Ad-Aware SE Build 1.06r1 Logfile Created on:Monday, December 05, 2005 12:15:55 AM Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R77 30.11.2005 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» AltnetBDE(TAC index:4):1 total references Malware.SpyAxe(TAC index:4):4 total references Tracking Cookie(TAC index:3):15 total references WinFixer(TAC index:3):4 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for low-risk threats Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 12-5-2005 12:15:55 AM - Scan started. (Full System Scan) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 552 ThreadCreationTime : 12-5-2005 3:42:31 AM BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 600 ThreadCreationTime : 12-5-2005 3:42:33 AM BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 624 ThreadCreationTime : 12-5-2005 3:42:34 AM BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 668 ThreadCreationTime : 12-5-2005 3:42:34 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Services and Controller app InternalName : services.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 680 ThreadCreationTime : 12-5-2005 3:42:34 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 860 ThreadCreationTime : 12-5-2005 3:42:37 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 908 ThreadCreationTime : 12-5-2005 3:42:37 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1016 ThreadCreationTime : 12-5-2005 3:42:37 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1076 ThreadCreationTime : 12-5-2005 3:42:38 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1204 ThreadCreationTime : 12-5-2005 3:42:39 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [lexbces.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1400 ThreadCreationTime : 12-5-2005 3:42:42 AM BasePriority : Normal FileVersion : 8.16 ProductVersion : 8.16 ProductName : MarkVision for Windows (32 bit) CompanyName : Lexmark International, Inc. FileDescription : LexBce Service InternalName : LexBce Service LegalCopyright : (C) 1993 - 2003 Lexmark International, Inc. OriginalFilename : LexBceS.exe #:12 [lexpps.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1432 ThreadCreationTime : 12-5-2005 3:42:42 AM BasePriority : Normal FileVersion : 8.16 ProductVersion : 8.16 ProductName : MarkVision for Windows (32 bit) CompanyName : Lexmark International, Inc. FileDescription : LEXPPS.EXE InternalName : LEXPPS LegalCopyright : (C) 1993 - 2003 Lexmark International, Inc. OriginalFilename : LEXPPS.EXE Comments : MarkVision for Windows '95 New P2P Server (32-bit) #:13 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1436 ThreadCreationTime : 12-5-2005 3:42:42 AM BasePriority : Normal FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) ProductVersion : 5.1.2600.2696 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:14 [mcdetect.exe] FilePath : c:\program files\mcafee.com\agent\ ProcessID : 1612 ThreadCreationTime : 12-5-2005 3:42:43 AM BasePriority : Normal FileVersion : 6, 0, 0, 19 ProductVersion : 6, 0, 0, 0 ProductName : McAfee SecurityCenter CompanyName : McAfee, Inc FileDescription : McAfee WSC Integration Service InternalName : McDetect LegalCopyright : Copyright © 2005 McAfee, Inc. OriginalFilename : McDetect.exe Comments : McAfee WSC Integration Service #:15 [mcshield.exe] FilePath : c:\PROGRA~1\mcafee.com\vso\ ProcessID : 1628 ThreadCreationTime : 12-5-2005 3:42:43 AM BasePriority : High #:16 [mctskshd.exe] FilePath : c:\PROGRA~1\mcafee.com\agent\ ProcessID : 1668 ThreadCreationTime : 12-5-2005 3:42:43 AM BasePriority : Normal FileVersion : 6, 0, 0, 13 ProductVersion : 6, 0, 0, 0 ProductName : McAfee SecurityCenter CompanyName : McAfee, Inc FileDescription : McAfee Task Scheduler InternalName : McTskshd LegalCopyright : Copyright © 2005 McAfee, Inc. OriginalFilename : McTskshd.exe #:17 [mdm.exe] FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\ ProcessID : 1836 ThreadCreationTime : 12-5-2005 3:42:47 AM BasePriority : Normal FileVersion : 7.00.9466 ProductVersion : 7.00.9466 ProductName : Microsoft® Visual Studio .NET CompanyName : Microsoft Corporation FileDescription : Machine Debug Manager InternalName : mdm.