026

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Unable to give results. The program terminates before i have a chance to copy them.
  • 0

#22
cosmo0026
Posted 23 August 2005 - 01:01 PM

cosmo0026

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
I was just now able to get AdAware up and running, here is the report:



Ad-Aware SE Build 1.06r1
Logfile Created on:Tuesday, August 23, 2005 11:26:39 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R62 17.08.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Alexa(TAC index:5):8 total references
MRU List(TAC index:0):24 total references
Tracking Cookie(TAC index:3):127 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


08-23-2005 11:26:39 AM - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [KERNEL32.DLL]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293902965
Threads : 4
Priority : High
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
LegalCopyright : Copyright © Microsoft Corp. 1991-1999
OriginalFilename : KERNEL32.DLL

#:2 [MSGSRV32.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294940369
Threads : 1
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
LegalCopyright : Copyright © Microsoft Corp. 1992-1998
OriginalFilename : MSGSRV32.EXE

#:3 [MPREXE.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294934849
Threads : 1
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
LegalCopyright : Copyright © Microsoft Corp. 1993-1998
OriginalFilename : MPREXE.EXE

#:4 [mmtask.tsk]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294947949
Threads : 1
Priority : Normal
FileVersion : 4.03.1998
ProductVersion : 4.03.1998
ProductName : Microsoft Windows
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
LegalCopyright : Copyright © Microsoft Corp. 1991-1998
OriginalFilename : mmtask.tsk

#:5 [VSHWIN32.EXE]
FilePath : C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\
ProcessID : 4294859333
Threads : 6
Priority : Normal
FileVersion : 4.0.3
ProductVersion : 4.0.3
ProductName : VShield
CompanyName : Network Associates Inc.
FileDescription : VShield
InternalName : VShield
LegalCopyright : Copyright © 1999 Network Associates Inc.
LegalTrademarks : VirusScan® is a registered trademark of Network Associates Inc. McAfee™ is a trademark of Network Associates Inc.
OriginalFilename : VSHWIN95.EXE

#:6 [ENCMONTR.EXE]
FilePath : C:\PROGRAM FILES\EASY INTERNET\
ProcessID : 4294851005
Threads : 1
Priority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : EncMontr Application
CompanyName : Yahoo! Inc.
FileDescription : EncMontr Application
InternalName : EncMontr
LegalCopyright : Copyright © 1997-1999 Yahoo! Inc. All rights reserved worldwide.
OriginalFilename : EncMontr.EXE

#:7 [MSTASK.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294897977
Threads : 2
Priority : Normal
FileVersion : 4.71.1959.1
ProductVersion : 4.71.1959.1
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright © Microsoft Corp. 1997
OriginalFilename : mstask.exe

#:8 [NPROTECT.EXE]
FilePath : C:\PROGRAM FILES\NORTON UTILITIES\
ProcessID : 4294859553
Threads : 3
Priority : Normal
FileVersion : 12.00.0.40
ProductVersion : 12.00.0.40
ProductName : Norton Utilities
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
LegalCopyright : Copyright © 1992-1999 Symantec Corporation
LegalTrademarks : Norton Utilities
OriginalFilename : NPROTECT.EXE

#:9 [VSSTAT.EXE]
FilePath : C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\
ProcessID : 4294871233
Threads : 1
Priority : Normal
FileVersion : 4.0.3
ProductVersion : 4.0.3
ProductName : McAfee VirusScan
CompanyName : Network Associates Inc
FileDescription : VShield Statistics
InternalName : VsStat.exe
LegalCopyright : Copyright © 1999 Network Associates Inc.
LegalTrademarks : VirusScan® is a registered trademark of Network Associates Inc. McAfee™ is a trademark of Network Associates Inc.
OriginalFilename : VSStat.exe

#:10 [EXPLORER.EXE]
FilePath : C:\WINDOWS\
ProcessID : 4294770849
Threads : 16
Priority : Normal
FileVersion : 4.72.3110.1
ProductVersion : 4.72.3110.1
ProductName : Microsoft® Windows NT® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-1997
OriginalFilename : EXPLORER.EXE

