Spyware Scan Details Start Date: 09/04/2006 15.32.21 End Date: 09/04/2006 15.34.12 Total Time: 1 mins 51 secs Detected Threats WinTools Trojan more information... Details: WinTools?f purpose is currently unknown. WinTools installs an Internet Explorer browser helper object, a URL search hook, and downloads several files in Common files\WinTools\. WinTools runs at startup Status: Ignored Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed. Infected files detected h:\test\2006_1-2-3\trojan\websearch\d\wtoolsa.exe RBot Backdoor more information... Details: Win32/Rbot is a backdoor Trojan that targets versions of Microsoft Windows. It allows attackers to use IRC channels to scan for network shares with weak passwords, exploit vulnerabilities, launch DoS attacks, and retrieve system information. Status: Ignored Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed. Infected files detected h:\test\2006_1-2-3\backdoor\rbot\fa\wserv32.exe Netsky Worm more information... Details: Win32/Netsky is a mass-mailing worm that targets versions of Microsoft Windows. The worm e-mails itself to addresses on an infected computer. Some variants copy the worm to network folders. Some contain a backdoor component and perform DoS attacks. Status: Ignored Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed. Infected files detected h:\test\2006_1-2-3\worm\netsky\ah\jammer2nd.exe Vxgame Trojan Downloader more information... Status: Ignored Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed. Infected files detected h:\test\2006_1-2-3\trojan\small\gen\g\vxgame1.exe h:\test\2006_1-2-3\trojan\small\gen\d\vxh8jkdq7.exe h:\test\2006_1-2-3\trojan\small\gen\c\vxh8jkdq6.exe h:\test\2006_1-2-3\trojan\small\gen\a\vxgame2.exe h:\test\2006_1-2-3\trojan\renos\j.gen\c\winstall.exe TrojanDownloader:Win32/Small.ADO Trojan Downloader more information... Status: Ignored Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed. Infected files detected h:\test\2006_1-2-3\trojan\small\gen\f\cvxh8jkdq6.exe Zlob Trojan Downloader more information... Status: Ignored Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed. Infected files detected h:\test\2006_1-2-3\trojan\fakealert\at.gen\af\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\q\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\p\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\o\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\n\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\m\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\l\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\k\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\j\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\i\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\h\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\ab\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\g\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\f\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\e\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\d\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\c\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\b\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\a\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\aa\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\w\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\v\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\u\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\t\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\s\mssearchnet.exe h:\test\2006_1-2-3\trojan\fakealert\at.gen\r\mssearchnet.exe IST.ISTbar Browser Modifier more information... Details: ISTbar is an Internet Explorer redirector that modifies your homepage and searches without your consent using an Internet Explorer toolbar. Status: Ignored Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed. Infected files detected h:\test\2006_1-2-3\trojan\istbar\br\istsvc.exe h:\test\2006_1-2-3\trojan\istbar\br.gen\b\istsvc.exe h:\test\2006_1-2-3\trojan\istbar\br.gen\a\istsvc.exe Peper Trojan Downloader more information... Details: Peper downloads advertisements and displays pop-up advertising, and downloads additional copies of itself and other adware. Status: Ignored Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed. Infected files detected h:\test\2006_1-2-3\trojan\agent\gen\n\top2.exe UCmore Potentially Unwanted Software more information... Status: Ignored High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed. Infected files detected h:\test\2006_1-2-3\adware\ucmore\b\ucmtsaie.dll IST.SideFind Adware more information... Details: SideFind installs an adware Internet Explorer browser helper object that installs some extra buttons. Status: Ignored High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed. Infected files detected h:\test\2006_1-2-3\trojan\sidefind\a\sidefind.dll h:\test\2006_1-2-3\trojan\sidefind\a\sidefind.exe TargetSaver Trojan Downloader more information... Details: TargetSaver is a process run at Windows startup, which opens pop-ups. Status: Ignored High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed. Infected files detected h:\test\2006_1-2-3\trojan\agent\ve\stub_113_4_0_4_0.exe SpySheriff Potentially Unwanted Software more information... Details: SpySheriff is known to be installed through webpages exploiting known vulnerabilities. It scans system for possible spyware infection and prompts user to register in order to clean the system. Status: Ignored High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed. Infected files detected h:\test\2006_1-2-3\trojan\renos\j\winstall.exe h:\test\2006_1-2-3\trojan\renos\j.gen\i\winstall.exe h:\test\2006_1-2-3\trojan\renos\j.gen\e\winstall.exe Trojan.Downloader.winstall Trojan Downloader more information... Status: Ignored High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed. Infected files detected h:\test\2006_1-2-3\trojan\renos\j.gen\a\winstall.exe WindUpdates.MediaGateway Adware more information... Details: WindUpdates is responsible for downloading adware. Status: Ignored High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed. Infected files detected h:\test\2006_1-2-3\trojan\mediagateway\i.gen\b\mediagateway.exe Adware.cmdService Adware more information... Details: Adware.cmdService runs as a Windows service. Status: Ignored High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed. Infected files detected h:\test\2006_1-2-3\adware\command\a\command.exe