1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Trojan Horse Help Please

Discussion in 'Virus & Other Malware Removal' started by chachi45, Sep 9, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. chachi45

    chachi45 Thread Starter

    Joined:
    Sep 8, 2003
    Messages:
    8
    Ok, my computer is f%^$ed and would really really really appreciate some help. I know it has a Trojan Horse and I know it has something to do with SVCHOST. That's about all I know. I tried to install that hacker help thing or whatever but I have many problems. First problem, most links won;t open so when I try to download software by clicking links it doesn't work. Second of all I am not able to install any software. The ******* using my machine has made it so I can't install anything. ZOnealarm, mcAffee virus, nothing. What am I to do. Any help would so be appreciated.

    Thanks.
    ~Rob
     
  2. BillC

    BillC

    Joined:
    May 28, 2003
    Messages:
    2,366
    Sounds like you might be a tad unhappy. I don't blame you. So if you can't d/l anything, try am online virus scan at TrendoMicro's Housecall. It is free and might help. You may end up going to a software vendor and getting a hard copy of an antivirus program. But, try the online scan first.
     
  3. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    You can try downloading
    the Stinger tool which should clean the virus off of your machine. Then get the Microsoft updates and update your own virus program files.
     
  4. chachi45

    chachi45 Thread Starter

    Joined:
    Sep 8, 2003
    Messages:
    8
    Thanks guys I will try this stuff, I hope it works. Is Vius the same thing as Trojan Horse as far as the cleaning process?

    ~Rob
     
  5. cybertech

    cybertech Retired Moderator

    Joined:
    Apr 16, 2002
    Messages:
    72,115
    Trojan Horse, worms, macro... all are considered to be a virus. So I guess the answer to your question regarding the cleaning process is yes, although each virus will have it's own clean up method.
     
  6. chachi45

    chachi45 Thread Starter

    Joined:
    Sep 8, 2003
    Messages:
    8
    Will those online sites listed above help even if I am not able to actually install anything on my computer? Even clicking on links to download stuff half the time won't work.

    ~Rob
     
  7. RSM123

    RSM123

    Joined:
    Aug 1, 2002
    Messages:
    5,531
  8. socce98

    socce98

    Joined:
    Sep 20, 2003
    Messages:
    20
    Hello... I am a college student and I really need help on fixing my computer... nothing seems to be running oddly but on September 19th my computer caught a virus... I checked for it and it is called trojan horse and the filename is A0249929.CPY and A0249924.CPY... I have run the scan over and over but it sayd it cannot clean it or remove it... i even tried to do this in safe mode but that did not work either... maybe i am doing something wrong... i would be forever grateful if someone could please help me out... this is my hijack log

    Logfile of HijackThis v1.96.4
    Scan saved at 10:58:41 AM, on 9/20/2003
    Platform: Windows ME (Win9x 4.90.3000)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\SYSTEM\SSDPSRV.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\PROGRAM FILES\NORTON ANTIVIRUS\RTVSCN95.EXE
    C:\PROGRAM FILES\NORTON ANTIVIRUS\DEFWATCH.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
    C:\WINDOWS\SYSTEM\ATI2EVXX.EXE
    C:\WINDOWS\SYSTEM\ATI2CWXX.EXE
    C:\WINDOWS\SYSTEM\CMPDPSRV.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\PROGRAM FILES\NORTON ANTIVIRUS\VPTRAY.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE
    C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
    C:\WINDOWS\SYSTEM\QTTASK.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM FILES\AWS\WEATHERBUG\WEATHER.EXE
    C:\PROGRAM FILES\NETSCAPE\NETSCAPE\NETSCP.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\WINDOWS\SYSTEM\RPCSS.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\PROGRAM FILES\NORTON ANTIVIRUS\VPC32.EXE
    C:\WINDOWS\TEMP\TD_0001.DIR\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.allegheny.edu/index.php
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://allecat2.alleg.edu:8080/proxy.pac
    N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CPROGRAM%20FILES%5CNETSCAPE%5CNETSCAPE%5Csearchplugins%5CSBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\czm26k6c.slt\prefs.js)
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
    O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [ATIPOLAB] ati2evxx.exe
    O4 - HKLM\..\Run: [Ati2cwxx] Ati2cwxx.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [CpqBootPerfDb] C:\Cpqs\Scom\CpqBootPerfDb.exe
    O4 - HKLM\..\Run: [PDPServer] CMpdpsrv.exe
    O4 - HKLM\..\Run: [CMPDPSRV] C:\WINDOWS\SYSTEM\CMPDPSRV.EXE
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\NORTON~1\vptray.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\Run: [winmain] winmain.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\PROGRAM FILES\WINAMP\WINAMPa.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
    O4 - HKLM\..\Run: [MSConfigReminder] C:\WINDOWS\SYSTEM\msconfig.exe /reminder
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
    O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
    O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
    O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\RunServices: [rtvscn95] C:\PROGRA~1\NORTON~1\rtvscn95.exe
    O4 - HKLM\..\RunServices: [defwatch] C:\PROGRA~1\NORTON~1\defwatch.exe
    O4 - HKCU\..\Run: [PPWebCap] C:\PROGRA~1\SCANSOFT\PAPERP~1\PPWebCap.exe
    O4 - HKCU\..\Run: [Weather] C:\PROGRAM FILES\AWS\WEATHERBUG\WEATHER.EXE 1
    O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
    O4 - HKCU\..\Run: [Mozilla Quick Launch] "C:\Program Files\Netscape\Netscape\Netscp.exe" -turbo
    O9 - Extra button: Messenger (HKLM)
    O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
    O9 - Extra button: AIM (HKLM)
    O9 - Extra button: Real.com (HKLM)
    O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/...ash/swflash.cab
    O16 - DPF: {D30CA0FD-1CA0-11D4-AC78-006008A9A8BC} (WebBasedClientInstall Class) - http://nortonres.allegheny.edu/webinst/WebInst.cab
    O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://infoeagle.bc.edu/bc_org/avp/...er/tdserver.cab
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab
    O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://download.yahoo.com/dl/installs/yinst0309.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/...all/xscan53.cab
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.c...7872.8595486111
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
     
