there is the Ad-aware log:
Ad-Aware SE Build 1.05
Logfile Created on:domingo, 9 de janeiro de 2005 12:38:01
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R24 29.12.2004
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
180Solutions(TAC index:8):2 total references
Alexa(TAC index:5):9 total references
begin2search(TAC index:3):126 total references
BlazeFind(TAC index:5):1 total references
BookedSpace(TAC index:10):1 total references
MRU List(TAC index:0):33 total references
Tracking Cookie(TAC index:3):12 total references
WindUpdates(TAC index:8):4 total references
VX2(TAC index:10):3 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
09-01-05 12:38:01 - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : .DEFAULT\software\nico mak computing\winzip\filemenu
Description : winzip recently used archives
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\9.0\excel\recent files
Description : list of recent files used by microsoft excel
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\9.0\powerpoint\recent file list
Description : list of recent files used by microsoft powerpoint
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : .DEFAULT\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : .DEFAULT\software\ahead\nero - burning rom\recent file list
Description : list of recently used files in nero burning rom
MRU List Object Recognized!
Location: : .DEFAULT\software\google\navclient\1.1\history
Description : list of recently used search terms in the google toolbar
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : .DEFAULT\software\adobe\acrobat reader\5.0\avgeneral\crecentfiles
Description : list of recently used files in adobe reader
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : .DEFAULT\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer
MRU List Object Recognized!
Location: : .DEFAULT\software\macromedia\dreamweaver 6\recent file list
Description : list of recently used files in macromedia dreamweaver
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : .DEFAULT\software\ahead\cover designer\recent file list
Description : list of recently used files in ahead cover designer
MRU List Object Recognized!
Location: : .DEFAULT\software\realnetworks\realplayer\6.0\preferences
Description : last login time in realplayer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\player\recenturllist
Description : list of recently used web addresses in microsoft windows media player
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\9.0\powerpoint\recent typeface list
Description : list of recently used typefaces in microsoft powerpoint
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last search path used in microsoft windows media player
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\doc find spec mru
Description : list of recently used search terms for locating files using the microsoft windows operating system
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : .DEFAULT\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [KERNEL32.DLL]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293859169
Threads : 4
Priority : High
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Sistema operacional Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Componente de núcleo do Win32 Kernel
InternalName : KERNEL32
LegalCopyright : Copyright © Microsoft Corp. 1991-1999
OriginalFilename : KERNEL32.DLL
#:2 [MSGSRV32.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294919161
Threads : 1
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Sistema operacional Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Servidor de mensagens do dispositivo virtual de 32 bits do Windows
InternalName : MSGSRV32
LegalCopyright : Copyright © Microsoft Corp. 1992-1998
OriginalFilename : MSGSRV32.EXE
#:3 [SPOOL32.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294921185
Threads : 2
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler Sub System Process
InternalName : spool32
LegalCopyright : Copyright © Microsoft Corp. 1994 - 1998
OriginalFilename : spool32.exe
#:4 [MPREXE.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294927377
Threads : 2
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
LegalCopyright : Copyright © Microsoft Corp. 1993-1998
OriginalFilename : MPREXE.EXE
#:5 [AVGSERV9.EXE]
FilePath : C:\ARQUIVOS DE PROGRAMAS\GRISOFT\AVG6\
ProcessID : 4293977545
Threads : 2
Priority : Normal
FileVersion : 6.0.1.374
ProductVersion : 6.0.1.374
ProductName : AVG6
CompanyName : GRISOFT, s.r.o
FileDescription : AvgServ - displays notification message
InternalName : AvgServ
LegalCopyright : Copyright © GRISOFT, s.r.o. 1998-2002
OriginalFilename : AvgServ
#:6 [MSTASK.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293926633
Threads : 2
Priority : Normal
FileVersion : 4.71.1972.1
ProductVersion : 4.71.1972.1
ProductName : Agendador de tarefas do Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Mecanismo do 'Agendador de tarefas'
InternalName : TaskScheduler
LegalCopyright : Copyright © Microsoft Corp. 2000
OriginalFilename : mstask.exe
#:7 [mmtask.tsk]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293960441
Threads : 1
Priority : Normal
FileVersion : 4.03.1998
ProductVersion : 4.03.1998
ProductName : Microsoft Windows