#:11 [TASKMON.EXE]
FilePath : C:\WINDOWS\
ProcessID : 4294727805
Threads : 1
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Task Monitor
InternalName : TaskMon
LegalCopyright : Copyright © Microsoft Corp. 1998
OriginalFilename : TASKMON.EXE

#:12 [SYSTRAY.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294728065
Threads : 2
Priority : Normal
FileVersion : 4.10.2224
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : System Tray Applet
InternalName : SYSTRAY
LegalCopyright : Copyright © Microsoft Corp. 1993-1999
OriginalFilename : SYSTRAY.EXE

#:13 [SYNTPLPR.EXE]
FilePath : C:\PROGRAM FILES\SYNAPTICS\SYNTP\
ProcessID : 4294707113
Threads : 2
Priority : Normal
FileVersion : 5.0.45 10SEP99
ProductVersion : 5.0.45 10SEP99
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright © Synaptics, Inc. 1996-99
OriginalFilename : SynTPLpr.exe

#:14 [SYNTPENH.EXE]
FilePath : C:\PROGRAM FILES\SYNAPTICS\SYNTP\
ProcessID : 4294735073
Threads : 3
Priority : Normal
FileVersion : 5.0.45 10SEP99
ProductVersion : 5.0.45 10SEP99
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright © Synaptics, Inc. 1996-99
OriginalFilename : SynTPEnh.exe

#:15 [AVCONSOL.EXE]
FilePath : C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\
ProcessID : 4294715497
Threads : 1
Priority : Normal
FileVersion : 4.0.3
ProductVersion : 4.0.3
ProductName : VirusScan
CompanyName : Network Associates Inc
FileDescription : McAfee VirusScan Scheduler File
InternalName : VirusScan Scheduler
LegalCopyright : Copyright © 1999 Network Associates Inc.
LegalTrademarks : VirusScan® is a registered trademark of Network Associates Inc. McAfee™ is a trademark of Network Associates Inc.
OriginalFilename : Schedule.exe

#:16 [PRPCUI.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294745553
Threads : 1
Priority : Normal
FileVersion : 1.1.0.0
ProductVersion : 1.1.0.0
ProductName : Intel® SpeedStep™ technology applet
CompanyName : Intel Corporation
FileDescription : Intel® SpeedStep™ technology User Interface
InternalName : prpcui.exe
LegalCopyright : Copyright© Intel Corporation 1998-2000
LegalTrademarks : Intel® SpeedStep™ technology
OriginalFilename : prpcui.exe
Comments : Version 1.1

#:17 [IRMON.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294751749
Threads : 1
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft Infrared Support
CompanyName : Microsoft Corporation
FileDescription : Microsoft Infrared Control Panel
InternalName : Infrared
LegalCopyright : © 1998 Microsoft. Portions © Hewlett-Packard
OriginalFilename : irmon.exe

#:18 [NAVAPW32.EXE]
FilePath : C:\PROGRAM FILES\NORTON ANTIVIRUS\
ProcessID : 4294768145
Threads : 6
Priority : Normal
FileVersion : 6.1.0.05
ProductVersion : 6.1.0.05
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Agent
InternalName : NAVAPW32
LegalCopyright : Copyright © Symantec Corporation 1991-1999
OriginalFilename : NAVAPW32.DLL

#:19 [POPROXY.EXE]
FilePath : C:\PROGRAM FILES\NORTON ANTIVIRUS\
ProcessID : 4294661421
Threads : 1
Priority : Normal
FileVersion : 6.10.01.06
ProductVersion : 6.10.01.06
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Utilities
InternalName : POProxy
LegalCopyright : Copyright © Symantec Corporation 1991-2000
OriginalFilename : POProxy.exe