  9. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,331
    socce98

    Tujrn off System Restore.

    Run Hijack This again and put a check by these. Close all browser windows and "Fix checked"

    O4 - HKLM\..\Run: [winmain] winmain.exe

    O4 - HKCU\..\Run: [Weather] C:\PROGRAM FILES\AWS\WEATHERBUG\WEATHER.EXE 1

    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/viewers/ipixx.cab

    Restart to Safe Mode: press f8 on startup and select Safe Mode from the boot menu.

    In Safe Mode Go to Start > Search and under "More advanced search options" make sure there is a check by "Search System Folders" and "Search hidden files and folders" and "Search system subfolders"

    In the "All or part of the file name" search field Type in and click "Search" for the following files and find and delete them.

    A0249929.CPY
    A0249924.CPY
    winmain.exe

    Boot back to normal.

    Go here http://housecall.trendmicro.com/ and do an online virus scan.

    Go here http://www.lavasoftusa.com/software/adaware/ and download Adaware 6

    Install the program and launch it.

    I strongly recommend that you read the help file to familiarize yourself with the program.

    Before running the scan look at the top of the main window and you will see a Gear Icon. This is where you configure the settings. Click on that and then in the next window that pops up click on the "Scanning" tab on the left side. Under "Drives and Folders" put a check by "Scan within archives" and below that under "Memory and Registry" put a check by all the options there.
    The click on the "Tweak" tab and under "Scanning engine" put a check by "Unload recognized processes during scanning" ...........then......under "Cleaning engine" put a ckeck by "Automatically try to unregister objects prior to deletion" and "Let windows remove files in use at next reboot" then click "Proceed"

    Next in the main window look in the bottom right corner and click on "Check for updates now" and get the latest referencefiles.
    After getting the latest referencefiles you are ready to scan.

    Click "Start" and in the next window make sure "Active in depth scanning" is checked then click "Next" and the scan will begin.

    When it is finished let it fix everything it finds.

    Restart your computer.

    Then go here http://spybot.eon.net.au/index.php?lang=en&page=download and download Spybot.

    Install the program and launch it.

    Before scanning press "Online" and "Search for Updates" .

    Put a check mark at and install all updates.

    Click "Check for Problems" and when the scan is finished let Spybot fix/remove all it finds.

    Restart your computer.

    Be sure and take advantage of the "Immunize" feature in Spybot.

    Finally go here http://www.net-integration.net/cgi-bin/forum/ikonboard.cgi?;act=ST;f=38;t=3051 for info on how this happens and how to help prevent future attacks.
    On this page you will find a link to Javacool's SpywareBlaster and Spyware Guard. Get them both and check for updates frequently.
    The Immunize feature in Spybot used in conjunction with SpywareBlaster and SpywareGuard and weekly scans with Spybot and Adaware will go a long way toward keeping you spyware free.

    Important!: ALWAYS check for updated detections and referencefiles before scanning with Spybot and Adaware. And be sure to check for updates to SpywareBlaster and SpywareGuard on a weekly basis.

