Sorry, confession time. I did use it last time, but removed it :(( Sorry. I'll install it again. Do I need to keep it?One small thing, when using ad-aware, it brings up this VX2 program as a problem? Why's this?
I ran VX2, rebooted, scanned computer, rebooted, scanned computer again and it found 71 critical objects (all except one - a hijacker - were VX2). Why is this. Should I just ignore the VX2 problems or are they not actually problems.
I've saved a log of the scan if you're interested. Here it is:
Ad-Aware SE Build 1.05
Logfile Created on:12 October 2004 11:21:55
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R11 07.10.2004
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
180Solutions(TAC index:8):2 total references
Alexa(TAC index:5):1 total references
Hijacker.TopConverting(TAC index:5):9 total references
MRU List(TAC index:0):28 total references
NavExcel(TAC index:5):3 total references
Tracking Cookie(TAC index:3):4 total references
WinAD(TAC index:7):1 total references
VX2(TAC index:10):54 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
12-10-2004 11:21:55 - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\10.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\10.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\10.0\common\open find\microsoft word\settings\new from existing document\file name mru
Description : list of "new from existing document" files used by microsoft word
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\10.0\common\general
Description : list of recently used symbols in microsoft office
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : .DEFAULT\software\smartftp\connection data
Description : list of recently accessed servers using smartftp
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\10.0\clip organizer\search\last query
Description : last query in microsoft clip organizer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : C:\WINDOWS\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [KERNEL32.DLL]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4291781175
Threads : 4
Priority : High
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft(R) Windows(R) Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
LegalCopyright : Copyright (C) Microsoft Corp. 1991-2000
OriginalFilename : KERNEL32.DLL
#:2 [MSGSRV32.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294943959
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft(R) Windows(R) Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
LegalCopyright : Copyright (C) Microsoft Corp. 1992-1998
OriginalFilename : MSGSRV32.EXE
#:3 [mmtask.tsk]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294952155
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft Windows
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
LegalCopyright : Copyright © Microsoft Corp. 1991-2000
OriginalFilename : mmtask.tsk
#:4 [MPREXE.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294954727
Threads : 2
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft(R) Windows(R) Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
LegalCopyright : Copyright (C) Microsoft Corp. 1993-2000
OriginalFilename : MPREXE.EXE
#:5 [MSTASK.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294852491
Threads : 2
Priority : Normal
FileVersion : 4.71.2721.1
ProductVersion : 4.71.2721.1
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright (C) Microsoft Corp. 2000
OriginalFilename : mstask.exe
#:6 [MSGPLUS.EXE]
FilePath : C:\PROGRAM FILES\MESSENGER PLUS! 3\
ProcessID : 4294860767
Threads : 1
Priority : Normal
#:7 [SSDPSRV.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294840587
Threads : 5
Priority : Normal
FileVersion : 4.90.3003.0
ProductVersion : 4.90.3003.0
ProductName : Microsoft(R) Windows(R) Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : SSDP Service on Windows Millennium
InternalName : ssdpsrv.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
OriginalFilename : ssdpsrv.exe
#:8 [EXPLORER.EXE]
FilePath : C:\WINDOWS\
ProcessID : 4294840971
Threads : 18
Priority : Normal
FileVersion : 5.50.4134.100
ProductVersion : 5.50.4134.100
ProductName : Microsoft(R) Windows (R) 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
OriginalFilename : EXPLORER.EXE
#:9 [TASKMON.EXE]
FilePath : C:\WINDOWS\
ProcessID : 4294772371
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft(R) Windows(R) Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Task Monitor
InternalName : TaskMon
LegalCopyright : Copyright (C) Microsoft Corp. 1998
OriginalFilename : TASKMON.EXE
#:10 [SYSTRAY.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294810391
Threads : 2
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft(R) Windows(R) Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : System Tray Applet
InternalName : SYSTRAY
LegalCopyright : Copyright (C) Microsoft Corp. 1993-2000
OriginalFilename : SYSTRAY.EXE
#:11 [SCTRAY.EXE]
FilePath : C:\PQSC\PROGRAM\
ProcessID : 4294719411
Threads : 2
Priority : Normal
#:12 [LOADQM.EXE]
FilePath : C:\WINDOWS\
ProcessID : 4294706819
Threads : 3
Priority : Normal
FileVersion : 5.4.1103.3
ProductVersion : 5.4.1103.3
ProductName : QMgr Loader
CompanyName : Microsoft Corporation
FileDescription : Microsoft QMgr
InternalName : LOADQM.EXE
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999
OriginalFilename : LOADQM.EXE
#:13 [HPZTSB05.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294713851
Threads : 1
Priority : Normal
FileVersion : 2,121,0,0
ProductVersion : 2,121,0,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright (c) Hewlett-Packard Company 1999-2002
#:14 [DRAGDIAG.EXE]
FilePath : C:\PROGRAM FILES\THOMSON\SPEEDTOUCH USB\
ProcessID : 4294717103
Threads : 2
Priority : Normal
FileVersion : 301.0.0.12
ProductVersion : 301.0.0.12
ProductName : SpeedTouch USB
CompanyName : THOMSON Telecom Belgium
FileDescription : SpeedTouch Statistics
LegalCopyright : Copyright© THOMSON Telecom Belgium 1999-2004
LegalTrademarks : SpeedTouch
#:15 [SPOOL32.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294722623
Threads : 2
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft(R) Windows(R) Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler Sub System Process
InternalName : spool32
LegalCopyright : Copyright (C) Microsoft Corp. 1994 - 1998
OriginalFilename : spool32.exe
#:16 [WMIEXE.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294753143
Threads : 3
Priority : Normal
FileVersion : 4.90.2452.1
ProductVersion : 4.90.2452.1
ProductName : Microsoft(R) Windows(R) Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI service exe housing
InternalName : wmiexe
LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999
OriginalFilename : wmiexe.exe
#:17 [SONYTRAY.EXE]
FilePath : C:\PROGRAM FILES\SONY CORPORATION\IMAGE TRANSFER\
ProcessID : 4294740647
Threads : 1
Priority : Normal
#:18 [MSNMSGR.EXE]
FilePath : C:\PROGRAM FILES\MSN MESSENGER\
ProcessID : 4294648623
Threads : 4
Priority : Normal
FileVersion : 6.2.0137
ProductVersion : Version 6.2
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe
#:19 [STMGR.EXE]
FilePath : C:\WINDOWS\SYSTEM\RESTORE\
ProcessID : 4294692519
Threads : 4
Priority : Normal
FileVersion : 4.90.0.2533
ProductVersion : 4.90.0.2533
ProductName : Microsoft (r) PCHealth
CompanyName : Microsoft Corporation
FileDescription : Microsoft (R) PC State Manager
InternalName : StateMgr.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
OriginalFilename : StateMgr.exe
#:20 [AD-AWARE.EXE]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\
ProcessID : 4294780839
Threads : 2
Priority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hijacker.TopConverting Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\topconverting
Hijacker.TopConverting Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\topconverting
Value : version
Hijacker.TopConverting Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\topconverting
Value : partner
Hijacker.TopConverting Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\topconverting
Value : id
Hijacker.TopConverting Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\topconverting
Value : InstallDir
Hijacker.TopConverting Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\topconverting
Value : updatetime
Hijacker.TopConverting Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\topconverting
Value : tetris
NavExcel Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\navexcel
Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 9
Objects found so far: 37
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 37
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : default@apmebf[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:default@apmebf.com/
Expires : 10-10-2009 22:46:38
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : default@versiontracker[1].txt
Category : Data Miner
Comment : Hits:29
Value : Cookie:default@versiontracker.com/
Expires : 12-10-2006 04:10:24
LastSync : Hits:29
UseCount : 0
Hits : 29
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 39
Deep scanning and examining files (c:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
VX2 Object Recognized!
Type : File
Data : HyTPLUG.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : RvCLTS5.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : IpSETUP.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : RiCLTC5.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : HwTPLUG.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : IyFRARED.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : UyBUI.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : CwDIAL32.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : IiSETUP.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : Suntf16.dll
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : IzFRARED.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : RjCLTC5.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : Stntf32.dll
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : Shntf32.dll
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : IhFRARED.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : IaFRARED.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : UvBUI.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : IpFRARED.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : IlSETUP.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : HkTPLUG.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : IdSETUP.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : HgTPLUG.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : Srntf16.dll
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : IxFRARED.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : HcTPLUG.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : IkSETUP.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : HpTPLUG.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : Shntf16.dll
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : UbBUI.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : IdFRARED.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
VX2 Object Recognized!
Type : File
Data : IlFRARED.DLL
Category : Malware
Comment :
Object : c:\WINDOWS\SYSTEM\
Object "mxTarget.dll" found in this archive.
VX2 Object Recognized!
Type : File
Data : mxTarget.cab
Category : Malware
Comment : Object "mxTarget.dll" found in this archive.
Object : c:\WINDOWS\TEMP\
VX2 Object Recognized!
Type : File
Data : mxTarget.dll
Category : Malware
Comment :
Object : c:\WINDOWS\TEMP\
FileVersion : 0, 2, 4, 39
ProductVersion : 0, 2, 4, 39
ProductName : mxtarget
CompanyName : MX-Targeting
FileDescription : www.mx-targeting.com
InternalName : mxtarget
LegalCopyright : Copyright © 2004
OriginalFilename : mxtarget.dll
Comments : www.mx-targeting.com
180Solutions Object Recognized!
Type : File
Data : Del5341.TMP
Category : Data Miner
Comment :
Object : c:\WINDOWS\TEMP\
FileVersion : 5, 12, 0, 13
ProductVersion : 5, 12, 0, 13
ProductName : Search Assistant
CompanyName : 180solutions, Inc.
FileDescription : Search Assistant
LegalCopyright : Copyright © 2004, 180solutions Inc.
Hijacker.TopConverting Object Recognized!
Type : File
Data : tcupdater[1].exe
Category : Malware
Comment :
Object : c:\WINDOWS\Temporary Internet Files\Content.IE5\CHKFIVST\
FileVersion : 1, 0, 0, 3
ProductVersion : 1, 0, 0, 3
ProductName : tpcupdater Application
FileDescription : tpcupdater MFC Application
InternalName : tpcupdater
LegalCopyright : Copyright (C) 2004
OriginalFilename : tpcupdater.EXE
180Solutions Object Recognized!
Type : File
Data : 180ax[1].exe
Category : Data Miner
Comment :
Object : c:\WINDOWS\Temporary Internet Files\Content.IE5\KBLBI6ZT\
FileVersion : 5, 12, 0, 13
ProductVersion : 5, 12, 0, 13
ProductName : Search Assistant
CompanyName : 180solutions, Inc.
FileDescription : Search Assistant
LegalCopyright : Copyright © 2004, 180solutions Inc.
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : default@apmebf[1].txt
Category : Data Miner
Comment :
Value : c:\WINDOWS\Cookies\default@apmebf[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : default@versiontracker[1].txt
Category : Data Miner
Comment :
Value : c:\WINDOWS\Cookies\default@versiontracker[1].txt
Hijacker.TopConverting Object Recognized!
Type : File
Data : updatetc.exe
Category : Malware
Comment :
Object : c:\WINDOWS\
FileVersion : 1, 0, 0, 3
ProductVersion : 1, 0, 0, 3
ProductName : tpcupdater Application
FileDescription : tpcupdater MFC Application
InternalName : tpcupdater
LegalCopyright : Copyright (C) 2004
OriginalFilename : tpcupdater.EXE
VX2 Object Recognized!
Type : File
Data : ROCLTS5.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : SXNTF32.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : IKSETUP.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : IMSETUP.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : SZNTF32.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : UGBUI.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : IEFRARED.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : RHCLTS5.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : RCCLTS5.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : IBSETUP.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : IFSETUP.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : HHTPLUG.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : RECLTS5.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : IGFRARED.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : UWBUI.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : IBFRARED.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : MFLOCUSR.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : UQBUI.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : HFTPLUG.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
VX2 Object Recognized!
Type : File
Data : MULOCUSR.0
Category : Malware
Comment :
Object : c:\_RESTORE\TEMP\
Object "W0107641.CPY" found in this archive.
WinAD Object Recognized!
Type : File
Data : FS261.CAB
Category : Data Miner
Comment : Object "W0107641.CPY" found in this archive.
Object : c:\_RESTORE\ARCHIVE\
VX2 Object Recognized!
Type : File
Data : 07AFA0.DAT
Category : Malware
Comment :
Object : c:\PQSC\CPS\000076\FILES\001\
Disk Scan Result for c:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 100
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
13 entries scanned.
New critical objects:0
Objects found so far: 100
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
NavExcel Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\nhelper.dll
NavExcel Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\nhelper.dll
Value : AppID
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 102
11:24:49 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:02:54.10
Objects scanned:53613
Objects identified:74
Objects ignored:0
New critical objects:74
Thanks for your help :)
Nick