#:20 [CGMENU.EXE]
FilePath : C:\PROGRAM FILES\NORTON CRASHGUARD\
ProcessID : 4294689917
Threads : 1
Priority : Normal
FileVersion : 990204.152617
ProductVersion : 4.0.1.47
ProductName : Norton CrashGuard
CompanyName : Symantec Corporation
FileDescription : Norton CrashGuard Tray Icon Manager
InternalName : CGMENU
LegalCopyright : Copyright © 1995-1999 Symantec Corporation
LegalTrademarks : "CrashGuard" is a legal trademark of Symantec Corp.
OriginalFilename : CGMENU.EXE

#:21 [BMON.EXE]
FilePath : C:\PROGRAM FILES\SONY\GIGAVAULT\
ProcessID : 4294704925
Threads : 1
Priority : Normal
FileVersion : 1, 0, 0, 0
ProductVersion : 1, 0, 0, 0
ProductName : BMon Application
CompanyName : Sony Corporation
FileDescription : BMon MFC Application
InternalName : BMon
LegalCopyright : Copyright © 2003
OriginalFilename : BMon.EXE
Comments : Battery Monitor for GIGA VAULT

#:22 [PHMALDR.EXE]
FilePath : C:\WINDOWS\
ProcessID : 4294700589
Threads : 1
Priority : Normal
FileVersion : 6.00.1010.0
ProductVersion : 6.00.1010.0
ProductName : TPP Storage Adapter
CompanyName : Cypress Semiconductor
FileDescription : TPP Auto Loader Application
InternalName : TPPALDR.EXE
LegalCopyright : Copyright © 1998-2002 Cypress Semiconductor
OriginalFilename : TPPALDR.EXE

#:23 [MYLINKER.EXE]
FilePath : C:\PROGRAM FILES\MYLINKER\
ProcessID : 4294687309
Threads : 6
Priority : Normal
FileVersion : 1, 0, 0, 46
ProductVersion : 1, 0, 0, 46
ProductName : myLinker
CompanyName : SHOTECH Corp.
FileDescription : myLinker Service Agent
InternalName : myLinker
LegalCopyright : Copyright © 2003 SHOTECH Corp.
OriginalFilename : myLinker.exe

#:24 [SWDOCTOR.EXE]
FilePath : C:\DOWNLOADS\SPYWARE DOCTOR\
ProcessID : 4294585045
Threads : 6
Priority : Normal
FileVersion : 3.2.1.359
ProductVersion : 3.1
ProductName : Spyware Doctor
CompanyName : PCTools
FileDescription : Spyware Doctor
InternalName : Spyware Doctor
LegalCopyright : Copyright © 2004. Distributed by PC Tools Pty Ltd
OriginalFilename : swdr.exe

#:25 [WKCALREM.EXE]
FilePath : C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\
ProcessID : 4294635685
Threads : 2
Priority : Normal
FileVersion : 5.00.1928.1
ProductVersion : 5.00.1928.1
ProductName : Microsoft® Works 2000
CompanyName : Microsoft® Corporation
FileDescription : Microsoft® Works Calendar Reminder Service
InternalName : WkCalRem
LegalCopyright : © 1999 Microsoft Corp. All rights reserved.
OriginalFilename : WKCALREM.EXE

#:26 [CG16EH.EXE]
FilePath : C:\PROGRAM FILES\NORTON CRASHGUARD\
ProcessID : 4294638765
Threads : 1
Priority : Normal
FileVersion : 990204.152617
ProductVersion : 4.0.1.47
ProductName : Norton CrashGuard
CompanyName : Symantec Corporation
FileDescription : Norton CrashGuard 16-bit Exception Handler
InternalName : CG16EH
LegalCopyright : Copyright © 1995-1999 Symantec Corporation
OriginalFilename : CG16EH.EXE

#:27 [HOTSYNC.EXE]
FilePath : C:\PALM\
ProcessID : 4294555225
Threads : 2
Priority : Normal
FileVersion : 3.1.1
ProductVersion : 3.1.1
ProductName : HotSync® Manager
CompanyName : Palm, Inc.
FileDescription : HotSync® Manager Application
InternalName : HotSync®
LegalCopyright : Copyright © 1995-2000 Palm, Inc.
LegalTrademarks : HotSync® is a registered trademark of Palm, Inc.
OriginalFilename : Hotsync.exe