    Verify that all is well and turn system restore back on and create a restore point.
     
  10. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,331
    Well socce98 did the info help?
     
  11. socce98

    socce98

    Joined:
    Sep 20, 2003
    Messages:
    20
    FLRMAN1, THANK YOU SOOO MUCH for your help!

    I have one question though... I am to the point where i downloaded adware and it did the scan... the scan shows that there are 4 registry keys identified, 2 registry values identified, 79 files identified, and 3 folders identified... when i hit "next" to fix it, there is nothing marked, which files should i actually fix?? PLEASE HELP!

    the logfile is as follows....

    Listing running processes
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    #:1 [kernel32.dll]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4279228497
    Threads : 4
    Priority : High
    FileSize : 524 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1991-2000
    CompanyName : Microsoft Corporation
    FileDescription : Win32 Kernel core component
    InternalName : KERNEL32
    OriginalFilename : KERNEL32.DLL
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 6/8/2000 9:00:00 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:2 [msgsrv32.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294942385
    Threads : 1
    Priority : Normal
    FileSize : 11 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1992-1998
    CompanyName : Microsoft Corporation
    FileDescription : Windows 32-bit VxD Message Server
    InternalName : MSGSRV32
    OriginalFilename : MSGSRV32.EXE
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 6/8/2000 9:00:00 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:3 [mmtask.tsk]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294868669
    Threads : 1
    Priority : Normal
    FileSize : 1 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright
    CompanyName : Microsoft Corporation
    FileDescription : Multimedia background task support module
    InternalName : mmtask.tsk
    OriginalFilename : mmtask.tsk
    ProductName : Microsoft Windows
    Created on : 6/8/2000 9:00:00 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:4 [mprexe.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294866049
    Threads : 1
    Priority : Normal
    FileSize : 28 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1993-2000
    CompanyName : Microsoft Corporation
    FileDescription : WIN32 Network Interface Service Process
    InternalName : MPREXE
    OriginalFilename : MPREXE.EXE
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 6/8/2000 9:00:00 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:5 [mstask.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294845713
    Threads : 2
    Priority : Normal
    FileSize : 124 KB
    FileVersion : 4.71.2721.1
    ProductVersion : 4.71.2721.1
    Copyright : Copyright (C) Microsoft Corp. 2000
    CompanyName : Microsoft Corporation
    FileDescription : Task Scheduler Engine
    InternalName : TaskScheduler
    OriginalFilename : mstask.exe
    ProductName : Microsoft
    Created on : 6/8/2000 9:00:00 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:6 [ssdpsrv.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294849489
    Threads : 4
    Priority : Normal
    FileSize : 55 KB
    FileVersion : 4.90.3003.0
    ProductVersion : 4.90.3003.0
    Copyright : Copyright (C) Microsoft Corp. 1981-2000
    CompanyName : Microsoft Corporation
    FileDescription : SSDP Service on Windows Millennium
    InternalName : ssdpsrv.exe
    OriginalFilename : ssdpsrv.exe
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 9/9/2003 5:45:09 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 12/13/2001 9:38:12 PM

    #:7 [stimon.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294879301
    Threads : 5
    Priority : Normal
    FileSize : 27 KB
    FileVersion : 4.90.3000.1
    ProductVersion : 4.90.3000.1
    Copyright : Copyright (C) Microsoft Corp. 1981-2000
    CompanyName : Microsoft Corporation
    FileDescription : Still Image Devices Monitor
    InternalName : STIMON
    OriginalFilename : STIMON.EXE
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 6/8/2000 9:00:00 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:8 [rtvscn95.exe]
    FilePath : C:\PROGRAM FILES\NORTON ANTIVIRUS\
    ProcessID : 4294877813
    Threads : 31
    Priority : Normal
    FileSize : 420 KB
    FileVersion : 7.60.00.926
    ProductVersion : 7.60.00.926
    Copyright : Copyright (C) Symantec Corporation 1991-2000
    CompanyName : Symantec Corporation
    FileDescription : Norton AntiVirus
    ProductName : Norton AntiVirus
    Created on : 9/24/2001 11:59:00 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/24/2001 11:59:00 AM

    #:9 [defwatch.exe]
    FilePath : C:\PROGRAM FILES\NORTON ANTIVIRUS\
    ProcessID : 4294774913
    Threads : 2
    Priority : Normal
    FileSize : 32 KB
    FileVersion : 7.60.00.926
    ProductVersion : 7.60.00.926
    Copyright : Copyright
    CompanyName : Symantec Corporation
    FileDescription : Virus Definition Daemon
    InternalName : DefWatch
    OriginalFilename : DefWatch.exe
    ProductName : Norton AntiVirus
    Created on : 9/24/2001 11:59:00 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/24/2001 11:59:00 AM