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : mdm.exe #:18 [mpfservice.exe] FilePath : C:\PROGRA~1\McAfee.com\PERSON~1\ ProcessID : 1852 ThreadCreationTime : 12-5-2005 3:42:48 AM BasePriority : Normal FileVersion : 7.1.0.113 ProductVersion : 7.1.0.113 ProductName : McAfee Personal Firewall CompanyName : McAfee Corporation FileDescription : McAfee Personal Firewall Service InternalName : MPFService LegalCopyright : Copyright © 2005 McAfee, Inc. All Rights Reserved. OriginalFilename : MpfService.exe Comments : McAfee Personal Firewall Service #:19 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1896 ThreadCreationTime : 12-5-2005 3:42:49 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:20 [wdfmgr.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1936 ThreadCreationTime : 12-5-2005 3:42:49 AM BasePriority : Normal FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act) ProductVersion : 5.2.3790.1230 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows User Mode Driver Manager InternalName : WdfMgr LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : WdfMgr.exe #:21 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1988 ThreadCreationTime : 12-5-2005 3:42:49 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:22 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 544 ThreadCreationTime : 12-5-2005 3:42:54 AM BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : EXPLORER.EXE #:23 [mssearchnet.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1136 ThreadCreationTime : 12-5-2005 3:43:00 AM BasePriority : Normal #:24 [nvctrl.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1252 ThreadCreationTime : 12-5-2005 3:43:01 AM BasePriority : Normal #:25 [mcagent.exe] FilePath : C:\PROGRA~1\mcafee.com\agent\ ProcessID : 1600 ThreadCreationTime : 12-5-2005 3:43:06 AM BasePriority : Normal FileVersion : 6, 0, 0, 16 ProductVersion : 6, 0, 0, 0 ProductName : McAfee SecurityCenter CompanyName : McAfee, Inc FileDescription : McAfee SecurityCenter Agent InternalName : mcagent LegalCopyright : Copyright © 2005 McAfee, Inc. OriginalFilename : mcagent.exe #:26 [rundll32.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1704 ThreadCreationTime : 12-5-2005 3:43:07 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Run a DLL as an App InternalName : rundll LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : RUNDLL.EXE #:27 [mm_tray.exe] FilePath : C:\Program Files\MUSICMATCH\Musicmatch Jukebox\ ProcessID : 1720 ThreadCreationTime : 12-5-2005 3:43:08 AM BasePriority : Normal FileVersion : 9.00.5059 ProductVersion : 9.00.5059 ProductName : Musicmatch Jukebox CompanyName : Musicmatch, Inc. FileDescription : mm_tray InternalName : mm_tray LegalCopyright : Copyright © Musicmatch 1998-2004 LegalTrademarks : OriginalFilename : mm_tray.exe #:28 [mcvsshld.exe] FilePath : C:\Program Files\McAfee.com\VSO\ ProcessID : 2056 ThreadCreationTime : 12-5-2005 3:43:10 AM BasePriority : Normal FileVersion : 10, 0, 0, 22 ProductVersion : 10, 0, 0, 0 ProductName : McAfee VirusScan CompanyName : McAfee, Inc. FileDescription : McAfee VirusScan ActiveShield Resource InternalName : McVsShld LegalCopyright : Copyright © 2005 McAfee, Inc. All Rights Reserved. OriginalFilename : McVsShld.exe Comments : McAfee VirusScan ActiveShield Resource #:29 [dlbkbmgr.exe] FilePath : C:\Program Files\Dell AIO Printer A920\ ProcessID : 