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
LegalCopyright : Copyright © Microsoft Corp. 1991-1998
OriginalFilename : mmtask.tsk
#:8 [EXPLORER.EXE]
FilePath : C:\WINDOWS\
ProcessID : 4293980957
Threads : 11
Priority : Normal
FileVersion : 4.72.3110.1
ProductVersion : 4.72.3110.1
ProductName : Sistema operacional Microsoft® Windows NT®
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-1997
OriginalFilename : EXPLORER.EXE
#:9 [TASKMON.EXE]
FilePath : C:\WINDOWS\
ProcessID : 4293949249
Threads : 1
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Task Monitor
InternalName : TaskMon
LegalCopyright : Copyright © Microsoft Corp. 1998
OriginalFilename : TASKMON.EXE
#:10 [SYSTRAY.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293949789
Threads : 2
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Sistema operacional Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Miniaplicativo de bandeja do sistema
InternalName : SYSTRAY
LegalCopyright : Copyright © Microsoft Corp. 1993-1998
OriginalFilename : SYSTRAY.EXE
#:11 [ptsnoop.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294034457
Threads : 1
Priority : Normal
#:12 [VTTIMER.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4293949521
Threads : 1
Priority : Normal
FileVersion : 1.03.00.0820
ProductVersion : 1.03.00.0820
ProductName : S3 Graphics, Inc. Utilities
CompanyName : S3 Graphics, Inc.
InternalName : S3Timer
LegalCopyright : Copyright © 2001-2003 S3 Graphics, Inc.
LegalTrademarks : S3 is a registered trademark of S3 Incorporated
#:13 [AVGCC32.EXE]
FilePath : C:\ARQUIVOS DE PROGRAMAS\GRISOFT\AVG6\
ProcessID : 4294041145
Threads : 1
Priority : Normal
FileVersion : 6, 0, 0, 800
ProductVersion : 6, 0, 0, 0
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC32
LegalCopyright : Copyright © 2003, 2004 GRISOFT s.r.o.
OriginalFilename : AvgCC32.EXE
#:14 [REALSCHED.EXE]
FilePath : C:\ARQUIVOS DE PROGRAMAS\ARQUIVOS COMUNS\REAL\UPDATE_OB\
ProcessID : 4294046385
Threads : 2
Priority : Normal
FileVersion : 0.1.0.1622
ProductVersion : 0.1.0.1622
ProductName : RealOne Player (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2002
LegalTrademarks : RealAudio is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:15 [E_S10IC2.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294149889
Threads : 1
Priority : Normal
FileVersion : 3.00
ProductVersion : 3.00
ProductName : EPSON Status Monitor 3
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Status Monitor 3
InternalName : E_S10IC2
LegalCopyright : Copyright © SEIKO EPSON CORP. 2001
OriginalFilename : E_S10IC2.EXE
#:16 [WMIEXE.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294009905
Threads : 3
Priority : Normal
FileVersion : 5.00.1755.1
ProductVersion : 5.00.1755.1
ProductName : Microsoft® Windows NT® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI service exe housing
InternalName : wmiexe
LegalCopyright : Copyright © Microsoft Corp. 1981-1998
OriginalFilename : wmiexe.exe
#:17 [AD-AWARE.EXE]
FilePath : C:\ARQUIVOS DE PROGRAMAS\LAVASOFT\AD-AWARE SE PERSONAL\
ProcessID : 4294036349
Threads : 2
Priority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 33
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuText
Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuStatusBar
Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Script
Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : clsid
Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Icon
Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : HotIcon
Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : ButtonText
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.ohb.1
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.ohb.1
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.ohb
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.ohb
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.momo.1
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.momo.1
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.momo
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.momo
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.iiittt.1
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.iiittt.1
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.iiittt
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.iiittt
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.dbi.1
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.dbi.1
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.amo.1
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.amo.1
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.amo
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.amo
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{081de2f6-927b-4aa9-88c1-f531c9387383}
