• Announcements

    • LS.Andy

      Support for other products than adaware, ad block, web protection and Web Companion   05/05/2017

      Support for the following products is handled by the Lavasoft support team: Lavasoft Tuneup Kit Lavasoft PC Optimizer Lavasoft Driver Updater Lavasoft Registry Tuner Lavasoft Privacy Toolbox Lavasoft File Shredder Lavasoft Digital Lock

      For help with these products, contact the support team here: http://www.lavasoft.com/support/supportcenter/
       
Sign in to follow this  
ant709

Url.cpvfeed.com

Recommended Posts

this is my hijack this page

Logfile of HijackThis v1.99.1

Scan saved at 1:56:43 AM, on 6/23/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Norton Internet Security\ISSVC.exe

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

C:\WINDOWS\system32\psyjkmdd.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\WINDOWS\system32\HPZipm12.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe

C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Real\RealPlayer\RealPlay.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Dell\Media Experience\DMXLauncher.exe

C:\WINDOWS\wanmpsvc.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Common Files\AOL\1151761591\ee\aolsoftware.exe

C:\WINDOWS\retadpu1000106.exe

C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\MSN Messenger\MsnMsgr.Exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\Intuit\QuickBooks Pro\Components\QBAgent\QBDAgent.exe

C:\WINDOWS\system32\mrtMngr.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe

C:\Program Files\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com/search/de_srchlft.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway

R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL

O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar1.02.5000.1021\en-us\msntb.dll

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [intelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe

O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe

O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe

O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1151761591\ee\AOLSoftware.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [runner1] C:\WINDOWS\retadpu1000106.exe 61A847B5BBF72813329B385772FF01F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310

O4 - HKLM\..\Run: [salestart] "C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe"

O4 - HKLM\..\Run: [GPLv3] rundll32.exe "C:\WINDOWS\system32\ubktvglk.dll",realset

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - HKCU\..\Run: [WinPop] C:\Program Files\WinPop\winpop.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0a\aoltray.exe

O4 - Global Startup: Digital Line Detect.lnk = ?

O4 - Global Startup: QuickBooks Delivery Agent.lnk = C:\Program Files\Intuit\QuickBooks Pro\Components\QBAgent\QBDAgent.exe

O4 - Global Startup: Service Manager.norun

O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/...?p=ZUxdm265YYUS

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll

O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwe...tup1.0.0.15.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: DomainService - - C:\WINDOWS\system32\psyjkmdd.exe

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE

O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

 

AND THIS IS MY ADAWARE SCAN WHAT SHOULD I HIJACK PLEASE HELP

Ad-Aware SE Build 1.05

Logfile Created on:Saturday, June 23, 2007 1:15:37 AM

Created with Ad-Aware SE Personal, free for private use.

Using definitions file:SE1R8 13.09.2004

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

References detected during the scan:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

iWon(TAC index:5):120 total references

MRU List(TAC index:0):27 total references

Tracking Cookie(TAC index:3):12 total references

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Ad-Aware SE Settings

===========================

Set : Search for negligible risk entries

Set : Safe mode (always request confirmation)

Set : Scan active processes

Set : Scan registry

Set : Deep-scan registry

Set : Scan my IE Favorites for banned URLs

Set : Scan my Hosts file

 

Extended Ad-Aware SE Settings

===========================

Set : Unload recognized processes & modules during scan

Set : Scan registry for all users instead of current user only

Set : Always try to unload modules before deletion

Set : During removal, unload Explorer and IE if necessary

Set : Let Windows remove files in use at next reboot

Set : Delete quarantined objects after restoring

Set : Include basic Ad-Aware settings in log file

Set : Include additional Ad-Aware settings in log file

Set : Include reference summary in log file

Set : Include alternate data stream details in log file

Set : Play sound at scan completion if scan locates critical objects

 

 

6-23-2007 1:15:37 AM - Scan started. (Full System Scan)

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\search assistant\acmru

Description : list of recent search terms used with the search assistant

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru

Description : list of recently saved files, stored according to file extension

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru

Description : list of recent programs opened

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\windows\currentversion\explorer\recentdocs

Description : list of recent documents opened

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\office\11.0\common\open find\microsoft office word\settings\open\file name mru

Description : list of recent documents opened by microsoft word

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\office\11.0\common\open find\microsoft office powerpoint\settings\save as\file name mru

Description : list of recent documents saved by microsoft powerpoint

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\office\11.0\powerpoint\recent file list

Description : list of recent files used by microsoft powerpoint

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\office\11.0\common\open find\microsoft office word\settings\new from existing document\file name mru

Description : list of "new from existing document" files used by microsoft word

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\office\11.0\common\open find\microsoft office word\settings\save as\file name mru

Description : list of recent documents saved by microsoft word

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\office\11.0\powerpoint\recent templates

Description : list of recent templates used by microsoft powerpoint

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\office\11.0\word\recent templates

Description : list of recent templates used by microsoft word

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\office\11.0\powerpoint\recenttemplatelist

Description : list of recent templates used by microsoft powerpoint

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\internet explorer

Description : last download directory used in microsoft internet explorer

 

 

MRU List Object Recognized!

Location: : software\microsoft\directdraw\mostrecentapplication

Description : most recent application to use microsoft directdraw

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct3d

 

 

MRU List Object Recognized!

Location: : software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct3d

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\mediaplayer\preferences

Description : last playlist index loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\windows\currentversion\applets\regedit

Description : last key accessed using the microsoft registry editor

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio

Description : information on the last station listened to using musicmatch radio

 

 

MRU List Object Recognized!

Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv

Description : file conversion location settings in musicmatch jukebox

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\mediaplayer\medialibraryui

Description : last selected node in the microsoft windows media player media library

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct X

 

 

MRU List Object Recognized!

Location: : software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct X

 

 

MRU List Object Recognized!

Location: : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\windows media\wmsdk\general

Description : windows media sdk

 

 

MRU List Object Recognized!

Location: : C:\Documents and Settings\almira kasemi\Application Data\microsoft\office\recent

Description : list of recently opened documents using microsoft office

 

 

MRU List Object Recognized!

Location: : C:\Documents and Settings\almira kasemi\recent

Description : list of recently opened documents

 

 

Listing running processes

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

#:1 [smss.exe]

FilePath : \SystemRoot\System32\

ProcessID : 912

ThreadCreationTime : 6-23-2007 5:00:59 AM

BasePriority : Normal

 

 

#:2 [csrss.exe]

FilePath : \??\C:\WINDOWS\system32\

ProcessID : 964

ThreadCreationTime : 6-23-2007 5:01:03 AM

BasePriority : Normal

 

 

#:3 [winlogon.exe]

FilePath : \??\C:\WINDOWS\system32\

ProcessID : 988

ThreadCreationTime : 6-23-2007 5:01:03 AM

BasePriority : High

 

 

#:4 [services.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1032

ThreadCreationTime : 6-23-2007 5:01:03 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Services and Controller app

InternalName : services.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : services.exe

 

#:5 [lsass.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1044

ThreadCreationTime : 6-23-2007 5:01:03 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : LSA Shell (Export Version)

InternalName : lsass.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : lsass.exe

 

#:6 [svchost.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1224

ThreadCreationTime : 6-23-2007 5:01:04 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:7 [svchost.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1288

ThreadCreationTime : 6-23-2007 5:01:04 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:8 [svchost.exe]

FilePath : C:\WINDOWS\System32\

ProcessID : 1328

ThreadCreationTime : 6-23-2007 5:01:04 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:9 [evteng.exe]

FilePath : C:\Program Files\Intel\Wireless\Bin\

ProcessID : 1376

ThreadCreationTime : 6-23-2007 5:01:04 AM

BasePriority : Normal

FileVersion : 9, 0, 1, 12

ProductVersion : 9, 0, 0, 0

ProductName : EvtEng Module

CompanyName : Intel Corporation

FileDescription : EvtEng Module

InternalName : EvtEng

LegalCopyright : Copyright © Intel Corporation 1999-2004

OriginalFilename : EvtEng.EXE

 

#:10 [s24evmon.exe]

FilePath : C:\Program Files\Intel\Wireless\Bin\

ProcessID : 1492

ThreadCreationTime : 6-23-2007 5:01:06 AM

BasePriority : Normal

FileVersion : 9, 0, 1, 41

ProductVersion : 9, 0, 0, 0

ProductName : Mobile Unit Support Service

CompanyName : Intel Corporation

FileDescription : Event Monitor - Supports driver extensions to NIC Driver for wireless adapters.

InternalName : S24EvMon

LegalCopyright : Copyright © Intel Corporation 1999-2004

OriginalFilename : S24EvMon.exe

 

#:11 [wlkeeper.exe]

FilePath : C:\Program Files\Intel\Wireless\Bin\

ProcessID : 1536

ThreadCreationTime : 6-23-2007 5:01:09 AM

BasePriority : Normal

FileVersion : 9, 0, 1, 14

ProductVersion : 1, 0, 0, 1

ProductName : SSOFSet Service

CompanyName : Intel® Corporation

FileDescription : WLKEEPER

InternalName : WLKEEPER

LegalCopyright : Copyright © 2004

OriginalFilename : WLKEEPER.exe

 

#:12 [svchost.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1636

ThreadCreationTime : 6-23-2007 5:01:10 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:13 [svchost.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1776

ThreadCreationTime : 6-23-2007 5:01:13 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:14 [ccproxy.exe]

FilePath : C:\Program Files\Common Files\Symantec Shared\

ProcessID : 148

ThreadCreationTime : 6-23-2007 5:01:15 AM

BasePriority : Normal

FileVersion : 103.5.0.90

ProductVersion : 103.5.0.90

ProductName : Client and Host Security Platform

CompanyName : Symantec Corporation

FileDescription : Symantec Network Proxy Service

InternalName : ccProxy

LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved.

OriginalFilename : ccProxy.exe

 

#:15 [ccsetmgr.exe]

FilePath : C:\Program Files\Common Files\Symantec Shared\

ProcessID : 188

ThreadCreationTime : 6-23-2007 5:01:16 AM

BasePriority : Normal

FileVersion : 103.5.0.90

ProductVersion : 103.5.0.90

ProductName : Client and Host Security Platform

CompanyName : Symantec Corporation

FileDescription : Symantec Settings Manager Service

InternalName : ccSetMgr

LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved.

OriginalFilename : ccSetMgr.exe

 

#:16 [issvc.exe]

FilePath : C:\Program Files\Norton Internet Security\

ProcessID : 220

ThreadCreationTime : 6-23-2007 5:01:16 AM

BasePriority : Normal

FileVersion : 8.2.0.34

ProductVersion : 8.2

ProductName : Norton Internet Security

CompanyName : Symantec Corporation

FileDescription : IS Service

InternalName : ISSVC.exe

LegalCopyright : Copyright © 2005 Symantec Corporation. All rights reserved.

OriginalFilename : ISSVC.exe

 

#:17 [sndsrvc.exe]

FilePath : C:\Program Files\Common Files\Symantec Shared\

ProcessID : 264

ThreadCreationTime : 6-23-2007 5:01:18 AM

BasePriority : Normal

FileVersion : 5.5.0.60

ProductVersion : 5.5

ProductName : Symantec Security Drivers

CompanyName : Symantec Corporation

FileDescription : Network Driver Service

InternalName : SndSrvc

LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation

OriginalFilename : SndSrvc.exe

 

#:18 [ccevtmgr.exe]

FilePath : C:\Program Files\Common Files\Symantec Shared\

ProcessID : 460

ThreadCreationTime : 6-23-2007 5:01:20 AM

BasePriority : Normal

FileVersion : 103.5.0.90

ProductVersion : 103.5.0.90

ProductName : Client and Host Security Platform

CompanyName : Symantec Corporation

FileDescription : Symantec Event Manager Service

InternalName : ccEvtMgr

LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved.

OriginalFilename : ccEvtMgr.exe

 

#:19 [zcfgsvc.exe]

FilePath : C:\Program Files\Intel\Wireless\Bin\

ProcessID : 1932

ThreadCreationTime : 6-23-2007 5:01:34 AM

BasePriority : Normal

FileVersion : 9, 0, 1, 45

ProductVersion : 1, 0, 0, 2

ProductName : ZeroCfgSvc Application

CompanyName : Intel Corporation

FileDescription : ZeroCfgSvc MFC Application

InternalName : ZeroCfgSvc

LegalCopyright : Copyright © Intel Corporation 1999-2004

OriginalFilename : ZeroCfgSvc.EXE

 

#:20 [explorer.exe]

FilePath : C:\WINDOWS\

ProcessID : 324

ThreadCreationTime : 6-23-2007 5:01:38 AM

BasePriority : Normal

FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 6.00.2900.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Windows Explorer

InternalName : explorer

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : EXPLORER.EXE

 

#:21 [1xconfig.exe]

FilePath : C:\PROGRA~1\Intel\Wireless\Bin\

ProcessID : 560

ThreadCreationTime : 6-23-2007 5:01:43 AM

BasePriority : Normal

FileVersion : 9, 0, 1, 33

ProductVersion : 9, 0, 0, 0

ProductName : 8021XConfig Module

CompanyName : Intel

FileDescription : 8021XConfig Module

InternalName : 8021XConfig

LegalCopyright : Copyright © Intel Corporation 1999-2004

OriginalFilename : 1XConfig.EXE

Comments : Wrapper for MH. (Service COM)

 

#:22 [spoolsv.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 780

ThreadCreationTime : 6-23-2007 5:02:11 AM

BasePriority : Normal

FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)

ProductVersion : 5.1.2600.2696

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Spooler SubSystem App

InternalName : spoolsv.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : spoolsv.exe

 

#:23 [aolacsd.exe]

FilePath : C:\PROGRA~1\COMMON~1\AOL\ACS\

ProcessID : 896

ThreadCreationTime : 6-23-2007 5:02:22 AM

BasePriority : Normal

 

 

#:24 [psyjkmdd.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 628

ThreadCreationTime : 6-23-2007 5:02:26 AM

BasePriority : Normal

 

 

#:25 [mdm.exe]

FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\

ProcessID : 1924

ThreadCreationTime : 6-23-2007 5:02:29 AM

BasePriority : Normal

FileVersion : 7.00.9466

ProductVersion : 7.00.9466

ProductName : Microsoft® Visual Studio .NET

CompanyName : Microsoft Corporation

FileDescription : Machine Debug Manager

InternalName : mdm.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : mdm.exe

 

#:26 [navapsvc.exe]

FilePath : C:\Program Files\Norton Internet Security\Norton AntiVirus\

ProcessID : 1836

ThreadCreationTime : 6-23-2007 5:02:33 AM

BasePriority : Normal

FileVersion : 11.5.0.44

ProductVersion : 11.5.0

ProductName : Norton AntiVirus

CompanyName : Symantec Corporation

FileDescription : Norton AntiVirus Auto-Protect Service

InternalName : NAVAPSVC

LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2005 Symantec Corporation. All rights reserved.

OriginalFilename : NAVAPSVC.EXE

 

#:27 [jusched.exe]

FilePath : C:\Program Files\Java\j2re1.4.2_03\bin\

ProcessID : 492

ThreadCreationTime : 6-23-2007 5:02:33 AM

BasePriority : Normal

 

 

#:28 [syntplpr.exe]

FilePath : C:\Program Files\Synaptics\SynTP\

ProcessID : 488

ThreadCreationTime : 6-23-2007 5:02:36 AM

BasePriority : Normal

FileVersion : 7.10.11 13May04

ProductVersion : 7.10.11 13May04

ProductName : Progressive Touch

CompanyName : Synaptics, Inc.

FileDescription : TouchPad Driver Helper Application

InternalName : SynTPLpr

LegalCopyright : Copyright © Synaptics, Inc. 1996-2004

OriginalFilename : SynTPLpr.exe

 

#:29 [hpzipm12.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 764

ThreadCreationTime : 6-23-2007 5:02:36 AM

BasePriority : Normal

FileVersion : 10, 1, 1, 2

ProductVersion : 10, 1, 1, 2

ProductName : HP PML

CompanyName : HP

FileDescription : PML Driver

InternalName : PmlDrv

LegalCopyright : Copyright © 1998, 1999 Hewlett-Packard Company

OriginalFilename : PmlDrv.exe

 

#:30 [syntpenh.exe]

FilePath : C:\Program Files\Synaptics\SynTP\

ProcessID : 380

ThreadCreationTime : 6-23-2007 5:02:36 AM

BasePriority : Normal

FileVersion : 7.10.11 13May04

ProductVersion : 7.10.11 13May04

ProductName : Progressive Touch

CompanyName : Synaptics, Inc.

FileDescription : Synaptics TouchPad Enhancements

InternalName : Scrolleroo

LegalCopyright : Copyright © Synaptics, Inc. 1996-2004

OriginalFilename : SynTPEnh.exe

 

#:31 [ifrmewrk.exe]

FilePath : C:\Program Files\Intel\Wireless\Bin\

ProcessID : 880

ThreadCreationTime : 6-23-2007 5:02:37 AM

BasePriority : Normal

FileVersion : 9, 0, 1, 19

ProductVersion : 9, 0, 0, 0

ProductName : Intel PROSet/Wireless

CompanyName : Intel Corporation

FileDescription : Intel Framework MFC Application

InternalName : Framework

LegalCopyright : Copyright © Intel Corporation 1999-2004

OriginalFilename : iFramewrk.exe

 

#:32 [regsrvc.exe]

FilePath : C:\Program Files\Intel\Wireless\Bin\

ProcessID : 1524

ThreadCreationTime : 6-23-2007 5:02:38 AM

BasePriority : Normal

FileVersion : 9, 0, 1, 10

ProductVersion : 9, 0, 0, 0

ProductName : RegSrvc Module

CompanyName : Intel Corporation

FileDescription : RegSrvc Module

InternalName : RegSrvc

LegalCopyright : Copyright © Intel Corporation 1999-2004

OriginalFilename : RegSrvc.EXE

Comments : Registry Interface for Intel Wireless Products

 

#:33 [dvdlauncher.exe]

FilePath : C:\Program Files\CyberLink\PowerDVD\

ProcessID : 1556

ThreadCreationTime : 6-23-2007 5:02:39 AM

BasePriority : Normal

FileVersion : 3.00.0000

ProductVersion : 3.00.0000

ProductName : Cyberlink PowerCinema 3.0

CompanyName : CyberLink Corp.

FileDescription : CyberLink PowerCinema Resident Program

InternalName : CyberLink PowerCinema Resident Program

LegalCopyright : Copyright © 2003 CyberLink Corp.

OriginalFilename : DVDLauncher.EXE

 

#:34 [mm_tray.exe]

FilePath : C:\Program Files\Musicmatch\Musicmatch Jukebox\

ProcessID : 1716

ThreadCreationTime : 6-23-2007 5:02:40 AM

BasePriority : Normal

FileVersion : 9.00.2053

ProductVersion : 9.00.2053

ProductName : Musicmatch Jukebox

CompanyName : Musicmatch, Inc.

FileDescription : mm_tray

InternalName : mm_tray

LegalCopyright : Copyright © Musicmatch 1998-2004

LegalTrademarks :

OriginalFilename : mm_tray.exe

 

#:35 [mmtask.exe]

FilePath : C:\Program Files\Musicmatch\Musicmatch Jukebox\

ProcessID : 1164

ThreadCreationTime : 6-23-2007 5:02:41 AM

BasePriority : Normal

FileVersion : 9.0.0.1

ProductVersion : 9.0.0.1

ProductName : Musicmatch Jukebox

CompanyName : Musicmatch Inc.

FileDescription : <Musicmatch System Tray Application>

InternalName : mmtask.exe

LegalCopyright : © Musicmatch Inc.. All rights reserved.

OriginalFilename : mmtask.exe

 

#:36 [svchost.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1956

ThreadCreationTime : 6-23-2007 5:02:41 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:37 [realplay.exe]

FilePath : C:\Program Files\Real\RealPlayer\

ProcessID : 2084

ThreadCreationTime : 6-23-2007 5:02:43 AM

BasePriority : Normal

FileVersion : 6.0.9.584

ProductVersion : 6.0.9.584

ProductName : RealPlayer (32-bit)

CompanyName : RealNetworks, Inc.

FileDescription : RealPlayer

InternalName : REALPLAY

LegalCopyright : Copyright © RealNetworks, Inc. 1995-2000

LegalTrademarks : RealAudio is a trademark of RealNetworks, Inc.

OriginalFilename : REALPLAY.EXE

 

#:38 [tfswctrl.exe]

FilePath : C:\WINDOWS\system32\dla\

ProcessID : 2172

ThreadCreationTime : 6-23-2007 5:02:46 AM

BasePriority : Normal

FileVersion : 1.04.08a

CompanyName : Sonic Solutions

FileDescription : Drive Letter Access Component

LegalCopyright : Copyright © 2004 Sonic Solutions

 

#:39 [wdfmgr.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 2192

ThreadCreationTime : 6-23-2007 5:02:47 AM

BasePriority : Normal

FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)

ProductVersion : 5.2.3790.1230

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Windows User Mode Driver Manager

InternalName : WdfMgr

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : WdfMgr.exe

 

#:40 [dmxlauncher.exe]

FilePath : C:\Program Files\Dell\Media Experience\

ProcessID : 2228

ThreadCreationTime : 6-23-2007 5:02:48 AM

BasePriority : Normal

 

 

#:41 [wanmpsvc.exe]

FilePath : C:\WINDOWS\

ProcessID : 2264

ThreadCreationTime : 6-23-2007 5:02:50 AM

BasePriority : Normal

FileVersion : 9, 0, 0, 0

ProductVersion : 9, 0, 0, 0

ProductName : America Online

CompanyName : America Online, Inc.

FileDescription : Wan Miniport (ATW) Service

InternalName : WanMPSvc

LegalCopyright : Copyright © 2001 America Online, Inc.

OriginalFilename : WanMPSvc.exe

 

#:42 [ccapp.exe]

FilePath : C:\Program Files\Common Files\Symantec Shared\

ProcessID : 2300

ThreadCreationTime : 6-23-2007 5:02:51 AM

BasePriority : Normal

FileVersion : 103.5.0.90

ProductVersion : 103.5.0.90

ProductName : Client and Host Security Platform

CompanyName : Symantec Corporation

FileDescription : Symantec User Session

InternalName : ccApp

LegalCopyright : Copyright © 2000-2005 Symantec Corporation. All rights reserved.

OriginalFilename : ccApp.exe

 

#:43 [fxssvc.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 2348

ThreadCreationTime : 6-23-2007 5:02:52 AM

BasePriority : Normal

FileVersion : 5.2.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.2.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Fax Service

InternalName : FXSSVC.EXE

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : FXSSVC.EXE

 

#:44 [symwsc.exe]

FilePath : C:\Program Files\Common Files\Symantec Shared\Security Center\

ProcessID : 2456

ThreadCreationTime : 6-23-2007 5:02:55 AM

BasePriority : Normal

FileVersion : 2005.1.00.111

ProductVersion : 2005.1

ProductName : Norton Security Center

CompanyName : Symantec Corporation

FileDescription : Norton Security Center Service

InternalName : SymWSC.exe

LegalCopyright : Copyright © 1997-2004 Symantec Corporation

OriginalFilename : SymWSC.exe

 

#:45 [mwsoemon.exe]

FilePath : C:\PROGRA~1\MYWEBS~1\bar\1.bin\

ProcessID : 2480

ThreadCreationTime : 6-23-2007 5:02:55 AM

BasePriority : Normal

FileVersion : 1,2,2,4

ProductVersion : 2,0,1,0

ProductName : My Web Search Bar for Internet Explorer, email clients, and messenger clients

CompanyName : MyWebSearch.com

FileDescription : My Web Search Plugin Loader

InternalName : mwsoemon

LegalCopyright : Copyright © 2003-2006 MyWebSearch.com

OriginalFilename : mwsoemon.exe

 

#:46 [hkcmd.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 2752

ThreadCreationTime : 6-23-2007 5:03:02 AM

BasePriority : Normal

FileVersion : 3.0.0.4396

ProductVersion : 7.0.0.4396

ProductName : Intel® Common User Interface

CompanyName : Intel Corporation

FileDescription : hkcmd Module

InternalName : HKCMD

LegalCopyright : Copyright 1999-2004, Intel Corporation

OriginalFilename : HKCMD.EXE

 

#:47 [igfxpers.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 2840

ThreadCreationTime : 6-23-2007 5:03:08 AM

BasePriority : Normal

FileVersion : 3.0.0.4396

ProductVersion : 7.0.0.4396

ProductName : Intel® Common User Interface

CompanyName : Intel Corporation

FileDescription : persistence Module

InternalName : PERSISTENCE

LegalCopyright : Copyright 1999-2004, Intel Corporation

OriginalFilename : IGFXPERS.EXE

 

#:48 [igfxsrvc.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 2888

ThreadCreationTime : 6-23-2007 5:03:09 AM

BasePriority : Normal

FileVersion : 3.0.0.4396

ProductVersion : 7.0.0.4396

ProductName : Intel® Common User Interface

CompanyName : Intel Corporation

FileDescription : igfxsrvc Module

InternalName : IGFXSRVC

LegalCopyright : Copyright 1999-2004, Intel Corporation

OriginalFilename : IGFXSRVC.EXE

 

#:49 [aolsoftware.exe]

FilePath : C:\Program Files\Common Files\AOL\1151761591\ee\

ProcessID : 2904

ThreadCreationTime : 6-23-2007 5:03:10 AM

BasePriority : Normal

FileVersion : 1.5.6.1

ProductVersion : 1.5.6.1

ProductName : AOL Service Libraries

CompanyName : America Online, Inc.

FileDescription : AOL

InternalName : AOLSoftware

LegalCopyright : © 2006 America Online, Inc.

OriginalFilename : AOLSoftware.exe

 

#:50 [retadpu1000106.exe]

FilePath : C:\WINDOWS\

ProcessID : 3296

ThreadCreationTime : 6-23-2007 5:03:12 AM

BasePriority : Normal

FileVersion : 1, 0, 0, 6

ProductVersion : 1, 0, 0, 6

FileDescription : updater

InternalName : retadpu

LegalCopyright : Copyright © 2007

OriginalFilename : retadpu.exe

 

#:51 [was7mon.exe]

FilePath : C:\Program Files\Common Files\WinAntiSpyware 2007\

ProcessID : 3388

ThreadCreationTime : 6-23-2007 5:03:15 AM

BasePriority : Normal

 

 

#:52 [dsagnt.exe]

FilePath : C:\Program Files\DellSupport\

ProcessID : 4036

ThreadCreationTime : 6-23-2007 5:03:19 AM

BasePriority : ?

FileVersion : 3, 0, 0, 197

ProductVersion : 3, 0, 0, 197

ProductName : Dell Support

CompanyName : Gteko Ltd.

FileDescription : Dell Support

InternalName : AUAgent

LegalCopyright : Copyright © 2000 - 2007 Gteko Ltd.

OriginalFilename : AUAgent.exe

 

#:53 [msmsgs.exe]

FilePath : C:\Program Files\Messenger\

ProcessID : 1420

ThreadCreationTime : 6-23-2007 5:03:21 AM

BasePriority : Normal

FileVersion : 4.7.3001

ProductVersion : Version 4.7.3001

ProductName : Messenger

CompanyName : Microsoft Corporation

FileDescription : Windows Messenger

InternalName : msmsgs

LegalCopyright : Copyright © Microsoft Corporation 2004

LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.

OriginalFilename : msmsgs.exe

 

#:54 [msnmsgr.exe]

FilePath : C:\Program Files\MSN Messenger\

ProcessID : 2648

ThreadCreationTime : 6-23-2007 5:03:28 AM

BasePriority : Normal

FileVersion : 7.5.0324

ProductVersion : 7.5.0324

ProductName : MSN Messenger

CompanyName : Microsoft Corporation

FileDescription : MSN Messenger

InternalName : msnmsgr

LegalCopyright : Copyright © Microsoft Corporation 1997-2004

LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.

OriginalFilename : msnmsgr.exe

Warning! iWon Object found in memory(C:\Program Files\MSN Messenger\RICHED20.dll)

 

iWon Object Recognized!

Type : Process

Data : RICHED20.dll

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Object : C:\Program Files\MSN Messenger\

FileVersion : 1, 0, 0, 9

ProductVersion : 2, 0, 0, 0

ProductName : Smiley Central

CompanyName : Fun Web Products, Inc.

FileDescription : Smiley Central MSN Rich Edit DLL

InternalName : f3REStub

LegalCopyright : Copyright © 2003,2004

OriginalFilename : f3REStub.dll

 

 

#:55 [ctfmon.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 3168

ThreadCreationTime : 6-23-2007 5:03:33 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : CTF Loader

InternalName : CTFMON

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : CTFMON.EXE

 

#:56 [calmain.exe]

FilePath : C:\Program Files\Canon\CAL\

ProcessID : 3116

ThreadCreationTime : 6-23-2007 5:03:49 AM

BasePriority : Normal

FileVersion : 8, 1, 0, 14

ProductVersion : 8, 1, 0, 14

CompanyName : Canon Inc.

FileDescription : Canon Camera Access Library 8

LegalCopyright : Copyright © Canon Inc.

OriginalFilename : CALMAIN.exe

 

#:57 [dlg.exe]

FilePath : C:\Program Files\Digital Line Detect\

ProcessID : 3916

ThreadCreationTime : 6-23-2007 5:03:59 AM

BasePriority : Normal

FileVersion : 1, 0, 0, 1

ProductVersion : 1, 0, 0, 1

ProductName : BVRP Software TestLine

CompanyName : BVRP Software

FileDescription : Digital Line Detection

InternalName : TestLine

LegalCopyright : Copyright © 2003

OriginalFilename : TestLine.exe

 

#:58 [qbdagent.exe]

FilePath : C:\Program Files\Intuit\QuickBooks Pro\Components\QBAgent\

ProcessID : 2740

ThreadCreationTime : 6-23-2007 5:04:03 AM

BasePriority : Normal

FileVersion : 8, 1, 0, 0

ProductVersion : 8, 1, 0, 0

ProductName : QuickBooks

FileDescription : QBDAgent Module

InternalName : QBDAgent

LegalCopyright : Copyright © 1999 by Intuit

LegalTrademarks : QuickBooks® and Quicken® are registered trademarks of Intuit Inc.

OriginalFilename : QBDAgent.EXE

 

#:59 [mrtmngr.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 2188

ThreadCreationTime : 6-23-2007 5:04:16 AM

BasePriority : Normal

FileVersion : 2.01

ProductVersion : 1.00

ProductName : Rate Sensing Manager

CompanyName : Marimba Inc.

FileDescription : Rate Sensing Manager

InternalName : mrtMngr.exe

LegalCopyright : Copyright © 1999, Marimba, Inc.

OriginalFilename : mrtMngr.exe

 

#:60 [alg.exe]

FilePath : C:\WINDOWS\System32\

ProcessID : 3828

ThreadCreationTime : 6-23-2007 5:05:12 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Application Layer Gateway Service

InternalName : ALG.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : ALG.exe

 

#:61 [iexplore.exe]

FilePath : C:\Program Files\Internet Explorer\

ProcessID : 3044

ThreadCreationTime : 6-23-2007 5:08:22 AM

BasePriority : Normal

FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 6.00.2900.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Internet Explorer

InternalName : iexplore

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : IEXPLORE.EXE

 

#:62 [rundll32.exe]

FilePath : C:\WINDOWS\system32\

ProcessID : 1480

ThreadCreationTime : 6-23-2007 5:10:06 AM

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Run a DLL as an App

InternalName : rundll

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : RUNDLL.EXE

 

#:63 [ad-aware.exe]

FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\

ProcessID : 3448

ThreadCreationTime : 6-23-2007 5:14:21 AM

BasePriority : Normal

FileVersion : 6.2.0.206

ProductVersion : VI.Second Edition

ProductName : Lavasoft Ad-Aware SE

CompanyName : Lavasoft Sweden

FileDescription : Ad-Aware SE Core application

InternalName : Ad-Aware.exe

LegalCopyright : Copyright © Lavasoft Sweden

OriginalFilename : Ad-Aware.exe

Comments : All Rights Reserved

 

Memory scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 28

 

 

Started registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{07b18ea1-a523-4961-b6bb-170de4475cca}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{07b18ea1-a523-4961-b6bb-170de4475cca}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{07b18ea9-a523-4961-b6bb-170de4475cca}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{07b18ea9-a523-4961-b6bb-170de4475cca}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{07b18eab-a523-4961-b6bb-170de4475cca}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{07b18eab-a523-4961-b6bb-170de4475cca}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : mywebsearch.outlookaddin

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : mywebsearch.outlookaddin

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : mywebsearch.outlookaddin.1

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : mywebsearch.outlookaddin.1

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : mywebsearchtoolbar.settingsplugin

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : mywebsearchtoolbar.settingsplugin

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : mywebsearchtoolbar.settingsplugin.1

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : mywebsearchtoolbar.settingsplugin.1

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : typelib\{07b18ea0-a523-4961-b6bb-170de4475cca}

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : typelib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9}

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{00a6faf1-072e-44cf-8957-5838f569a31d}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{00a6faf1-072e-44cf-8957-5838f569a31d}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{07b18ea3-a523-4961-b6bb-170de4475cca}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{07b18ea3-a523-4961-b6bb-170de4475cca}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{07b18eac-a523-4961-b6bb-170de4475cca}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{07b18eac-a523-4961-b6bb-170de4475cca}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : funwebproducts.popswatterbarbutton

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : funwebproducts.popswatterbarbutton

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : funwebproducts.popswattersettingscontrol.1

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : funwebproducts.popswattersettingscontrol.1

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : funwebproducts.popswattersettingscontrol

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : funwebproducts.popswattersettingscontrol

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{98d9753d-d73b-42d5-8c85-4469cda897ab}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{98d9753d-d73b-42d5-8c85-4469cda897ab}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : funwebproducts.htmlmenu.2

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : funwebproducts.htmlmenu.2

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : typelib\{8e6f1830-9607-4440-8530-13be7c4b1d14}

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{a9571378-68a1-443d-b082-284f960c6d17}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{a9571378-68a1-443d-b082-284f960c6d17}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : typelib\{f42228fb-e84e-479e-b922-fbbd096e792c}

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : typelib\{e47caee0-deea-464a-9326-3f2801535a4d}

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{8e6f1832-9607-4440-8530-13be7c4b1d14}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{8e6f1832-9607-4440-8530-13be7c4b1d14}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : funwebproducts.htmlmenu

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : funwebproducts.htmlmenu

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{9afb8248-617f-460d-9366-d71cdeda3179}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{9afb8248-617f-460d-9366-d71cdeda3179}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : funwebproducts.htmlmenu.1

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : funwebproducts.htmlmenu.1

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : funwebproducts.popswatterbarbutton.1

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : funwebproducts.popswatterbarbutton.1

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{07b18eaa-a523-4961-b6bb-170de4475cca}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{07b18eaa-a523-4961-b6bb-170de4475cca}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{adb01e81-3c79-4272-a0f1-7b2be7a782dc}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{adb01e81-3c79-4272-a0f1-7b2be7a782dc}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{938aa51a-996c-4884-98ce-80dd16a5c9da}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{938aa51a-996c-4884-98ce-80dd16a5c9da}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{9ff05104-b030-46fc-94b8-81276e4e27df}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{9ff05104-b030-46fc-94b8-81276e4e27df}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_CLASSES_ROOT

Object : screensavercontrol.screensaverinstaller

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_CLASSES_ROOT

Object : screensavercontrol.screensaverinstaller

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_CLASSES_ROOT

Object : screensavercontrol.screensaverinstaller.1

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_CLASSES_ROOT

Object : screensavercontrol.screensaverinstaller.1

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_CLASSES_ROOT

Object : typelib\{29d67d3c-509a-4544-903f-c8c1b8236554}

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}

Value :

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{07b18ea1-a523-4961-b6bb-170de4475cca}

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{00a6faf1-072e-44cf-8957-5838f569a31d}

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{00a6faf1-072e-44cf-8957-5838f569a31d}

Value : NoExplorer

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_USERS

Object : S-1-5-21-492533919-3165138465-3089621515-1007\software\mywebsearch

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\mywebsearch

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\focusinteractive

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\office\word\addins\mywebsearch.outlookaddin

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\office\word\addins\mywebsearch.outlookaddin

Value : Description

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\office\word\addins\mywebsearch.outlookaddin

Value : FriendlyName

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\office\word\addins\mywebsearch.outlookaddin

Value : LoadBehavior

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\office\outlook\addins\mywebsearch.outlookaddin

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\office\outlook\addins\mywebsearch.outlookaddin

Value : Description

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\office\outlook\addins\mywebsearch.outlookaddin

Value : FriendlyName

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\office\outlook\addins\mywebsearch.outlookaddin

Value : LoadBehavior

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\fun web products

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\fun web products

Value : JpegConversionLib

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\fun web products

Value : CacheDir

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall

Value : DisplayName

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall

Value : HelpLink

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall

Value : Publisher

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall

Value : UninstallString

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall

Value : UrlInfoAbout

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_USERS

Object : S-1-5-21-492533919-3165138465-3089621515-1007\software\microsoft\windows\currentversion\run

Value : MyWebSearch Email Plugin

 

iWon Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Rootkey : HKEY_LOCAL_MACHINE

Object : software\microsoft\windows\currentversion\run

Value : MyWebSearch Email Plugin

 

Registry Scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 111

Objects found so far: 139

 

 

Started deep registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Deep registry scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 139

 

 

Started Tracking Cookie scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : almira [email protected][2].txt

Category : Data Miner

Comment : Hits:2

Value : Cookie:almira [email protected]/

Expires : 6-20-2017 12:52:28 AM

LastSync : Hits:2

UseCount : 0

Hits : 2

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : almira [email protected][1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:almira [email protected]/

Expires : 6-23-2007 2:14:14 AM

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking cookie scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 2

Objects found so far: 141

 

 

 

Deep scanning and examining files (C:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : almira [email protected][1].txt

Category : Data Miner

Comment :

Value : C:\Documents and Settings\almira kasemi\Cookies\almira [email protected][1].txt

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : almira [email protected][2].txt

Category : Data Miner

Comment :

Value : C:\Documents and Settings\almira kasemi\Cookies\almira [email protected][2].txt

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : almira [email protected][2].txt

Category : Data Miner

Comment :

Value : C:\Documents and Settings\almira kasemi\Local Settings\Temp\Cookies\almira [email protected][2].txt

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : almira [email protected][2].txt

Category : Data Miner

Comment :

Value : C:\Documents and Settings\almira kasemi\Local Settings\Temp\Cookies\almira [email protected][2].txt

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : almira [email protected][1].txt

Category : Data Miner

Comment :

Value : C:\Documents and Settings\almira kasemi\Local Settings\Temp\Cookies\almira [email protected][1].txt

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : almira [email protected][1].txt

Category : Data Miner

Comment :

Value : C:\Documents and Settings\almira kasemi\Local Settings\Temp\Cookies\almira [email protected][1].txt

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : almira [email protected][1].txt

Category : Data Miner

Comment :

Value : C:\Documents and Settings\almira kasemi\Local Settings\Temp\Cookies\almira [email protected][1].txt

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : almira [email protected][1].txt

Category : Data Miner

Comment :

Value : C:\Documents and Settings\almira kasemi\Local Settings\Temp\Cookies\almira [email protected][1].txt

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : almira [email protected][2].txt

Category : Data Miner

Comment :

Value : C:\Documents and Settings\almira kasemi\Local Settings\Temp\Cookies\almira [email protected][2].txt

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : almira [email protected][1].txt

Category : Data Miner

Comment :

Value : C:\Documents and Settings\almira kasemi\Local Settings\Temp\Cookies\almira [email protected][1].txt

 

iWon Object Recognized!

Type : File

Data : riched20.dll

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Object : C:\Program Files\MSN Messenger\

FileVersion : 1, 0, 0, 9

ProductVersion : 2, 0, 0, 0

ProductName : Smiley Central

CompanyName : Fun Web Products, Inc.

FileDescription : Smiley Central MSN Rich Edit DLL

InternalName : f3REStub

LegalCopyright : Copyright © 2003,2004

OriginalFilename : f3REStub.dll

 

 

iWon Object Recognized!

Type : File

Data : F3PSSAVR.SCR

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Object : C:\Program Files\MyWebSearch\bar\1.bin\

FileVersion : 1, 0, 2, 0

ProductVersion : 1, 0, 2, 0

ProductName : Popular Screensavers

CompanyName : FunWebProducts.com

FileDescription : Popular Screensavers

InternalName : f3PSSavr

LegalCopyright : Copyright © 2004

OriginalFilename : f3PSSavr.scr

 

 

iWon Object Recognized!

Type : File

Data : F3RESTUB.DLL

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.0.0

Object : C:\Program Files\MyWebSearch\bar\1.bin\

FileVersion : 1, 0, 0, 9

ProductVersion : 2, 0, 0, 0

ProductName : Smiley Central

CompanyName : Fun Web Products, Inc.

FileDescription : Smiley Central MSN Rich Edit DLL

InternalName : f3REStub

LegalCopyright : Copyright © 2003,2004

OriginalFilename : f3REStub.dll

 

 

iWon Object Recognized!

Type : File

Data : F3WPHOOK.DLL

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Object : C:\Program Files\MyWebSearch\bar\1.bin\

 

 

 

iWon Object Recognized!

Type : File

Data : f3PSSavr.scr

Category : Data Miner

Comment : SmileyCentralPFSetup2.0.2.1

Object : C:\WINDOWS\system32\

FileVersion : 1, 0, 2, 0

ProductVersion : 1, 0, 2, 0

ProductName : Popular Screensavers

CompanyName : FunWebProducts.com

FileDescription : Popular Screensavers

InternalName : f3PSSavr

LegalCopyright : Copyright © 2004

OriginalFilename : f3PSSavr.scr

 

 

Disk Scan Result for C:\

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 156

 

 

Scanning Hosts file......

Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Hosts file scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

1 entries scanned.

New critical objects:0

Objects found so far: 156

 

 

 

 

Performing conditional scans...

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{a4730ebe-43a6-443e-9776-36915d323ad3}

 

iWon Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\funwebproducts

 

iWon Object Recognized!

Type : Folder

Category : Data Miner

Comment :

Object : C:\Program Files\FunWebProducts

 

Conditional scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 3

Objects found so far: 159

 

1:34:51 AM Scan Complete

 

Summary Of This Scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Total scanning time:00:19:14.430

Objects scanned:126044

Objects identified:131

Objects ignored:0

New critical objects:131

Share this post


Link to post
Share on other sites
Sign in to follow this