    #:10 [explorer.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 4294783413
    Threads : 29
    Priority : Normal
    FileSize : 220 KB
    FileVersion : 5.50.4134.100
    ProductVersion : 5.50.4134.100
    Copyright : Copyright (C) Microsoft Corp. 1981-2000
    CompanyName : Microsoft Corporation
    FileDescription : Windows Explorer
    InternalName : explorer
    OriginalFilename : EXPLORER.EXE
    ProductName : Microsoft(R) Windows (R) 2000 Operating System
    Created on : 6/8/2000 9:00:00 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:11 [stmgr.exe]
    FilePath : C:\WINDOWS\SYSTEM\RESTORE\
    ProcessID : 4294759137
    Threads : 4
    Priority : Normal
    FileSize : 60 KB
    FileVersion : 4.90.0.2533
    ProductVersion : 4.90.0.2533
    Copyright : Copyright (C) Microsoft Corp. 1981-2000
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft (R) PC State Manager
    InternalName : StateMgr.exe
    OriginalFilename : StateMgr.exe
    ProductName : Microsoft (r) PCHealth
    Created on : 6/8/2000 9:00:00 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:12 [ati2evxx.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294650673
    Threads : 1
    Priority : Normal
    FileSize : 60 KB
    Copyright : 33

    Created on : 4/3/2001 10:04:49 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 3/7/2000 6:44:04 PM

    #:13 [ati2cwxx.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294692573
    Threads : 1
    Priority : Normal
    FileSize : 20 KB
    FileVersion : 4.12.1006
    ProductVersion : 4.12.1006
    Copyright : Copyright
    CompanyName : ATI Technologies Inc.
    FileDescription : ATI Common Windows Display Driver Extension
    InternalName : ATI2CWXX
    OriginalFilename : ATI2CWXX.EXE
    ProductName : ATI CWDDE 32-Bit Callback
    Created on : 4/3/2001 10:04:49 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 2/21/2000 9:43:22 PM

    #:14 [cmpdpsrv.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294701309
    Threads : 4
    Priority : Normal
    FileSize : 40 KB
    FileVersion : 1.0.0.137
    ProductVersion : 1.0.0.137
    Copyright : Copyright
    CompanyName : Conexant Systems, Inc.
    FileDescription : PDP RPC Server
    InternalName : PDPserver
    OriginalFilename : PDPserve.dll
    ProductName : Printer Driver Plus
    Created on : 12/1/2002 7:51:57 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 5/7/2001 8:35:58 PM

    #:15 [spool32.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294673193
    Threads : 2
    Priority : Normal
    FileSize : 44 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1994 - 1998
    CompanyName : Microsoft Corporation
    FileDescription : Spooler Sub System Process
    InternalName : spool32
    OriginalFilename : spool32.exe
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 6/8/2000 9:00:00 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:16 [vptray.exe]
    FilePath : C:\PROGRAM FILES\NORTON ANTIVIRUS\
    ProcessID : 4294684337
    Threads : 2
    Priority : Normal
    FileSize : 72 KB
    FileVersion : 7.60.00.926
    ProductVersion : 7.60.00.926
    Copyright : Copyright (C) Symantec Corporation 1991-2000
    CompanyName : Symantec Corporation
    FileDescription : Norton AntiVirus
    ProductName : Norton AntiVirus
    Created on : 9/24/2001 11:59:00 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/24/2001 11:59:00 AM

    #:17 [systray.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294685157
    Threads : 2
    Priority : Normal
    FileSize : 36 KB
    FileVersion : 4.90.3000
    ProductVersion : 4.90.3000
    Copyright : Copyright (C) Microsoft Corp. 1993-2000
    CompanyName : Microsoft Corporation
    FileDescription : System Tray Applet
    InternalName : SYSTRAY
    OriginalFilename : SYSTRAY.EXE
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 6/8/2000 9:00:00 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:18 [realplay.exe]
    FilePath : C:\PROGRAM FILES\REAL\REALPLAYER\
    ProcessID : 4294641441
    Threads : 8
    Priority : Normal
    FileSize : 25 KB
    FileVersion : 6.0.9.380
    ProductVersion : 6.0.9.380
    Copyright : Copyright
    CompanyName : RealNetworks, Inc.
    FileDescription : RealPlayer
    InternalName : REALPLAY
    OriginalFilename : REALPLAY.EXE
    ProductName : RealPlayer (32-bit)
    Created on : 12/19/2002 3:33:00 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 12/19/2002 3:33:02 AM