TrojanDownloader:Win32/Unclassified.A Trojan Downloader more information... Status: Ignored High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed. Infected files detected h:\test\2006_1-2-3\trojan\small\gen\n\web.exe h:\test\2006_1-2-3\trojan\small\gen\e\cvxh8jkdq1.exe WinSoftware.Winfixer Potentially Unwanted Software more information... Details: Winfixer is known to be installed through inappropriate bundling and without users consent. It is a software that scans the users system for damaged files and attempts to fix it if the user pays a fee. Status: Ignored High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed. Infected files detected h:\test\2006_1-2-3\adware\winfixer\h\uwfx5_0001_n56m0311netinstaller.exe Delf.DH Trojan Downloader more information... Status: Ignored High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed. Infected files detected h:\test\2006_1-2-3\trojan\agent\sq\kvg.exe h:\test\2006_1-2-3\trojan\small\jd\kvg.exe Small.136 Trojan Downloader more information... Status: Ignored High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed. Infected files detected h:\test\2006_1-2-3\trojan\agent\gen\an\mte3ndi6odoxng.exe SpywareStrike Potentially Unwanted Software more information... Status: Ignored High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed. Infected files detected h:\test\2006_1-2-3\adware\spyaxe\c\spywarestrike.exe h:\test\2006_1-2-3\adware\spyaxe\c.gen\a\spywarestrike.exe Cydoor Adware more information... Details: Cydoor downloads advertisements from a remote server and displays them on your computer. Status: Ignored High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed. Infected files detected h:\test\2006_1-2-3\adware\cydoor\b\cd_clint.dll AvenueMedia.DyFuCA Browser Plug-in more information... Details: AvenueMedia DyFuCA Internet Optimizer is adware that changes your browser error page. It periodically displays pop-up advertisements from its remote sites and may update itself. Status: Ignored High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed. Infected files detected h:\test\2006_1-2-3\trojan\dyfuca\l\optimize.exe NewDotNet Adware more information... Details: New.Net is an Internet Explorer plug-in that adds extra top-level domains (such as .shop or .tech) to your name resolution system. Status: Ignored High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed. Infected files detected h:\test\2006_1-2-3\bho\lsp\newdotnet\e\newdotnet7_22.dll h:\test\2006_1-2-3\bho\lsp\newdotnet\d\newdotnet7_14.dll h:\test\2006_1-2-3\bho\lsp\newdotnet\a\newdotnet6_38.dll h:\test\2006_1-2-3\bho\lsp\newdotnet\c\newdotnet6_90.dll WhenU.SaveNow Adware more information... Details: WhenU SaveNow collects information about a computer user and displays pop-up advertisements. Status: Ignored Moderate threat - Moderate-risk items have some potential for harm, but may be part of a wanted service. Users may decide to ignore such programs after review. Infected files detected h:\test\2006_1-2-3\spyware\whenu\i\vvsn.exe h:\test\2006_1-2-3\spyware\whenu\n\save.exe h:\test\2006_1-2-3\spyware\whenu\n.gen\a\save.exe h:\test\2006_1-2-3\spyware\whenu\m\save.exe 180Solutions.Zango.SearchAssistant Adware more information... Details: Zango Search Assistant shows pop-up advertisements. Status: Ignored Moderate threat - Moderate-risk items have some potential for harm, but may be part of a wanted service. Users may decide to ignore such programs after review. Infected files detected h:\test\2006_1-2-3\bho\180search\d\zangohook.dll Claria.ScreenScenes Software Bundler more information... Details: Claria.ScreenScenes provides screensavers with a variety of features. This program also bundles the potentially unwanted software Claria.GAIN, which displays pop-up advertisements based on collected information. Status: Ignored Moderate threat - Moderate-risk items have some potential for harm, but may be part of a wanted service. Users may decide to ignore such programs after review. Infected files detected h:\test\2006_1-2-3\spyware\gator\h\bo1helper.exe Need2FindBar Adware more information... Status: Ignored Moderate threat - Moderate-risk items have some potential for harm, but may be part of a wanted service. Users may decide to ignore such programs after review. Infected files detected h:\test\2006_1-2-3\bho\need2find\a\nd2fnbar.dll Maxifiles Adware more information... Status: Ignored Moderate threat - Moderate-risk items have some potential for harm, but may be part of a wanted service. Users may decide to ignore such programs after review. Infected files detected h:\test\2006_1-2-3\trojan\agent\ru\services32.exe AdClicker.Bomka Trojan more information... Status: Ignored Moderate threat - Moderate-risk items have some potential for harm, but may be part of a wanted service. Users may decide to ignore such programs after review. Infected files detected h:\test\2006_1-2-3\bho\muchocool\b\gtrack.dll Claria.GAIN Adware more information... Details: Claria.GAIN displays pop-up advertisements based on collected information about you and your Web browsing activities. Claria.GAIN is bundled with advertisement-supported programs from Claria and other companies. Status: Ignored Moderate threat - Moderate-risk items have some potential for harm, but may be part of a wanted service. Users may decide to ignore such programs after review. Infected files detected h:\test\2006_1-2-3\spyware\gator\d\cmesys.exe h:\test\2006_1-2-3\spyware\gator\g\gmt.exe Hotbar Adware more information... Details: Hotbar adds graphical skins to Internet Explorer, Outlook, and Outlook Express, and also adds its own toolbar. Hotbar monitors all Web sites the user visits and displays pop-up ads. Status: Ignored Moderate threat - Moderate-risk items have some potential for harm, but may be part of a wanted service. Users may decide to ignore such programs after review. Infected files detected h:\test\2006_1-2-3\trojan\hotbar\p\hbthostie.dll h:\test\2006_1-2-3\trojan\hotbar\n\hbtoeaddon.exe KaZaA Under Investigation more information... Details: KaAaA is peer-to-peer file-sharing software that displays advertising and installs third-party adware on your computer. Status: Ignored Moderate threat - Moderate-risk items have some potential for harm, but may be part of a wanted service. Users may decide to ignore such programs after review. Infected files detected h:\test\2006_1-2-3\trojan\p2p\b\p2p networking.exe Detected Spyware Cookies No spyware cookies were found during this scan.