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{7c5e5671-7a1d-4ae8-91f0-496adf2825f7}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{7c5e5671-7a1d-4ae8-91f0-496adf2825f7}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{4d568f0f-8ac9-40ab-88b7-415134c78777}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{4d568f0f-8ac9-40ab-88b7-415134c78777}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{09c14745-90fd-42d1-9276-4924d7dbc274}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{09c14745-90fd-42d1-9276-4924d7dbc274}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07e9cdf4-20d2-46b1-b681-663968f527ce}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07e9cdf4-20d2-46b1-b681-663968f527ce}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a797a41d-f9f0-4a32-b9b5-af927cb5ae54}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a797a41d-f9f0-4a32-b9b5-af927cb5ae54}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{17973bd7-959c-4d8a-8b2f-ab200e20a75e}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{17973bd7-959c-4d8a-8b2f-ab200e20a75e}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{bf7cb2c3-55b6-44c1-9615-920d004c27f7}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{bf7cb2c3-55b6-44c1-9615-920d004c27f7}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{f912c325-5b26-4ad6-bf39-84370833e972}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{f912c325-5b26-4ad6-bf39-84370833e972}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.dbi
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : winb2s.dbi
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{b12508ad-ca55-4238-8db3-55808ba6915a}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{b12508ad-ca55-4238-8db3-55808ba6915a}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{6fe4aadf-edac-4037-9164-0b60179a4f12}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{6fe4aadf-edac-4037-9164-0b60179a4f12}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{64440e59-a0dd-421c-aa4b-268141d764bb}
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dsktrf.iiittt.1
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dsktrf.iiittt.1
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dsktrf.iiittt
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dsktrf.iiittt
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{6024fcd5-91fc-4dc7-8481-63eabd5051d8}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{6024fcd5-91fc-4dc7-8481-63eabd5051d8}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dsktrf.ohb.1
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dsktrf.ohb.1
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dsktrf.ohb
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dsktrf.ohb
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{cb5b2bc6-f957-4d8a-be67-83f3ec58ba01}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{cb5b2bc6-f957-4d8a-be67-83f3ec58ba01}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dsktrf.momo.1
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dsktrf.momo.1
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dsktrf.momo
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dsktrf.momo
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{e4776f3a-6936-4a9c-b2da-e57c239fd2f8}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{e4776f3a-6936-4a9c-b2da-e57c239fd2f8}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dsktrf.amo.1
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dsktrf.amo.1
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dsktrf.amo
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dsktrf.amo
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{ff81672f-13ff-401f-8662-6e895c564cc4}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{ff81672f-13ff-401f-8662-6e895c564cc4}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{de53fa5d-11cc-4cb5-8d8e-eb5aa59c1e5a}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{de53fa5d-11cc-4cb5-8d8e-eb5aa59c1e5a}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{42f58f60-9299-4564-9abd-8e9324844560}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{42f58f60-9299-4564-9abd-8e9324844560}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{696d1af8-d0ff-42fd-bd8d-d0b20d64f508}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{696d1af8-d0ff-42fd-bd8d-d0b20d64f508}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{e38924f7-f290-4c13-beec-e8c587f58128}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{e38924f7-f290-4c13-beec-e8c587f58128}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{fa82a7ec-2afc-4ee0-8f83-3229f7c6437e}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{fa82a7ec-2afc-4ee0-8f83-3229f7c6437e}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{8fc08358-3634-44c7-a8f2-96dc7f39acd2}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{8fc08358-3634-44c7-a8f2-96dc7f39acd2}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{4d568f0f-8ac9-40ab-88b7-415134c78777}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{4d568f0f-8ac9-40ab-88b7-415134c78777}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{cb5b2bc6-f957-4d8a-be67-83f3ec58ba01}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{cb5b2bc6-f957-4d8a-be67-83f3ec58ba01}
Value :
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\_dsktptr
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\_dsktptr
Value : llupdtim
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\_dsktptr
Value : mmsgtim
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\_dsktptr
Value : ccat
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\_dsktptr
Value : llmsgid
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\_dsktptr
Value : uiuid
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\_dsktptr