    #:19 [winampa.exe]
    FilePath : C:\PROGRAM FILES\WINAMP\
    ProcessID : 4294606161
    Threads : 1
    Priority : Normal
    FileSize : 12 KB
    Created on : 4/26/2002 5:53:36 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 4/26/2002 5:53:38 PM

    #:20 [qttask.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294578853
    Threads : 2
    Priority : Normal
    FileSize : 76 KB
    FileVersion : 6.0.2
    ProductVersion : QuickTime 6.0.2
    CompanyName : Apple Computer, Inc.
    FileDescription : Apple Computer, Inc.
    InternalName : QuickTime Task
    OriginalFilename : QTTask.exe
    ProductName : QuickTime
    Created on : 9/11/2003 12:07:07 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/11/2003 12:07:08 AM

    #:21 [weather.exe]
    FilePath : C:\PROGRAM FILES\AWS\WEATHERBUG\
    ProcessID : 4294637133
    Threads : 5
    Priority : Normal
    FileSize : 816 KB
    FileVersion : 5, 0, 0, 4
    ProductVersion : 5, 0, 0, 4
    Copyright : Copyright
    CompanyName : AWS Convergence Technologies, Inc.
    FileDescription : WeatherBug
    InternalName : Desktop Weather
    OriginalFilename : WeatherBug.exe
    ProductName : AWS, Inc.WeatherBug
    Created on : 3/24/2003 2:30:21 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 1/22/2003 3:10:36 PM

    #:22 [netscp.exe]
    FilePath : C:\PROGRAM FILES\NETSCAPE\NETSCAPE\
    ProcessID : 4294527005
    Threads : 5
    Priority : Normal
    FileSize : 554 KB
    FileVersion : 7.1
    ProductVersion : 7.1
    Copyright : License: MPL 1.1/GPL 2.0/LGPL 2.1
    CompanyName : Mozilla, Netscape
    FileDescription : Netscape
    InternalName : apprunner
    OriginalFilename : Netscp.exe
    ProductName : Mozilla
    Created on : 9/9/2003 7:51:53 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 6/24/2003 4:09:00 PM

    #:23 [wmiexe.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294535857
    Threads : 3
    Priority : Normal
    FileSize : 16 KB
    FileVersion : 4.90.2452.1
    ProductVersion : 4.90.2452.1
    Copyright : Copyright (C) Microsoft Corp. 1981-1999
    CompanyName : Microsoft Corporation
    FileDescription : WMI service exe housing
    InternalName : wmiexe
    OriginalFilename : wmiexe.exe
    ProductName : Microsoft(R) Windows(R) Millennium Operating System
    Created on : 6/8/2000 9:00:00 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:24 [ddhelp.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294521877
    Threads : 6
    Priority : Realtime
    FileSize : 32 KB
    FileVersion : 4.09.00.0900
    ProductVersion : 4.09.00.0900
    Copyright : Copyright
    CompanyName : Microsoft Corporation
    FileDescription : Microsoft DirectX Helper
    InternalName : DDHelp.exe
    OriginalFilename : DDHelp.exe
    ProductName : Microsoft
    Created on : 9/9/2003 5:28:05 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 12/12/2002 4:14:32 AM

    #:25 [rpcss.exe]
    FilePath : C:\WINDOWS\SYSTEM\
    ProcessID : 4294451257
    Threads : 5
    Priority : Normal
    FileSize : 20 KB
    FileVersion : 4.71.3328
    ProductVersion : 4.71.3328
    Copyright : Copyright (C) Microsoft Corp. 1981-1998
    CompanyName : Microsoft Corporation
    FileDescription : Distributed COM Services
    InternalName : rpcss.exe
    OriginalFilename : rpcss.exe
    ProductName : Microsoft(R) Windows NT(TM) Operating System
    Created on : 6/8/2000 9:00:00 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 6/8/2000 9:00:00 PM

    #:26 [aim.exe]
    FilePath : C:\SCANSOFT DOCUMENTS\PROGRAM FILES\AIM95\
    ProcessID : 4294281773
    Threads : 7
    Priority : Normal
    FileSize : 60 KB
    FileVersion : 5.1.3036
    ProductVersion : 5.1.3036
    Copyright : Copyright
    CompanyName : America Online, Inc.
    FileDescription : AOL Instant Messenger
    InternalName : AIM
    OriginalFilename : AIM.EXE
    ProductName : AOL Instant Messenger
    Created on : 12/1/2002 8:23:32 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 11/13/2002 11:50:20 PM

