Hotelblues.com » Cats » Computers » Adaware

Wednesday September 10th 2003

Ad-aware Report 12:03 am-Turk
Categories

Adaware

Permalink

(No Ratings Yet)

Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Tuesday, September 09, 2003 11:15:13 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R217 08.09.2003
______________________________________________________

Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry

09-09-03 11:15:13 PM – Scan started. (Smart mode)

Listing running processes
??????????????????????????????????????

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 09-10-03 4:07:38 AM
BasePriority : Normal

#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 09-10-03 4:07:42 AM
BasePriority : High

#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 09-10-03 4:07:42 AM
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft
Created on : 01/01/80 7:00:00 AM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 08/29/02 12:00:00 PM

#:4 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 09-10-03 4:07:42 AM
BasePriority : Normal
FileSize : 11 KB
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
OriginalFilename : lsass.exe
ProductName : Microsoft
Created on : 01/01/80 7:00:00 AM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 08/29/02 12:00:00 PM

#:5 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 09-10-03 4:07:42 AM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 01/01/80 7:00:00 AM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 08/29/02 12:00:00 PM

#:6 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 09-10-03 4:07:43 AM
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 01/01/80 7:00:00 AM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 08/29/02 12:00:00 PM

#:7 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 09-10-03 4:07:49 AM
BasePriority : Normal
FileSize : 980 KB
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft
Created on : 01/01/80 7:00:00 AM
Last accessed : 09/10/03 4:14:29 AM
Last modified : 08/29/02 12:00:00 PM

#:8 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 09-10-03 4:07:49 AM
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 01/01/80 7:00:00 AM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 08/29/02 12:00:00 PM

#:9 [avsynmgr.exe]
FilePath : C:\Program Files\Network Associates\VirusScan\
ThreadCreationTime : 09-10-03 4:07:55 AM
BasePriority : Normal
FileSize : 152 KB
Created on : 04/30/01 9:51:00 AM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 04/30/01 9:51:00 AM

#:10 [msdtc.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 09-10-03 4:07:55 AM
BasePriority : Normal
FileSize : 6 KB
FileVersion : 2001.12.4414.42
ProductVersion : 03.01.00.4414
Copyright : Copyright (C) Microsoft Corp. 1995-1998
CompanyName : Microsoft Corporation
FileDescription : MS DTC console program
InternalName : MSDTC.EXE
ProductName : Microsoft Distributed Transaction Coordinator
Created on : 09/23/02 8:29:35 PM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 08/29/02 12:00:00 PM

#:11 [smagent.exe]
FilePath : C:\Program Files\Analog Devices\SoundMAX\
ThreadCreationTime : 09-10-03 4:07:56 AM
BasePriority : Normal
FileSize : 44 KB
FileVersion : 3, 2, 5, 0
ProductVersion : 3, 2, 5, 0
Copyright : Copyright
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX service agent component
InternalName : SMAgent
OriginalFilename : SMAgent.exe
ProductName : SoundMAX service agent
Created on : 03/22/03 12:44:08 AM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 07/15/02 10:36:54 PM

#:12 [xpadmin.exe]
FilePath : C:\PROGRA~1\Xpoint\xpadmin\
ThreadCreationTime : 09-10-03 4:07:59 AM
BasePriority : Normal
FileSize : 28 KB
Created on : 06/28/03 6:47:30 PM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 08/07/02 4:22:18 PM

#:13 [xpagent.exe]
FilePath : C:\PROGRA~1\Xpoint\agent\
ThreadCreationTime : 09-10-03 4:07:59 AM
BasePriority : Normal
FileSize : 96 KB
Created on : 06/28/03 6:47:30 PM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 08/07/02 4:24:42 PM

#:14 [vsstat.exe]
FilePath : C:\Program Files\Network Associates\VirusScan\
ThreadCreationTime : 09-10-03 4:07:59 AM
BasePriority : Normal
FileSize : 96 KB
Created on : 04/30/01 9:51:00 AM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 04/30/01 9:51:00 AM

#:15 [vshwin32.exe]
FilePath : C:\Program Files\Network Associates\VirusScan\
ThreadCreationTime : 09-10-03 4:07:59 AM
BasePriority : Normal
FileSize : 116 KB
Created on : 04/30/01 9:51:00 AM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 04/30/01 9:51:00 AM

#:16 [xpclient.exe]
FilePath : C:\PROGRA~1\Xpoint\EEClient\
ThreadCreationTime : 09-10-03 4:08:01 AM
BasePriority : Normal
FileSize : 808 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
Copyright : Copyright
CompanyName : Xpoint Technologies
FileDescription : Uptime
InternalName : Uptime!
ProductName : Xpoint Technologies Uptime!
Created on : 06/28/03 6:47:32 PM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 08/07/02 4:23:42 PM

#:17 [cmd.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 09-10-03 4:08:02 AM
BasePriority : Normal
FileSize : 367 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Windows Command Processor
InternalName : cmd
OriginalFilename : Cmd.Exe
ProductName : Microsoft
Created on : 01/01/80 7:00:00 AM
Last accessed : 09/10/03 4:08:41 AM
Last modified : 08/29/02 12:00:00 PM

#:18 [javaw.exe]
FilePath : C:\PROGRA~1\Xpoint\SAS\jre\bin\
ThreadCreationTime : 09-10-03 4:08:02 AM
BasePriority : Normal
FileSize : 20 KB
Created on : 06/28/03 6:47:33 PM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 08/07/02 3:27:34 PM

#:19 [avconsol.exe]
FilePath : C:\Program Files\Network Associates\VirusScan\
ThreadCreationTime : 09-10-03 4:08:05 AM
BasePriority : Normal
FileSize : 160 KB
Created on : 04/30/01 9:51:00 AM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 04/30/01 9:51:00 AM

#:20 [mcshield.exe]
FilePath : C:\Program Files\Common Files\Network Associates\McShield\
ThreadCreationTime : 09-10-03 4:08:10 AM
BasePriority : High
FileSize : 224 KB
Created on : 04/30/01 9:51:00 AM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 04/30/01 9:51:00 AM

#:21 [hkcmd.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 09-10-03 4:08:21 AM
BasePriority : Normal
FileSize : 112 KB
FileVersion : 3,0,0,2104
ProductVersion : 7,0,0,2104
Copyright : Copyright 1999-2003, Intel Corporation
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
OriginalFilename : HKCMD.EXE
ProductName : Intel(R) Common User Interface
Created on : 07/21/03 5:35:16 AM
Last accessed : 09/10/03 4:08:21 AM
Last modified : 04/07/03 5:07:38 AM

#:22 [promon.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 09-10-03 4:08:21 AM
BasePriority : Normal
FileSize : 72 KB
FileVersion : 5.3.42.0
ProductVersion : 5.3.42.0
Copyright : Copyright (C) 1998-2002 Intel Corporation.
CompanyName : Intel Corporation
FileDescription : Intel(R) PROSet Tray Icon
InternalName : Intel(R) PROMonitor
OriginalFilename : PROMon.exe
ProductName : Intel(R) PROMonitor
Created on : 04/19/02 1:32:36 AM
Last accessed : 09/10/03 4:08:21 AM
Last modified : 04/19/02 1:32:36 AM

#:23 [msbb.exe]
FilePath : C:\Program Files\nCase\
ThreadCreationTime : 09-10-03 4:08:22 AM
BasePriority : Normal
FileSize : 192 KB
FileVersion : 4.2
ProductVersion : 4.2
Copyright : Copyright
CompanyName : 180Solutions Inc
FileDescription : msbb
InternalName : msbb
OriginalFilename : msbb.exe
ProductName : n-CASE
Created on : 09/05/03 8:04:12 PM
Last accessed : 09/10/03 4:08:22 AM
Last modified : 09/05/03 8:04:12 PM
Warning! NCase object found in memory(C:\Program Files\nCase\msbb.exe)

NCase Object recognized!
Type : Process
Data : msbb.exe
Object : C:\Program Files\nCase\
FileSize : 192 KB
FileVersion : 4.2
ProductVersion : 4.2
Copyright : Copyright
CompanyName : 180Solutions Inc
FileDescription : msbb
InternalName : msbb
OriginalFilename : msbb.exe
ProductName : n-CASE
Created on : 09/05/03 8:04:12 PM
Last accessed : 09/10/03 4:08:22 AM
Last modified : 09/05/03 8:04:12 PM

“msbb.exe”Process terminated successfully.

#:24 [nmssvc.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 09-10-03 4:08:22 AM
BasePriority : Normal
FileSize : 1092 KB
FileVersion : 2.2.9.0
ProductVersion : 2.2.9.0
Copyright : Copyright
CompanyName : Intel Corporation
FileDescription : NMS Module
InternalName : NMS Module
ProductName : NMS
Created on : 05/03/02 7:36:24 PM
Last accessed : 09/10/03 3:56:58 AM
Last modified : 05/03/02 7:36:24 PM

#:25 [purrrint.exe]
FilePath : C:\
ThreadCreationTime : 09-10-03 4:08:24 AM
BasePriority : Normal
FileSize : 85 KB
FileVersion : 1, 0, 0, 9
ProductVersion : 1, 0, 0, 9
Copyright : Copyright
CompanyName : angeldust
FileDescription : PrintScreen extension
InternalName : purrint
OriginalFilename : purrint.exe
ProductName : Purrint
Created on : 06/28/03 5:26:10 PM
Last accessed : 09/10/03 4:08:24 AM
Last modified : 06/03/02 2:56:16 PM

#:26 [rundll32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 09-10-03 4:08:28 AM
BasePriority : Normal
FileSize : 31 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
OriginalFilename : RUNDLL.EXE
ProductName : Microsoft
Created on : 01/01/80 7:00:00 AM
Last accessed : 09/10/03 4:14:29 AM
Last modified : 08/29/02 12:00:00 PM

#:27 [trillian-v0.74d.exe]
FilePath : C:\Documents and Settings\node1\Desktop\
ThreadCreationTime : 09-10-03 4:14:57 AM
BasePriority : Normal
FileSize : 2469 KB
Created on : 09/10/03 4:13:46 AM
Last accessed : 09/10/03 4:14:58 AM
Last modified : 09/10/03 4:13:49 AM

#:28 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-aware 6\
ThreadCreationTime : 09-10-03 4:15:07 AM
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 09/10/03 4:14:25 AM
Last accessed : 09/10/03 4:14:39 AM
Last modified : 07/13/03 3:00:20 AM

Memory scan result :
??????????????????????????????????????
New objects : 1
Objects found so far: 1

Started registry scan
??????????????????????????????????????

Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : BTIEINScriptConfigProj.BTIEINScriptConfig

Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : btlink.relatedlinksProtocol

Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : btlink.ResProtocol

FirstCash Websearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{0A5CF411-F0BF-4AF8-A2A4-8233F3109BED}

Gator Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{21FFB6C0-0DA1-11D5-A9D5-00500413153C}

Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{26E8361F-BCE7-4F75-A347-98C88B418322}

Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{63B78BC1-A711-4D46-AD2F-C581AC420D41}

FirstCash Websearch Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{6A85D97D-665D-4825-8341-9501AD9F56A3}

NCase Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{6eb5b540-1e74-4d91-a7f0-5b758d333702}

Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{CD8D1CAA-FE4A-45DF-A06C-028AAF1821DE}

Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{D6DFF6D8-B94B-4720-B730-1C38C7065C3B}

Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Interface\{26E8361F-BCE7-4F75-A347-98C88B418321}

NCase Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : ncaseinstaller.ncaseinstaller

NCase Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : ncaseinstaller.ncaseinstaller.1

NCase Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : SOFTWARE\180solutions

NCase Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : SOFTWARE\180solutions\msbb

Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\BTIEIN

Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\BTIEIN

Gator Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Gator.com

Gator Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\GatorTest

Search Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0A5CF411-F0BF-4AF8-A2A4-8233F3109BED}

Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{63B78BC1-A711-4D46-AD2F-C581AC420D41}

Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D6DFF6D8-B94B-4720-B730-1C38C7065C3B}

Gator Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\GAIN

Huntbar Object recognized!
Type : RegKey
Data : BTLINK_
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BTLINK_DLL

Search Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HTOOL_UNINSTALL

NCase Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\msbb

NCase Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Uninstall\nCASE

Search Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Search Toolbar

Search Toolbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : Software\Search Toolbar

SecondThought Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : software\stc\client

Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\BTLINK

NCase Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : TYPELIB\{18dd1792-64fb-42db-acbe-435c598045f4}

Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : Typelib\{26E8361F-BCE7-4F75-A347-98C88B418328}

Search Toolbar Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Internet Explorer\Toolbar
Value : {6A85D97D-665D-4825-8341-9501AD9F56A3}

SecondThought Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value : stcloader

Registry scan result :
??????????????????????????????????????
New objects : 36
Objects found so far: 37

Started deep registry scan
??????????????????????????????????????
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainSearch Barwww.websearch.com

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : “http://www.websearch.com/ie.aspx”
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Search Bar
Data : “http://www.websearch.com/ie.aspx”

Possible browser hijack attempt : Software\Microsoft\Internet Explorer\SearchSearchAssistantwww.websearch.com

Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : “http://www.websearch.com/ie.aspx”
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Search
Value : SearchAssistant
Data : “http://www.websearch.com/ie.aspx”

Possible browser hijack attempt : {6EB5B540-1E74-4D91-A7F0-5B758D333702} (“http://bis.180solutions.com/activexinstallers/306/ncaseinstaller.cab”)

Possible Browser Hijack attempt Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6EB5B540-1E74-4D91-A7F0-5B758D333702}

NCase Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : msbb

NCase Object recognized!
Type : RegValue
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Windows\CurrentVersion\Run
Value : FLSYCIP

NCase Object recognized!
Type : File
Data : flsycip.exe
Object : c:\windows\
FileSize : 92 KB
Created on : 09/05/03 8:04:21 PM
Last accessed : 09/10/03 4:08:22 AM
Last modified : 09/05/03 8:04:23 PM

Huntbar Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CLASSES_ROOT
Object : PROTOCOLS\Handler\relatedlinks

Deep registry scan result :
??????????????????????????????????????
New objects : 6
Objects found so far: 44

??????????????????????????????????????

Tracking Cookie Object recognized!
Type : File
Data : node1@advertising[1].txt
Object : C:\Documents and Settings\node1\Cookies\

Created on : 09/09/03 6:19:52 AM
Last accessed : 09/10/03 4:15:50 AM
Last modified : 09/09/03 10:44:40 AM

Other Object recognized!
Type : File
Data : node1@cgi-bin[1].txt
Object : C:\Documents and Settings\node1\Cookies\

Created on : 09/09/03 5:12:50 AM
Last accessed : 09/10/03 4:15:50 AM
Last modified : 09/09/03 5:12:50 AM

Tracking Cookie Object recognized!
Type : File
Data : node1@doubleclick[1].txt
Object : C:\Documents and Settings\node1\Cookies\

Created on : 09/09/03 5:01:28 AM
Last accessed : 09/10/03 4:15:50 AM
Last modified : 09/09/03 5:01:34 AM

Tracking Cookie Object recognized!
Type : File
Data : node1@gator[1].txt
Object : C:\Documents and Settings\node1\Cookies\

Created on : 09/09/03 5:02:13 AM
Last accessed : 09/10/03 4:15:50 AM
Last modified : 09/09/03 5:02:13 AM

Tracking Cookie Object recognized!
Type : File
Data : node1@linksynergy[2].txt
Object : C:\Documents and Settings\node1\Cookies\

Created on : 09/09/03 5:01:22 AM
Last accessed : 09/10/03 4:15:50 AM
Last modified : 09/09/03 5:01:22 AM

Tracking Cookie Object recognized!
Type : File
Data : node1@qksrv[1].txt
Object : C:\Documents and Settings\node1\Cookies\

Created on : 09/09/03 5:00:27 AM
Last accessed : 09/10/03 4:13:41 AM
Last modified : 09/09/03 5:00:27 AM

Tracking Cookie Object recognized!
Type : File
Data : node1@servedby.advertising[1].txt
Object : C:\Documents and Settings\node1\Cookies\

Created on : 09/09/03 10:51:43 AM
Last accessed : 09/10/03 4:15:50 AM
Last modified : 09/09/03 10:51:43 AM

Tracking Cookie Object recognized!
Type : File
Data : node1@tmpad[2].txt
Object : C:\Documents and Settings\node1\Cookies\

Created on : 09/09/03 10:37:26 AM
Last accessed : 09/10/03 4:15:50 AM
Last modified : 09/09/03 10:37:26 AM

Tracking Cookie Object recognized!
Type : File
Data : node1@trafficmp[1].txt
Object : C:\Documents and Settings\node1\Cookies\

Created on : 09/09/03 10:37:26 AM
Last accessed : 09/10/03 4:15:50 AM
Last modified : 09/09/03 10:37:26 AM

??????????????????????????????????????

Deep scanning and examining files (C:)
??????????????????????????????????????

FreeScratchCards Object recognized!
Type : File
Data : 2ndsrch.dll
Object : C:\WINDOWS\System32\
FileSize : 66 KB
FileVersion : 8.0.7.1
ProductVersion : 8.0.7.1
InternalName : runpool.dll
OriginalFilename : runpool.dll
Created on : 09/05/03 10:22:33 AM
Last accessed : 09/10/03 4:07:37 AM
Last modified : 09/05/03 10:22:34 AM

FreeScratchCards Object recognized!
Type : File
Data : stcloader.exe
Object : C:\WINDOWS\System32\
FileSize : 26 KB
FileVersion : 8.0.7.1
ProductVersion : 8.0.7.1
Copyright : Copyright (C) 2003
FileDescription : Loader
InternalName : loader
OriginalFilename : loader.exe
ProductName : Loader
Created on : 09/05/03 10:22:28 AM
Last accessed : 09/10/03 4:08:21 AM
Last modified : 09/05/03 10:22:29 AM

Performing conditional scans..
??????????????????????????????????????

Huntbar Object recognized!
Type : Folder
Object : c:\program files\common files\BTLINK

Huntbar Object recognized!
Type : Folder
Object : c:\program files\common files\btlink\.

Huntbar Object recognized!
Type : File
Data : btiein.dll
Object : c:\windows\system32\
FileSize : 201 KB
Created on : 09/05/03 11:48:36 PM
Last accessed : 09/10/03 4:07:37 AM
Last modified : 09/02/03 7:10:48 PM

FirstCash Websearch Object recognized!
Type : Folder
Object : c:\program files\Search Toolbar

FirstCash Websearch Object recognized!
Type : File
Data : stoolbar.dll
Object : c:\program files\search toolbar\
FileSize : 323 KB
Created on : 09/06/03 11:56:41 PM
Last accessed : 09/10/03 4:06:49 AM
Last modified : 09/02/03 7:10:48 PM

FirstCash Websearch Object recognized!
Type : File
Data : temp
Object : c:\program files\search toolbar\

Created on : 09/10/03 4:06:44 AM
Last accessed : 09/10/03 4:06:44 AM
Last modified : 09/10/03 4:06:44 AM

SecondThought Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_CURRENT_USER
Object : software\stc

SecondThought Object recognized!
Type : Folder
Object : c:\program files\STC

SecondThought Object recognized!
Type : File
Data : stc.exe
Object : c:\program files\stc\
FileSize : 87 KB
FileVersion : 8.0.7.1
ProductVersion : 8.0.7.1
Copyright : Copyright (C) 2003
FileDescription : Second Thought
InternalName : STC
OriginalFilename : STC.exe
ProductName : STC Application
Created on : 09/05/03 10:22:31 AM
Last accessed : 09/10/03 4:08:28 AM
Last modified : 09/05/03 10:22:32 AM

Conditional scan result:
??????????????????????????????????????
New objects : 9
Objects found so far: 65

11:16:12 PM Scan complete

Summary of this scan
??????????????????????????????????????
Total scanning time :00:00:58:46
Objects scanned :35689
Objects identified :65
Objects ignored :0
New objects :65

	Article Navigation
	« Spyware! Previous	Next To Many Maybes »

Leave a Reply Cancel reply