Value : ffafid
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\_dsktptr
Value : iinst
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\_dsktptr
Value : 4404
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\_dsktptr
Value : ppusid
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\_dsktptr
Value : llicotim
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .DEFAULT\software\_dsktptr
Value : llico
BlazeFind Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\clsid\{15ad4789-cdb4-47e1-a9da-992ee8e6bad6}
WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\code store database\distribution units\{15ad4789-cdb4-47e1-a9da-992ee8e6bad6}
WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\code store database\distribution units\{15ad4789-cdb4-47e1-a9da-992ee8e6bad6}
Value : SystemComponent
WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\code store database\distribution units\{15ad4789-cdb4-47e1-a9da-992ee8e6bad6}
Value : Installer
Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{52FE5233-367C-4EFB-BDD7-0BE4D212C107}"
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\toolbar
Value : {52FE5233-367C-4EFB-BDD7-0BE4D212C107}
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 108
Objects found so far: 141
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
begin2search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : C:\WINDOWS\SYSTEM\WINB2S32.DLL
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{52FE5233-367C-4EFB-BDD7-0BE4D212C1078}
begin2search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : C:\WINDOWS\SYSTEM\WINB2S32.DLL
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{52FE5233-367C-4EFB-BDD7-0BE4D212C1078}
Value :
begin2search Object Recognized!
Type : File
Data : winb2s32.dll
Category : Data Miner
Comment :
Object : c:\windows\system\
FileVersion : 2, 6, 0, 0
ProductVersion : 2, 6, 0, 0
ProductName : Winb2s32 Module
FileDescription : Winb2s32 Module
InternalName : Winb2s32
LegalCopyright : Copyright 2002
OriginalFilename : Winb2s32.DLL
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 144
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : .@gator[1].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:
[email protected]/
Expires : 10-03-05 09:54:26
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : .@euniverseads[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:
[email protected]/
Expires : 31-12-10 21:59:58
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : .@revenue[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:
[email protected]/
Expires : 10-06-22 03:05:40
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : .@ad-logics[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:
[email protected]/
Expires : 06-01-15 23:20:50
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : .@domainsponsor[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:
[email protected]/
Expires : 10-01-05 09:54:26
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : .@bravenet[2].txt
Category : Data Miner
Comment : Hits:14
Value : Cookie:
[email protected]/
Expires : 01-01-15 21:34:36
LastSync : Hits:14
UseCount : 0
Hits : 14
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : .@tribalfusion[1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:
[email protected]/
Expires : 31-12-37 22:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:
[email protected]/
Expires : 10-01-05 09:54:18
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][2].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:
[email protected]/
Expires : 27-01-73 03:20:30
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\
[email protected][1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : .@doubleclick[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\.@doubleclick[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : .@2o7[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\.@2o7[2].txt
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 12
Objects found so far: 156
Deep scanning and examining files (c:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
180Solutions Object Recognized!
Type : File
Data : NCasePackage.exe
Category : Data Miner
Comment :
Object : c:\RECYCLED\DC0\
180Solutions Object Recognized!
Type : File
Data : salm.exe
Category : Data Miner
Comment :
Object : c:\RECYCLED\DC0\
FileVersion : 5, 12, 0, 13
ProductVersion : 5, 12, 0, 13
ProductName : Search Assistant
CompanyName : 180solutions, Inc.
FileDescription : Search Assistant
LegalCopyright : Copyright © 2004, 180solutions Inc.
BookedSpace Object Recognized!
Type : File
Data : reg6523.exe
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : abetterinternet.exe
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
FileVersion : 1, 0, 0, 12
ProductVersion : 1, 0, 0, 12
ProductName : Install Utility
CompanyName : BetterInternet, Inc.
FileDescription : www.abetterinternet.com - Utility for downloading files and upgrading software.
InternalName : Install Utility
LegalCopyright : BetterInternet, Inc. © 2004
OriginalFilename : InstUtil.exe
Comments : Utility for downloading files and upgrading software. Visit www.abetterinternet.com for more info.
VX2 Object Recognized!
Type : File
Data : thin-94-1-x-x.exe
Category : Malware
Comment :