#:28 [SMC2635WMONITOR.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294474665
Threads : 2
Priority : Normal
FileVersion : 1, 0, 11, 0
ProductVersion : 01.00.13.00
ProductName : Monitor Application
FileDescription : WLAN Monitor Utility
InternalName : WLAN Monitor Utility
LegalCopyright : Copyright © 2002
OriginalFilename : Monitor.EXE

#:29 [WMIEXE.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294443845
Threads : 3
Priority : Normal
FileVersion : 5.00.1755.1
ProductVersion : 5.00.1755.1
ProductName : Microsoft® Windows NT® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI service exe housing
InternalName : wmiexe
LegalCopyright : Copyright © Microsoft Corp. 1981-1998
OriginalFilename : wmiexe.exe

#:30 [DDHELP.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294355237
Threads : 2
Priority : Realtime
FileVersion : 4.07.00.0700
ProductVersion : 4.07.00.0700
ProductName : Microsoft® DirectX for Windows® 95 and 98
CompanyName : Microsoft Corporation
FileDescription : Microsoft DirectX Helper
InternalName : DDHelp.exe
LegalCopyright : Copyright © Microsoft Corp. 1994-1999
OriginalFilename : DDHelp.exe

#:31 [YMSGR_TRAY.EXE]
FilePath : C:\PROGRAM FILES\YAHOO!\MESSENGER\
ProcessID : 4294362713
Threads : 1
Priority : Normal


#:32 [FIREFOX.EXE]
FilePath : C:\PROGRAM FILES\MOZILLA FIREFOX\
ProcessID : 4294813489
Threads : 5
Priority : Normal


#:33 [AD-AWARE.EXE]
FilePath : C:\DOWNLOADS\AD-AWARE SE PERSONAL\
ProcessID : 4294236945
Threads : 3
Priority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Alexa Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuStatusBar

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Script

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : clsid

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Icon

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : HotIcon

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : ButtonText

Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 8
Objects found so far: 8


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 8


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : default@doubleclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\default@doubleclick[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : default@bfast[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\default@bfast[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : default@valueclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\default@valueclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : default@hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\default@hitbox[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : default@engage[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\default@engage[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : default@bfast[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\default@bfast[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : default@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\default@mediaplex[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@cgi-bin[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@cgi-bin[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@atdmt[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@tmpad[1].txt
TAC Rating : 3
Category : Data Miner
Comment : www.searchtraffic.com
Value : C:\WINDOWS\Cookies\anyuser@tmpad[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@centrport[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@centrport[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@mediaplex[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@cgi-bin[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@cgi-bin[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@mediaplex[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@atdmt[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@gator[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@gator[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@centrport[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@centrport[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@pro-market[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@pro-market[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@tickle[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@tickle[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@cgi-bin[3].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@cgi-bin[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@zedo[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@zedo[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@cgi-bin[4].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@cgi-bin[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@realmedia[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@realmedia[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@domainsponsor[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@domainsponsor[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@revenue[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@revenue[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@statcounter[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@statcounter[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@qksrv[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@qksrv[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@bfast[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@bfast[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@doubleclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@doubleclick[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@commission-junction[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@commission-junction[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@casalemedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@casalemedia[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@hitbox[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@serving-sys[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@serving-sys[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@tripod[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@tripod[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@cgi-bin[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@cgi-bin[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@peel[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@peel[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@zedo[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@zedo[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@qksrv[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@qksrv[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@goclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@goclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@maxserving[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@maxserving[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@commission-junction[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@commission-junction[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@fastclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@fastclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@bfast[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@bfast[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@tmpad[1].txt
TAC Rating : 3
Category : Data Miner
Comment : www.searchtraffic.com
Value : C:\WINDOWS\Cookies\vze1wmzt@tmpad[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@clickagents[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@clickagents[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@trafficmp[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@trafficmp[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@questionmarket[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@questionmarket[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@overture[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@overture[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@targetnet[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@targetnet[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@adrevolver[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@adrevolver[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@overture[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@overture[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@hitbox[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@maxserving[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@maxserving[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@2o7[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@tribalfusion[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@tribalfusion[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@bluestreak[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@bluestreak[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : vze1wmzt@bluestreak[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\vze1wmzt@bluestreak[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@paycounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@paycounter[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment : www.searchtraffic.com
Value : C:\WINDOWS\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@7search[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@7search[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@cgi-bin[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@cgi-bin[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@fastclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@fastclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@xxxcounter[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@xxxcounter[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@sextracker[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@sextracker[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@sexlist[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@sexlist[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@questionmarket[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@questionmarket[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@trafficmp[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@trafficmp[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@serving-sys[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@advertising[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@advertising[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@2o7[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@apmebf[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@apmebf[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@tripod[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@tripod[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@gator[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@gator[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@cgi-bin[5].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\anyuser@cgi-bin[5].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@bravenet[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\WI
  • 0

