A
Alan Duncan
Spyware Scan Details
Start Date: 09/01/2005 02:00:36
End Date: 09/01/2005 02:21:50
Total Time: 21 mins 14 secs
Detected Threats
ShopAtHome Spyware more information...
Details: ShopAtHome installs itself in the Winsock layer
of your system and redirects your browser to merchant
sites to take advantage of the affiliate fees.
Status: Removed
Severe threat - Severe threats typically are remotely
exploitable vulnerabilities, which can lead to system
compromise. Successful exploitation does not normally
require any interaction and exploits are in the wild.
There exists a high possibility of potential system
damage or security flaw. Attacker has complete control
over your computer or install new software on your
machine.
Infected files detected
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078438.exe
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078441.exe
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078442.dll
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078443.dll
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078444.dll
eZula.WebOffer Adware more information...
Status: Removed
High threat - High risk threats typically are remotely
exploitable vulnerabilities, which can lead to system
compromise. Successful exploitation does not normally
require any interaction. May open up communication ports,
use polymorphic tactics, stealth installations, and/or
anti-spy counter measures. May us a security flaw in the
operating system to gain access to your computer.
Infected files detected
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078448.exe
NewDotNet Browser Plug-in more information...
Details: New.Net is an Internet Explorer redirection plug-
in that adds subdomains of new.net to your name
resolution system (Windows' Host file), resulting in what
appears to be extra top-level domains.
Status: Removed
High threat - High risk threats typically are remotely
exploitable vulnerabilities, which can lead to system
compromise. Successful exploitation does not normally
require any interaction. May open up communication ports,
use polymorphic tactics, stealth installations, and/or
anti-spy counter measures. May us a security flaw in the
operating system to gain access to your computer.
Infected files detected
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078447.exe
QuickSearch Toolbar Search Hijacker more information...
Details: QuickSearch Toolbar redirects Internet Explorers
search URLs to a specific Web site.
Status: Removed
Elevated threat - Elevated threats are usually threats
that fall into the range of adware in which data about a
user's habits are tracked and sent back to a server for
analysis without your consent or knowledge.
Infected files detected
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078445.exe
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078446.dll
Detected Spyware Cookies
No spyware cookies were found during this scan.
Start Date: 09/01/2005 02:00:36
End Date: 09/01/2005 02:21:50
Total Time: 21 mins 14 secs
Detected Threats
ShopAtHome Spyware more information...
Details: ShopAtHome installs itself in the Winsock layer
of your system and redirects your browser to merchant
sites to take advantage of the affiliate fees.
Status: Removed
Severe threat - Severe threats typically are remotely
exploitable vulnerabilities, which can lead to system
compromise. Successful exploitation does not normally
require any interaction and exploits are in the wild.
There exists a high possibility of potential system
damage or security flaw. Attacker has complete control
over your computer or install new software on your
machine.
Infected files detected
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078438.exe
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078441.exe
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078442.dll
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078443.dll
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078444.dll
eZula.WebOffer Adware more information...
Status: Removed
High threat - High risk threats typically are remotely
exploitable vulnerabilities, which can lead to system
compromise. Successful exploitation does not normally
require any interaction. May open up communication ports,
use polymorphic tactics, stealth installations, and/or
anti-spy counter measures. May us a security flaw in the
operating system to gain access to your computer.
Infected files detected
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078448.exe
NewDotNet Browser Plug-in more information...
Details: New.Net is an Internet Explorer redirection plug-
in that adds subdomains of new.net to your name
resolution system (Windows' Host file), resulting in what
appears to be extra top-level domains.
Status: Removed
High threat - High risk threats typically are remotely
exploitable vulnerabilities, which can lead to system
compromise. Successful exploitation does not normally
require any interaction. May open up communication ports,
use polymorphic tactics, stealth installations, and/or
anti-spy counter measures. May us a security flaw in the
operating system to gain access to your computer.
Infected files detected
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078447.exe
QuickSearch Toolbar Search Hijacker more information...
Details: QuickSearch Toolbar redirects Internet Explorers
search URLs to a specific Web site.
Status: Removed
Elevated threat - Elevated threats are usually threats
that fall into the range of adware in which data about a
user's habits are tracked and sent back to a server for
analysis without your consent or knowledge.
Infected files detected
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078445.exe
c:\system volume information\_restore{f367ac2d-f2dc-4dab-
bff1-1d3f7ffad5a3}\rp167\a0078446.dll
Detected Spyware Cookies
No spyware cookies were found during this scan.