    #:27 [ad-aware.exe]
    FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
    ProcessID : 4294739657
    Threads : 3
    Priority : Normal
    FileSize : 668 KB
    FileVersion : 6.0.1.181
    ProductVersion : 6.0.0.0
    Copyright : Copyright
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-aware 6 core application
    InternalName : Ad-aware.exe
    OriginalFilename : Ad-aware.exe
    ProductName : Lavasoft Ad-aware Plus
    Created on : 9/20/2003 10:35:37 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 7/13/2003 2:00:20 AM

    Memory scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 0
    Objects found so far: 0


    Started registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    ClearSearch Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : SOFTWARE\CLRSCH


    istbar Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTsvc


    Registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 2
    Objects found so far: 2


    Started deep registry scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    istbar Object recognized!
    Type : RegKey
    Data : c:\windows\downloaded program files\istactivex.dll
    Rootkey : HKEY_CLASSES_ROOT
    Object : TYPELIB\{8C752C5E-3C10-4076-AF0A-FFC69FA20D1B}


    istbar Object recognized!
    Type : File
    Data : istactivex.dll
    Object : c:\windows\downloaded program files\
    FileSize : 32 KB
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    Copyright : Copyright 2003
    FileDescription : ISTactivex Module
    InternalName : ISTactivex
    OriginalFilename : ISTactivex.DLL
    ProductName : ISTactivex Module
    Created on : 5/8/2003 3:12:24 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 5/8/2003 3:12:24 AM



    istbar Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_LOCAL_MACHINE
    Object : Software\microsoft\windows\currentversion\moduleusage\C:/WINDOWS/Downloaded Program Files/ISTactivex.dll


    istbar Object recognized!
    Type : RegValue
    Data : c:\windows\downloaded program files\istactivex.dll
    Rootkey : HKEY_LOCAL_MACHINE
    Object : Software\Microsoft\Windows\CurrentVersion\SharedDLLs
    Value : C:\WINDOWS\Downloaded Program Files\ISTactivex.dll


    Deep registry scan result :
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 3
    Objects found so far: 6


    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/20/2003 5:34:46 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/20/2003 5:34:48 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]rver[2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/20/2003 1:59:20 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/20/2003 1:59:22 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]getrack[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 12/2/2002 1:48:45 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 12/2/2002 1:48:46 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 4/5/2003 5:48:46 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 4/5/2003 5:48:48 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\
    FileSize : 1 KB
    Created on : 4/3/2003 11:35:37 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 4/3/2003 11:35:38 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 12/6/2002 12:15:53 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 12/6/2002 12:15:54 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 2/14/2003 4:01:50 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 2/14/2003 4:01:52 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]opup[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 2/16/2003 7:39:37 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 2/16/2003 7:39:38 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 12/4/2002 1:17:41 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 12/4/2002 1:17:42 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][3].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/20/2003 5:34:33 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/20/2003 5:34:34 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 3/13/2003 6:14:45 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 3/13/2003 6:14:46 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 12/15/2002 11:18:23 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 12/15/2002 11:18:24 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/20/2003 3:14:06 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/20/2003 3:14:08 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]ury-sex[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 12/7/2002 1:47:11 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 12/7/2002 1:47:12 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]www.sex-in-www[2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 12/7/2002 1:47:52 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 12/7/2002 1:47:54 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/20/2003 4:43:16 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/20/2003 4:43:18 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]rver[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 4/4/2003 2:21:05 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 4/4/2003 2:21:06 PM



    Other Object recognized!
    Type : File
    Data : [email protected][3].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 12/7/2002 2:56:37 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 12/7/2002 2:56:38 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 3/28/2003 10:58:51 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 3/28/2003 10:58:52 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 4/6/2003 1:43:35 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 4/6/2003 1:43:36 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]ead[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 12/10/2002 6:15:43 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 12/10/2002 6:15:44 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 4/6/2003 1:26:32 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 4/6/2003 1:26:34 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]rail[2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 12/14/2002 8:00:04 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 12/14/2002 8:00:06 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 12/15/2002 11:04:38 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 12/15/2002 11:04:40 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/20/2003 10:28:28 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/20/2003 10:28:30 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 12/15/2002 11:20:23 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 12/15/2002 11:20:24 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 2/26/2003 4:10:38 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 2/26/2003 4:10:40 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]www.angelfire[2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 4/1/2003 7:19:45 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 4/1/2003 7:19:46 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 2/13/2003 10:40:18 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 2/13/2003 10:40:20 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]nclick[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 1/14/2003 4:40:36 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 1/14/2003 4:40:38 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 1/27/2003 7:45:27 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 1/27/2003 7:45:28 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 1/30/2003 2:35:04 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 1/30/2003 2:35:06 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/20/2003 3:54:54 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/20/2003 3:54:56 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\
    FileSize : 3 KB
    Created on : 2/1/2003 5:30:02 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 2/1/2003 5:30:04 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]rnetfuel[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 1/31/2003 2:58:35 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 1/31/2003 2:58:36 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/16/2003 1:51:01 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/16/2003 1:51:02 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 1/27/2003 7:46:03 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 1/27/2003 7:46:04 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/19/2003 7:48:50 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/19/2003 7:48:52 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 4/5/2003 3:48:33 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 4/5/2003 3:48:34 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 2/5/2003 12:18:40 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 2/5/2003 12:18:42 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]rnetfuel[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 1/30/2003 1:28:49 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 1/30/2003 1:28:50 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]opup[2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 2/1/2003 2:33:14 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 2/1/2003 2:33:16 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 3/9/2003 11:21:06 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 3/9/2003 11:21:08 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 3/9/2003 11:19:40 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 3/9/2003 11:19:42 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]-logics[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 2/13/2003 10:40:16 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 2/13/2003 10:40:18 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]www.eyeblaster-bs[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 3/30/2003 10:27:56 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 3/30/2003 10:27:58 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]ead[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 4/4/2003 12:36:28 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 4/4/2003 12:36:30 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 2/16/2003 7:39:37 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 2/16/2003 7:39:38 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]g[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 3/3/2003 2:04:23 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 3/3/2003 2:04:24 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 2/27/2003 6:13:27 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 2/27/2003 6:13:28 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 3/8/2003 12:37:28 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 3/8/2003 12:37:30 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]psponsor[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 4/3/2003 10:12:14 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 4/3/2003 10:12:16 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]g[2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/16/2003 5:21:30 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/16/2003 5:21:32 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 3/12/2003 5:24:38 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 3/12/2003 5:24:40 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]ox[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/20/2003 5:34:33 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/20/2003 5:34:34 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 3/29/2003 10:48:55 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 3/29/2003 10:48:56 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 4/3/2003 10:12:14 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 4/3/2003 10:12:16 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 3/24/2003 12:26:04 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 3/24/2003 12:26:06 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]tracker[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 4/4/2003 5:14:43 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 4/4/2003 5:14:44 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/17/2003 1:19:27 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/17/2003 1:19:28 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]www.maximumcash[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 4/4/2003 5:17:43 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 4/4/2003 5:17:44 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]ificpop[1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 4/5/2003 3:18:23 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 4/5/2003 3:18:24 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/20/2003 5:17:52 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/20/2003 5:17:54 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]ificpop[3].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/18/2003 4:36:50 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/18/2003 4:36:52 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][2].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/20/2003 5:35:33 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/20/2003 5:35:34 AM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][3].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/20/2003 3:14:27 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/20/2003 3:14:28 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected]rtising[1].txt
    Object : C:\WINDOWS\Cookies\
    FileSize : 1 KB
    Created on : 9/20/2003 6:52:45 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/20/2003 6:52:46 PM



    Tracking Cookie Object recognized!
    Type : File
    Data : [email protected][1].txt
    Object : C:\WINDOWS\Cookies\

    Created on : 9/20/2003 10:28:28 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/20/2003 10:28:30 PM


    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯


    Deep scanning and examining files (C:)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    BrilliantDigital Object recognized!
    Type : File
    Data : bdesac24.dll
    Object : C:\WINDOWS\SYSTEM\
    FileSize : 164 KB
    FileVersion : 3, 1, 2, 0
    ProductVersion : 3, 1, 2, 0
    Copyright : Copyright
    CompanyName : Brilliant Digital Entertainment
    FileDescription : BDESac24
    InternalName : BDESac24
    OriginalFilename : BDESac24.dll
    ProductName : BDESound
    Created on : 12/9/2002 3:52:06 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 8/31/2001 12:47:38 AM



    BrilliantDigital Object recognized!
    Type : File
    Data : bdesac10.dll
    Object : C:\WINDOWS\SYSTEM\
    FileSize : 168 KB
    FileVersion : 3, 1, 2, 0
    ProductVersion : 3, 1, 2, 0
    Copyright : Copyright
    CompanyName : Brilliant Digital Entertainment
    FileDescription : BDESac10
    InternalName : BDESac10
    OriginalFilename : BDESac10.dll
    ProductName : BDESound
    Created on : 12/9/2002 3:52:08 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 8/31/2001 12:47:38 AM



    BrilliantDigital Object recognized!
    Type : File
    Data : bderastdx3.dll
    Object : C:\WINDOWS\SYSTEM\
    FileSize : 68 KB
    FileVersion : 3, 5, 6, 7
    ProductVersion : 3, 5, 6, 7
    Copyright : Copyright
    CompanyName : Brilliant Digital
    FileDescription : DirectX Rasterizer
    InternalName : bderastdx
    OriginalFilename : bderastdx.dll
    ProductName : bderastdx
    Created on : 12/9/2002 3:52:15 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/8/2002 6:13:54 PM



    WurldMedia Object recognized!
    Type : File
    Data : uninstall.exe
    Object : C:\WINDOWS\SYSTEM\
    FileSize : 312 KB
    Created on : 1/31/2003 2:09:10 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 1/28/2003 8:24:28 PM




    Scanning Hosts file(C:\WINDOWS\hosts)
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    Hosts file scan result:
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    0 entries scanned.
    New objects :0
    Objects found so far: 78



    Possible Browser Hijack attempt Object recognized!
    Type : File
    Data : welcome to allegheny college.url
    Object : C:\WINDOWS\Favorites\Links\

    Created on : 4/10/2003 10:44:58 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 4/10/2003 10:45:00 PM




    Performing conditional scans..
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

    ClearSearch Object recognized!
    Type : Folder
    Object : c:\program files\ClearSearch


    ClearSearch Object recognized!
    Type : Folder
    Object : c:\windows\temp\ClrSch


    ClearSearch Object recognized!
    Type : File
    Data : clrschieplugin.dll
    Object : c:\program files\clearsearch\
    FileSize : 312 KB
    FileVersion : 1, 0, 0, 18
    ProductVersion : 1, 0, 0, 18
    Copyright : Copyright
    CompanyName : Clear Search
    FileDescription : ClrSchIEplugin
    InternalName : ClrSchIEplugin
    OriginalFilename : ClrSchIEplugin.dll
    ProductName : ClrSchIEplugin
    Created on : 9/9/2003 4:57:56 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/10/2003 8:00:08 PM



    ClearSearch Object recognized!
    Type : File
    Data : control.dat
    Object : c:\program files\clearsearch\

    Created on : 9/10/2003 8:00:17 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/10/2003 8:00:18 PM



    istbar Object recognized!
    Type : Folder
    Object : c:\program files\ISTsvc


    istbar Object recognized!
    Type : File
    Data : nsreg.dat
    Object : c:\windows\
    FileSize : 23 KB
    Created on : 1/9/1999 2:09:35 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/9/2003 7:53:52 AM



    istbar Object recognized!
    Type : File
    Data : istactivex.inf
    Object : c:\windows\downloaded program files\

    Created on : 5/8/2003 3:14:46 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 5/8/2003 3:14:46 AM



    istbar Object recognized!
    Type : File
    Data : tinybar.exe
    Object : c:\windows\
    FileSize : 11 KB
    Created on : 9/9/2003 4:57:45 AM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 9/9/2003 6:09:34 AM



    BrilliantDigital Object recognized!
    Type : RegKey
    Data :
    Rootkey : HKEY_CLASSES_ROOT
    Object : .s3d


    Conditional scan result:
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    New objects : 9
    Objects found so far: 88


    6:54:57 PM Scan complete

    Summary of this scan
    ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
    Total scanning time :00:04:43:200
    Objects scanned :29372
    Objects identified :88
    Objects ignored :0
    New objects :88


    there are 88 items... which ones should i check off? or should i check off all of them????

    if you could let me know, i would really appreciate it... thank you in advance!
     
  12. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,331
    Check them all and have Adaware fix them.

    The only one I see you may choose to leave would be this one:

    Possible Browser Hijack attempt Object recognized!
    Type : File
    Data : welcome to allegheny college.url
    Object : C:\WINDOWS\Favorites\Links\

    Created on : 4/10/2003 10:44:58 PM
    Last accessed : 9/20/2003 4:00:00 AM
    Last modified : 4/10/2003 10:45:00 PM

    I'm assuming this is your school's page.
     
  13. socce98

    socce98

    Joined:
    Sep 20, 2003
    Messages:
    20
    Flrman1, thank you VERY much for all of your help... as far as i know the virus is completely gone because my norton antivirus does not detect any viruses... i downloaded all of your suggestions... thank you so much for such detailed instructions!!!
     
  14. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,331
    You're Welcome! (y)

    My pleasure.:)
     
  15. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/163439

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice