Jump to content


Photo

please help


  • This topic is locked This topic is locked
3 replies to this topic

#1 kkwessi

kkwessi

    Member

  • New Member
  • Pip
  • 1 posts

Posted 30 May 2007 - 05:31 AM

Logfile of HijackThis v1.99.1
Scan saved at 11:33:25 PM, on 5/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\WINDOWS\system32\ipmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ipmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\TWarnMsg.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\K\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.overture....mp;Promo=befree
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [PmProxy] C:\Program Files\Analog Devices\SoundMAX\PmProxy.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 28
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [eFax 4.2] "C:\Program Files\eFax Messenger 4.2\J2GDllCmd.exe" /R
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [WindowsHive] C:\WINDOWS\system32\rpcc.exe
O4 - HKLM\..\Run: [ipmon] ipmon.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.overture.com/d/search/p/befree/?Promo=befree00088981906563281284&Keywords=Home+Page&Go=Go&Promo=befree
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1102969828466
O16 - DPF: {65E8E2DC-186A-4AAC-9E56-FDC683055A9E} (CNetOnlineInstall Control) - http://www.download....lineInstall.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab
O16 - DPF: {C5E28B9D-0A68-4B50-94E9-E8F6B4697519} (NsvPlayX Control) - http://www.nullsoft....ayx_vp6_aac.cab
O16 - DPF: {C946EF6D-296D-4907-A6E1-ED0E8E5AF024} (LycosMail Upload Control) - http://mail.lycos.co.../AttachMail.cab
O18 - Protocol: g7ps - {9EACF0FB-4FC7-436E-989B-3197142AD979} - C:\Program Files\Common Files\G7PS\Shared Files\G7PSDLL\G7PS.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe



Ad-Aware SE Build 1.06r1
Logfile Created on:Wednesday, May 30, 2007 12:10:41 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R173 29.05.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
ClickSpring(TAC index:6):1 total references
MRU List(TAC index:0):21 total references
PurityScan(TAC index:6):2 total references
Tracking Cookie(TAC index:3):52 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


5-30-2007 12:10:41 AM - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\K\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\K\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : S-1-5-21-583907252-1580436667-839522115-1003\software\adobe\acrobat reader\6.0\avgeneral\crecentfiles
Description : list of recently used files in adobe reader


MRU List Object Recognized!
Location: : S-1-5-21-583907252-1580436667-839522115-1003\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-21-583907252-1580436667-839522115-1003\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-583907252-1580436667-839522115-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-583907252-1580436667-839522115-1003\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-583907252-1580436667-839522115-1003\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-583907252-1580436667-839522115-1003\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-583907252-1580436667-839522115-1003\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-583907252-1580436667-839522115-1003\software\microsoft\office\10.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-583907252-1580436667-839522115-1003\software\microsoft\office\10.0\excel\recent files
Description : list of recent files used by microsoft excel


MRU List Object Recognized!
Location: : S-1-5-21-583907252-1580436667-839522115-1003\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-583907252-1580436667-839522115-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-583907252-1580436667-839522115-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-583907252-1580436667-839522115-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-583907252-1580436667-839522115-1003\software\nico mak computing\winzip\filemenu
Description : winzip recently used archives


MRU List Object Recognized!
Location: : S-1-5-21-583907252-1580436667-839522115-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 440
ThreadCreationTime : 5-30-2007 3:02:38 AM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 496
ThreadCreationTime : 5-30-2007 3:02:40 AM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 528
ThreadCreationTime : 5-30-2007 3:02:43 AM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 576
ThreadCreationTime : 5-30-2007 3:02:43 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 588
ThreadCreationTime : 5-30-2007 3:02:43 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 736
ThreadCreationTime : 5-30-2007 3:02:46 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 792
ThreadCreationTime : 5-30-2007 3:02:46 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 828
ThreadCreationTime : 5-30-2007 3:02:46 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 892
ThreadCreationTime : 5-30-2007 3:02:46 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 948
ThreadCreationTime : 5-30-2007 3:02:47 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1288
ThreadCreationTime : 5-30-2007 3:02:52 AM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1720
ThreadCreationTime : 5-30-2007 3:03:04 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:13 [mmerefresh.exe]
FilePath : C:\Program Files\Digidesign\Drivers\
ProcessID : 1888
ThreadCreationTime : 5-30-2007 3:03:10 AM
BasePriority : Normal
FileVersion : 6.4.0.138
ProductVersion : 6.4
ProductName : Digidesign MME Binder
CompanyName : Digidesign, A Division of Avid Technology, Inc.
FileDescription : Digidesign MME Binder
InternalName : MMERefresh.exe
LegalCopyright : ©1999-2004 Digidesign, A Division of Avid Technology, Inc.
OriginalFilename : MMERefresh.exe

#:14 [apoint.exe]
FilePath : C:\Program Files\Apoint2K\
ProcessID : 1904
ThreadCreationTime : 5-30-2007 3:03:12 AM
BasePriority : Normal
FileVersion : 6.0.1.159
ProductVersion : 6.0.1.159
ProductName : Alps Pointing-device Driver
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver
InternalName : Alps Pointing-device Driver
LegalCopyright : Copyright © 1999-2002 Alps Electric Co., Ltd.
OriginalFilename : Apoint.exe

#:15 [pmproxy.exe]
FilePath : C:\Program Files\Analog Devices\SoundMAX\
ProcessID : 1924
ThreadCreationTime : 5-30-2007 3:03:12 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 18
ProductVersion : 1, 0, 0, 18
ProductName : adi PmProxy
CompanyName : adi
FileDescription : PmProxy
InternalName : PmProxy
LegalCopyright : Copyright © 2002
OriginalFilename : PmProxy.exe

#:16 [ghoststartservice.exe]
FilePath : C:\Program Files\Symantec\Norton Ghost 2003\
ProcessID : 1936
ThreadCreationTime : 5-30-2007 3:03:13 AM
BasePriority : Normal
FileVersion : 2003.775
ProductVersion : 2003.775
ProductName : Norton Ghost Start Service
CompanyName : Symantec Corporation
FileDescription : Norton Ghost Start
InternalName : GhostStartService
LegalCopyright : Copyright © 1998-2002 Symantec Corp. All rights reserved.
OriginalFilename : GhostStartService.exe

#:17 [00thotkey.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1952
ThreadCreationTime : 5-30-2007 3:03:13 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 21
ProductVersion : 6, 0, 2, 0
ProductName : TOSHIBA THotkey
CompanyName : TOSHIBA Corp.
FileDescription : THotkey
InternalName : THotkey
LegalCopyright : Copyright © 1999 -2003
OriginalFilename : THotkey.exe

#:18 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ProcessID : 2004
ThreadCreationTime : 5-30-2007 3:03:13 AM
BasePriority : Normal
FileVersion : 8.00.58
ProductVersion : 8.00.58
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Copyright © 2000-2001 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:19 [tfncky.exe]
FilePath : C:\Program Files\TOSHIBA\TOSHIBA Controls\
ProcessID : 2016
ThreadCreationTime : 5-30-2007 3:03:13 AM
BasePriority : Normal
FileVersion : 2.06.00
ProductVersion : 2.06.00
ProductName : TFncKy
CompanyName : TOSHIBA Corporation
FileDescription : TFncKy
InternalName : TFncKy
LegalCopyright : Copyright 1997-2003 TOSHIBA Corporation. All rights reserved.
OriginalFilename : TFncKy.EXE

#:20 [hpzipm12.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 216
ThreadCreationTime : 5-30-2007 3:03:17 AM
BasePriority : Normal
FileVersion : 9, 0, 0, 0
ProductVersion : 9, 0, 0, 0
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-Packard Company
OriginalFilename : PmlDrv.exe

#:21 [navapw32.exe]
FilePath : C:\PROGRA~1\NORTON~1\
ProcessID : 236
ThreadCreationTime : 5-30-2007 3:03:17 AM
BasePriority : Normal
FileVersion : 8.00.58
ProductVersion : 8.00.58
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Agent
InternalName : NAVAPW32
LegalCopyright : Copyright © 2000-2001 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPW32.EXE

#:22 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.5.0_08\bin\
ProcessID : 252
ThreadCreationTime : 5-30-2007 3:03:19 AM
BasePriority : Normal


#:23 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 352
ThreadCreationTime : 5-30-2007 3:03:20 AM
BasePriority : Normal
FileVersion : 7.1.3
ProductVersion : QuickTime 7.1.3
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
FileDescription : QuickTime Task
InternalName : QuickTime Task
LegalCopyright : Copyright Apple Computer, Inc. 1989-2006
OriginalFilename : QTTask.exe

#:24 [ituneshelper.exe]
FilePath : C:\Program Files\iTunes\
ProcessID : 364
ThreadCreationTime : 5-30-2007 3:03:20 AM
BasePriority : Normal
FileVersion : 7.0.2.16
ProductVersion : 7.0.2.16
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe

#:25 [apntex.exe]
FilePath : C:\Program Files\Apoint2K\
ProcessID : 400
ThreadCreationTime : 5-30-2007 3:03:20 AM
BasePriority : Normal
FileVersion : 5.0.1.13
ProductVersion : 5.0.1.13
ProductName : Alps Pointing-device Driver for Windows NT/2000
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver for Windows NT/2000
InternalName : Alps Pointing-device Driver for Windows NT/2000
LegalCopyright : Copyright © 1998-2001 Alps Electric Co., Ltd.
OriginalFilename : ApntEx.exe

#:26 [hpwuschd2.exe]
FilePath : C:\Program Files\HP\HP Software Update\
ProcessID : 408
ThreadCreationTime : 5-30-2007 3:03:21 AM
BasePriority : Normal
FileVersion : 53.0.13.000
ProductVersion : 053.000.013.000
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : Hewlett-Packard Product Assistant
InternalName : hpwuSchd2
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2004
OriginalFilename : hpwuSchd2.exe
Comments : Hewlett-Packard Product Assistant

#:27 [j2gdllcmd.exe]
FilePath : C:\Program Files\eFax Messenger 4.2\
ProcessID : 424
ThreadCreationTime : 5-30-2007 3:03:21 AM
BasePriority : Normal
FileVersion : 4.2.338.0
ProductVersion : 4.2.338.0
ProductName : eFax Messenger ™
CompanyName : j2 Global Communications, Inc.
FileDescription : eFax Messenger - DLL Command Utility
InternalName : DllCmd32
LegalCopyright : Copyright © 2006 j2 Global Communications, Inc.
LegalTrademarks : eFax®
eFax.com ™
eFax Messenger ™
eFax Messenger Plus ™
JetSuite®
PaperMaster Pro ™
OriginalFilename : DllCmd32.exe

#:28 [orderreminder.exe]
FilePath : C:\Program Files\Hewlett-Packard\OrderReminder\
ProcessID : 432
ThreadCreationTime : 5-30-2007 3:03:21 AM
BasePriority : Normal


#:29 [ipmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 492
ThreadCreationTime : 5-30-2007 3:03:22 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : IP Monitor
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ipmon.exe

#:30 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 768
ThreadCreationTime : 5-30-2007 3:03:23 AM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:31 [ipmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1004
ThreadCreationTime : 5-30-2007 3:03:24 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : IP Monitor
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ipmon.exe

#:32 [googletoolbarnotifier.exe]
FilePath : C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\
ProcessID : 836
ThreadCreationTime : 5-30-2007 3:03:26 AM
BasePriority : Normal
FileVersion : 1, 2, 1128, 5462
ProductVersion : 1, 2, 1128, 5462
ProductName : GoogleToolbarNotifier
CompanyName : Google Inc.
FileDescription : GoogleToolbarNotifier
LegalCopyright : Copyright © 2005-2006
OriginalFilename : GoogleToolbarNotifier.exe

#:33 [smagent.exe]
FilePath : C:\Program Files\Analog Devices\SoundMAX\
ProcessID : 1120
ThreadCreationTime : 5-30-2007 3:03:26 AM
BasePriority : Normal
FileVersion : 3, 2, 6, 0
ProductVersion : 3, 2, 6, 0
ProductName : SoundMAX service agent
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX service agent component
InternalName : SMAgent
LegalCopyright : Copyright © 2002
OriginalFilename : SMAgent.exe

#:34 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1192
ThreadCreationTime : 5-30-2007 3:03:27 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:35 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1436
ThreadCreationTime : 5-30-2007 3:03:29 AM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:36 [hpqtra08.exe]
FilePath : C:\Program Files\HP\Digital Imaging\bin\
ProcessID : 1472
ThreadCreationTime : 5-30-2007 3:03:31 AM
BasePriority : Normal
FileVersion : 53.0.13.000
ProductVersion : 053.000.013.000
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP Digital Imaging Monitor
InternalName : HPQTRA00
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2004
OriginalFilename : HPQTRA00.EXE
Comments : HP Digital Imaging Monitor

#:37 [ipodservice.exe]
FilePath : C:\Program Files\iPod\bin\
ProcessID : 2164
ThreadCreationTime : 5-30-2007 3:03:41 AM
BasePriority : Normal
FileVersion : 7.0.2.16
ProductVersion : 7.0.2.16
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:38 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2396
ThreadCreationTime : 5-30-2007 3:03:45 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:39 [hprblog.exe]
FilePath : C:\Program Files\HP\Digital Imaging\Product Assistant\bin\
ProcessID : 2404
ThreadCreationTime : 5-30-2007 3:03:45 AM
BasePriority : Normal
FileVersion : 53.0.13.000
ProductVersion : 053.000.013.000
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : Hewlett-Packard Product Assistant
InternalName : HPRBLOG
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2004
OriginalFilename : HPRBLOG.EXE
Comments : Hewlett-Packard Product Assistant

#:40 [wgatray.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2752
ThreadCreationTime : 5-30-2007 3:04:05 AM
BasePriority : Normal
FileVersion : 1.5.0540.0
ProductVersion : 1.5.0540.0
ProductName : Windows Genuine Advantage
CompanyName : Microsoft Corporation
FileDescription : Windows Genuine Advantage Notification
InternalName : WgaNotify
LegalCopyright : © 1995-2006 Microsoft Corporation
OriginalFilename : WgaTray.exe

#:41 [twarnmsg.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3256
ThreadCreationTime : 5-30-2007 3:05:07 AM
BasePriority : Normal
FileVersion : 1.12.00
ProductVersion : 1.12.00
ProductName : TWarnMsg
CompanyName : TOSHIBA Corp.
FileDescription : TWarnMsg
InternalName : TWarnmsg
LegalCopyright : Copyright 2000 TOSHIBA Corporation. All rights reserved.
OriginalFilename : TWarnMsg.EXE

#:42 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3496
ThreadCreationTime : 5-30-2007 3:06:33 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE

#:43 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 3668
ThreadCreationTime : 5-30-2007 3:13:15 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:44 [hijackthis.exe]
FilePath : C:\Documents and Settings\K\Desktop\
ProcessID : 3836
ThreadCreationTime : 5-30-2007 3:31:39 AM
BasePriority : Normal
FileVersion : 1.99.0001
ProductVersion : 1.99.0001
ProductName : HijackThis
CompanyName : Soeperman Enterprises Ltd.
FileDescription : HijackThis
InternalName : HijackThis
LegalCopyright : Freeware
OriginalFilename : HijackThis.exe
Comments : Version history is in Help section

#:45 [notepad.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3872
ThreadCreationTime : 5-30-2007 3:33:26 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Notepad
InternalName : Notepad
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : NOTEPAD.EXE

#:46 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 1768
ThreadCreationTime : 5-30-2007 3:52:30 AM
BasePriority : Normal
FileVersion : 8.0.0812.00
ProductVersion : 8.0.0812
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr.exe
LegalCopyright : Copyright © Microsoft Corporation. All rights reserved.
OriginalFilename : msnmsgr.exe

#:47 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3356
ThreadCreationTime : 5-30-2007 4:02:39 AM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 21


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

ClickSpring Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\clickspring

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 22


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 22


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@fastclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:105
Value : Cookie:k@fastclick.net/
Expires : 5-19-2009 1:26:14 PM
LastSync : Hits:105
UseCount : 0
Hits : 105

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@serving-sys[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:45
Value : Cookie:k@serving-sys.com/
Expires : 12-31-2037 6:00:00 PM
LastSync : Hits:45
UseCount : 0
Hits : 45

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:486
Value : Cookie:k@advertising.com/
Expires : 9-17-2049 12:01:00 AM
LastSync : Hits:486
UseCount : 0
Hits : 486

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@tremor.adbureau[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:k@tremor.adbureau.net/
Expires : 2-29-2012 8:00:00 PM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@adrevolver[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:11
Value : Cookie:k@media.adrevolver.com/adrevolver/
Expires : 12-22-2009 9:53:46 PM
LastSync : Hits:11
UseCount : 0
Hits : 11

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@bs.serving-sys[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:15
Value : Cookie:k@bs.serving-sys.com/
Expires : 12-31-2037 6:00:00 PM
LastSync : Hits:15
UseCount : 0
Hits : 15

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@2o7[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:67
Value : Cookie:k@2o7.net/
Expires : 5-13-2012 11:58:16 PM
LastSync : Hits:67
UseCount : 0
Hits : 67

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@maxim.122.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:k@maxim.122.2o7.net/
Expires : 3-24-2012 8:14:56 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@reduxads.valuead[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:24
Value : Cookie:k@reduxads.valuead.com/
Expires : 12-31-2020 8:00:00 PM
LastSync : Hits:24
UseCount : 0
Hits : 24

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@insightexpressai[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:35
Value : Cookie:k@insightexpressai.com/
Expires : 3-23-2012 5:38:04 PM
LastSync : Hits:35
UseCount : 0
Hits : 35

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@specificclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:k@specificclick.net/
Expires : 3-28-2008 11:14:28 PM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@ads.pointroll[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:20
Value : Cookie:k@ads.pointroll.com/
Expires : 12-31-2009 8:00:00 PM
LastSync : Hits:20
UseCount : 0
Hits : 20

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@counter9.sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:k@counter9.sextracker.com/
Expires : 5-9-2007 6:33:06 AM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@msnportal.112.2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:k@msnportal.112.2o7.net/
Expires : 3-29-2012 4:30:56 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@ehg-groupernetworks.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:39
Value : Cookie:k@ehg-groupernetworks.hitbox.com/
Expires : 5-27-2008 6:08:02 PM
LastSync : Hits:39
UseCount : 0
Hits : 39

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@adrevolver[3].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:k@adrevolver.com/
Expires : 3-29-2008 1:33:54 AM
LastSync : Hits:9
UseCount : 0
Hits : 9

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@www.burstnet[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:k@www.burstnet.com/
Expires : 5-27-2007 1:25:56 PM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@zedo[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:449
Value : Cookie:k@zedo.com/
Expires : 3-20-2017 5:38:02 PM
LastSync : Hits:449
UseCount : 0
Hits : 449

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@statcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:24
Value : Cookie:k@statcounter.com/
Expires : 4-1-2012 7:26:24 PM
LastSync : Hits:24
UseCount : 0
Hits : 24

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@casalemedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5215
Value : Cookie:k@casalemedia.com/
Expires : 5-18-2008 6:08:42 AM
LastSync : Hits:5215
UseCount : 0
Hits : 5215

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:66
Value : Cookie:k@atdmt.com/
Expires : 3-20-2012 8:00:00 PM
LastSync : Hits:66
UseCount : 0
Hits : 66

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@hc2.humanclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:k@hc2.humanclick.com/
Expires : 3-26-2008 10:23:38 AM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@cs.sexcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:k@cs.sexcounter.com/
Expires : 5-12-2024 2:07:28 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@overture[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:12
Value : Cookie:k@overture.com/
Expires : 3-30-2009 2:30:14 PM
LastSync : Hits:12
UseCount : 0
Hits : 12

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@adopt.euroclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:75
Value : Cookie:k@adopt.euroclick.com/
Expires : 4-23-2017 9:14:46 AM
LastSync : Hits:75
UseCount : 0
Hits : 75

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@adinterax[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:18
Value : Cookie:k@adinterax.com/
Expires : 6-2-2037 4:00:00 PM
LastSync : Hits:18
UseCount : 0
Hits : 18

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:59
Value : Cookie:k@realmedia.com/
Expires : 12-31-2020 8:00:00 PM
LastSync : Hits:59
UseCount : 0
Hits : 59

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@roiservice[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:k@roiservice.com/
Expires : 4-28-2027 12:37:58 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@live365[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:k@live365.com/
Expires : 3-25-2012 9:46:02 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@ad.yieldmanager[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2392
Value : Cookie:k@ad.yieldmanager.com/
Expires : 5-27-2009 6:14:14 PM
LastSync : Hits:2392
UseCount : 0
Hits : 2392

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:55
Value : Cookie:k@doubleclick.net/
Expires : 3-28-2010 11:01:50 PM
LastSync : Hits:55
UseCount : 0
Hits : 55

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@247realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:15
Value : Cookie:k@247realmedia.com/
Expires : 12-31-2020 8:00:00 PM
LastSync : Hits:15
UseCount : 0
Hits : 15

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@sextracker[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:24
Value : Cookie:k@sextracker.com/
Expires : 5-9-2007 1:48:06 PM
LastSync : Hits:24
UseCount : 0
Hits : 24

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@tribalfusion[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:116
Value : Cookie:k@tribalfusion.com/
Expires : 5-28-2008 11:28:04 PM
LastSync : Hits:116
UseCount : 0
Hits : 116

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@apmebf[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:k@apmebf.com/
Expires : 5-8-2012 10:00:26 AM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@statse.webtrendslive[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:k@statse.webtrendslive.com/
Expires : 3-24-2017 10:23:38 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : k@com[1].txt
TAC Rating : 3
Category : Data Miner
Comment

#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,523 posts

Posted 01 June 2007 - 06:30 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]
This is an automated message. It does not count as help.

#3 Chancellor

Chancellor

    Forum Deity

  • Emeritus
  • PipPipPipPipPip
  • 3,020 posts

Posted 13 June 2007 - 01:57 AM

Hi,

Sorry you’ve had to wait for a few days but all of the helpers here are volunteers and we’ve been really busy recently.

If you still need help, please post a fresh HijackThis log into this thread so I can make sure nothing has changed and I will be happy to review it for you.

:)
Chancellor

Please consider a donation to help Support SWI
Malware Complaints - Report them here and fight back!
Member of ASAP Since 2006 (Alliance of Security Analysis Professionals)
Please read the FAQ and the article "So how did I get infected in the first place?".

#4 Chancellor

Chancellor

    Forum Deity

  • Emeritus
  • PipPipPipPipPip
  • 3,020 posts

Posted 26 June 2007 - 03:47 PM

Due to the lack of feedback, this topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Chancellor

Please consider a donation to help Support SWI
Malware Complaints - Report them here and fight back!
Member of ASAP Since 2006 (Alliance of Security Analysis Professionals)
Please read the FAQ and the article "So how did I get infected in the first place?".




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button