2064 ThreadCreationTime : 12-5-2005 3:43:10 AM BasePriority : Normal FileVersion : 0.1.1.1 ProductVersion : 0.1.1.1 ProductName : Button Manager Executable CompanyName : Dell Computer Corporation FileDescription : Dell AIO Printer A920Button Manager InternalName : dlbkbmgr.exe OriginalFilename : dlbkbmgr.exe #:30 [mpftray.exe] FilePath : C:\PROGRA~1\McAfee.com\PERSON~1\ ProcessID : 2084 ThreadCreationTime : 12-5-2005 3:43:11 AM BasePriority : Normal FileVersion : 7.1.0.113 ProductVersion : 7.1.0.113 ProductName : McAfee Personal Firewall (MPF) CompanyName : McAfee Security FileDescription : McAfee Personal Firewall Tray Monitor InternalName : MpfTray LegalCopyright : Copyright © 2005 McAfee, Inc. All Rights Reserved. OriginalFilename : MPFTRAY.EXE Comments : Tray Icon for McAfee Personal Firewall #:31 [hkcmd.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2100 ThreadCreationTime : 12-5-2005 3:43:11 AM BasePriority : Normal FileVersion : 3.0.0.3889 ProductVersion : 7.0.0.3889 ProductName : Intel(R) Common User Interface CompanyName : Intel Corporation FileDescription : hkcmd Module InternalName : HKCMD LegalCopyright : Copyright 1999-2002, Intel Corporation OriginalFilename : HKCMD.EXE #:32 [qttask.exe] FilePath : C:\Program Files\QuickTime\ ProcessID : 2108 ThreadCreationTime : 12-5-2005 3:43:11 AM BasePriority : Normal FileVersion : 6.5 ProductVersion : QuickTime 6.5 ProductName : QuickTime CompanyName : Apple Computer, Inc. InternalName : QuickTime Task LegalCopyright : © Apple Computer, Inc. 2001-2004 OriginalFilename : QTTask.exe #:33 [oasclnt.exe] FilePath : C:\Program Files\McAfee.com\VSO\ ProcessID : 2116 ThreadCreationTime : 12-5-2005 3:43:12 AM BasePriority : Normal FileVersion : 10, 0, 0, 24 ProductVersion : 10, 0, 0, 0 ProductName : McAfee VirusScan CompanyName : McAfee, Inc. FileDescription : McAfee VirusScan OAS Client InternalName : OasClnt LegalCopyright : Copyright © 2005 McAfee, Inc. All Rights Reserved. OriginalFilename : OasClnt.exe Comments : McAfee VirusScan OAS Client #:34 [mmtask.exe] FilePath : C:\Program Files\MUSICMATCH\Musicmatch Jukebox\ ProcessID : 2124 ThreadCreationTime : 12-5-2005 3:43:12 AM BasePriority : Normal FileVersion : 9.0.0.1 ProductVersion : 9.0.0.1 ProductName : Musicmatch Jukebox CompanyName : Musicmatch Inc. FileDescription : InternalName : mmtask.exe LegalCopyright : (c) Musicmatch Inc.. All rights reserved. OriginalFilename : mmtask.exe #:35 [jusched.exe] FilePath : C:\Program Files\Java\jre1.5.0_05\bin\ ProcessID : 2140 ThreadCreationTime : 12-5-2005 3:43:12 AM BasePriority : Normal #:36 [mcvsescn.exe] FilePath : c:\progra~1\mcafee.com\vso\ ProcessID : 2136 ThreadCreationTime : 12-5-2005 3:43:12 AM BasePriority : Normal FileVersion : 10, 0, 0, 20 ProductVersion : 10, 0, 0, 0 ProductName : McAfee VirusScan CompanyName : McAfee, Inc. FileDescription : McAfee VirusScan E-mail Scan Module InternalName : mcvsescn LegalCopyright : Copyright © 2005 McAfee, Inc. All Rights Reserved. OriginalFilename : mcvsescn.EXE Comments : McAfee VirusScan E-mail Scan Module #:37 [dlbkbmon.exe] FilePath : C:\Program Files\Dell AIO Printer A920\ ProcessID : 2204 ThreadCreationTime : 12-5-2005 3:43:13 AM BasePriority : Normal FileVersion : 0.1.1.1 ProductVersion : 0.1.1.1 ProductName : Button Monitor Executable CompanyName : Dell Computer Corporation FileDescription : Dell AIO Printer A920Button Monitor InternalName : dlbkbmon.exe OriginalFilename : dlbkbmon.exe #:38 [ctfmon.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2220 ThreadCreationTime : 12-5-2005 3:43:13 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON.EXE #:39 [dsagnt.exe] FilePath : C:\Program Files\Dell Support\ ProcessID : 2344 ThreadCreationTime : 12-5-2005 3:43:16 AM BasePriority : Below Normal FileVersion : 1, 1, 0, 73 ProductVersion : 1, 1, 0, 73 ProductName : Dell Support CompanyName : Gteko Ltd. FileDescription : Dell Support InternalName : AUAgent LegalCopyright : Copyright (C) 2000 - 2004 Gteko Ltd. OriginalFilename : AUAgent.exe #:40 [ymsgr_tray.exe] FilePath : C:\PROGRA~1\Yahoo!\MESSEN~1\ ProcessID : 2996 ThreadCreationTime : 12-5-2005 3:43:43 AM BasePriority : Normal #:41 [alg.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 3028 ThreadCreationTime : 12-5-2005 3:43:44 AM BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:42 [mpfagent.exe] FilePath : C:\PROGRA~1\McAfee.com\PERSON~1\ ProcessID : 3292 ThreadCreationTime : 12-5-2005 3:44:09 AM BasePriority : Normal FileVersion : 7.1.0.113 ProductVersion : 7.1.0.113 ProductName : McAfee Personal Firewall (MPF) CompanyName : McAfee Security FileDescription : McAfee Personal Firewall Agent Interface InternalName : MpfAgent LegalCopyright : Copyright © 2005 McAfee, Inc. All Rights Reserved. OriginalFilename : MPFAGENT.EXE Comments : McAfee Personal Firewall Security Center Module #:43 [iexplore.exe] FilePath : C:\Program Files\Internet Explorer\ ProcessID : 1036 ThreadCreationTime : 12-5-2005 5:04:47 AM BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : iexplore LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : IEXPLORE.EXE #:44 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\ ProcessID : 3204 ThreadCreationTime : 12-5-2005 5:13:33 AM BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Malware.SpyAxe Object Recognized! Type : Regkey Data : TAC Rating : 4 Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : appid\{70f17c8c-1744-41b6-9d07-575db448dcc5} Malware.SpyAxe Object Recognized! Type : Regkey Data : TAC Rating : 4 Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{957bab51-81ff-8195-f273-d7e286ea702f} Malware.SpyAxe Object Recognized! Type : Regkey Data : TAC Rating : 4 Category : Malware Comment : Rootkey : HKEY_CLASSES_ROOT Object : typelib\{2bb3bcbf-411a-4c67-8e69-f4bb301dc333} AltnetBDE Object Recognized! Type : Regkey Data : TAC Rating : 4 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\altnet Malware.SpyAxe Object Recognized! Type : Regkey Data : TAC Rating : 4 Category : Data Miner Comment : Rootkey : HKEY_LOCAL_MACHINE Object : software\spyaxe Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 5 Objects found so far: 5 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 5 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : roberta@advertising[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:11 Value : Cookie:roberta@advertising.com/ Expires : 12-3-2010 1:08:46 AM LastSync : Hits:11 UseCount : 0 Hits : 11 Tracking Cookie Object Recognized! Type : IECache Entry Data : roberta@atdmt[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:2 Value : Cookie:roberta@atdmt.com/ Expires : 12-2-2010 7:00:00 PM LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : roberta@adserver[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:2 Value : Cookie:roberta@ads.revsci.net/adserver Expires : 1-4-2006 1:07:26 AM LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : roberta@servedby.netshelter[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:roberta@servedby.netshelter.net/ Expires : 12-11-2005 12:55:56 AM LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : roberta@adrevolver[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:2 Value : Cookie:roberta@adrevolver.com/ Expires : 12-3-2006 5:05:06 PM LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : roberta@ehg-bestbuy.hitbox[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:12 Value : Cookie:roberta@ehg-bestbuy.hitbox.com/ Expires : 12-5-2006 12:01:56 AM LastSync : Hits:12 UseCount : 0 Hits : 12 Tracking Cookie Object Recognized! Type : IECache Entry Data : roberta@hitbox[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:23 Value : Cookie:roberta@hitbox.com/ Expires : 12-5-2006 12:01:56 AM LastSync : Hits:23 UseCount : 0 Hits : 23 Tracking Cookie Object Recognized! Type : IECache Entry Data : roberta@doubleclick[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:3 Value : Cookie:roberta@doubleclick.net/ Expires : 12-3-2008 1:08:18 AM LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : roberta@trafficmp[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:6 Value : Cookie:roberta@trafficmp.com/ Expires : 12-4-2006 1:19:24 AM LastSync : Hits:6 UseCount : 0 Hits : 6 Tracking Cookie Object Recognized! Type : IECache Entry Data : roberta@adrevolver[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:5 Value : Cookie:roberta@media.adrevolver.com/adrevolver/ Expires : 8-25-2008 2:04:40 AM LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : roberta@realmedia[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:8 Value : Cookie:roberta@realmedia.com/ Expires : 12-31-2020 7:00:00 PM LastSync : Hits:8 UseCount : 0 Hits : 8 Tracking Cookie Object Recognized! Type : IECache Entry Data : roberta@bluestreak[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:7 Value : Cookie:roberta@bluestreak.com/ Expires : 12-1-2015 8:08:58 PM LastSync : Hits:7 UseCount : 0 Hits : 7 Tracking Cookie Object Recognized! Type : IECache Entry Data : roberta@tradedoubler[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:roberta@tradedoubler.com/ Expires : 11-29-2025 1:05:02 AM LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : roberta@mediaplex[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:2 Value : Cookie:roberta@mediaplex.com/ Expires : 6-21-2009 7:00:00 PM LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : roberta@casalemedia[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:18 Value : Cookie:roberta@casalemedia.com/ Expires : 11-24-2006 8:08:18 PM LastSync : Hits:18 UseCount : 0 Hits : 18 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 15 Objects found so far: 20 Deep scanning and examining files (C:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» WinFixer Object Recognized! Type : File Data : A0048112.dll TAC Rating : 3 Category : Misc Comment : Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP472\ FileVersion : 1.0.4.0 ProductVersion : 1.0.4.0 ProductName : Products Checker CompanyName : WinSoftware, Ltd. FileDescription : Products Checker InternalName : PCheck.dll LegalCopyright : 2005 (c) WinSoftware, Ltd. All rights reserved. OriginalFilename : PCheck.dll WinFixer Object Recognized! Type : File Data : A0048113.exe TAC Rating : 3 Category : Misc Comment : Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP472\ FileVersion : 1.0.1.0 ProductVersion : 1.0.1.0 WinFixer Object Recognized! Type : File Data : A0048114.sys TAC Rating : 3 Category : Misc Comment : Object : C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP472\ FileVersion : 1.0.2.0 ProductVersion : 1.0.2.0 CompanyName : WinSoftware Ltd FileDescription : File Creation Filter Driver LegalCopyright : Copyright (C) WinSoftware Ltd 2005 OriginalFilename : wff.sys Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 23 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 23 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» WinFixer Object Recognized! Type : Regkey Data : TAC Rating : 3 Category : Misc Comment : Rootkey : HKEY_CURRENT_USER Object : software\microsoft\windows\currentversion\explorer\bitbucket\c Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 1 Objects found so far: 24 12:35:39 AM Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:19:43.812 Objects scanned:146206 Objects identified:24 Objects ignored:0 New critical objects:24