#23
cosmo0026
Posted 24 August 2005 - 07:56 AM

cosmo0026

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Any advise regarding how to proceed?
  • 0

#24
cosmo0026
Posted 24 August 2005 - 11:57 AM

cosmo0026

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
So I assume I'm on my own from here on out...

Thank you for the help,


Nate
  • 0

#25
Daemon
Posted 24 August 2005 - 11:15 PM

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
Not a good attitude - I'm not here 24/7 for you!

You need to get the clean file from your desktop into your system folder. I asked you to do this:

Using Windows Explorer, try to copy the clean file from your desktop to c:\windows\system


You didn't answer this:

did you copy the file over?


I need the smitrem results to see if that was done successfully. Alternatively upload the file in your system folder to Jottis and let me know. If you want advice then give me the information I ask for.

Get this to control your cookies in future:

http://www.analogx.c...work/cookie.htm
  • 0

Advertisements

#26
cosmo0026
Posted 26 August 2005 - 06:59 AM

cosmo0026

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
The sarcasm was unintentional, I appriciate all of the help you have provided, however I am having trouble with the last few steps that you have requested

How exactly do I get the carry the file from the desktop to the system folder using windows explorer. Can I just copy and paste?

Also, how do i copy the Smitrem results, the test seems to close as soon as it completes.

Thanks,


Nate
  • 0

#27
Daemon
Posted 27 August 2005 - 11:03 AM

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
Try this for me. Go to Start->Run and type in notepad and hit OK. Then copy and paste the following into Notepad:

del c:\windows\system\wininet.dll
del c:\windows\system\oleadm.dll
del c:\windows\system\oleext.dll
copy c:\windows\desktop\wininet.dll c:\windows\system
del delete.bat

Save the file as "delete.bat". Make sure to save it with the quotes. Double click on it.

Run Smitrem, the log should be saved as smitrem.txt - search for it. Make sure it has todays date then open it, scroll to the bottom and check if it still says 'wininiet.dll infected'. If it does, do this:

Rename wininet.dll to wininet.old in your system folder.
Copy and paste wininet.dll from your desktop to system folder --> you may get an error - file already exists.
Reboot.
Run Smitrem, check that the log has been updated and post it here.
  • 0

#28
cosmo0026
Posted 29 August 2005 - 09:58 AM

cosmo0026

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Close but no cigar.

All went well until I tried to change the file name of wininet.dll to wininet.old.

It continues to say that the file is currentyly in use. Please be advised that I have tried restarting the comp. Is there any other way to make the file inactive?

I have been able to find the Smitrem logs. For your knowledge it has been saving itself under the file smitfiles.txt. However still no change to the report due to my inability to change the wininet file name.

Thanks again,


Nate
  • 0

#29
cosmo0026
Posted 31 August 2005 - 08:58 AM

cosmo0026

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Any advise?

Thanks,


Nate
  • 0

#30
Daemon
Posted 31 August 2005 - 11:10 AM

Daemon

    Security Expert

  • Retired Staff
  • 4,356 posts
  • MVP
Nothing seems to work on your system. There's one more thing to try - upgrade your version of IE to the latest available:

http://www.microsoft...&displaylang=en

Let me know.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP