Well, I did that - uninstalled Ad-Aware. ReDownloaded it. Installed it. Cleared out all TEMP folders and temp internet files, etc..... Manually configured as per instructions. Launched it and it ran for 15 min and went to sleep again. I let it run undisturbed for over 30 minutes and it never blinked.
How can I tell what module it is scanning at the time it goes into self hypnosis? Is there a way to skip the "CONDITIONAL SCANS", so that it might go ahead and complete the remainder ?
The Ad-Aware window looks like this.....
___________________________________________________________
Performing System Scan
Current Operation
Performing conditional scans....................... Objects Scanned 99171
> Busy............................... ||||||
Summary
...26 Running Processes.............................. 0 Processes Identified
.588 Process Modules.................................. 0 Modules Identified
.....................................................................2 Registry Keys Identified
...17 Objects Recognized............................ 12 Registry Values Identified
.....0 Objects Ignored................................... 3 Files Identified
...17 New Critical Objects............................. 0 Folders Identified
Now scanning, click "Cancel" to stop
____________________________________________________________
Now I look like this:.... . . .
. . . .
. . . .
And the Ad-Aware Logfile looks like this now....
Ad-Aware SE Build 1.05
Logfile Created on:Tuesday, April 05, 2005 8:45:23 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R36 01.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R36 01.04.2005
Internal build : 43
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\defs.ref
File size : 438128 Bytes
Total size : 1378904 Bytes
Signature data size : 1348736 Bytes
Reference data size : 29656 Bytes
Signatures total : 38426
Fingerprints total : 758
Fingerprints size : 28416 Bytes
Target categories : 15
Target families : 644
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:39 %
Total physical memory:261092 kb
Available physical memory:32012 kb
Total page file size:1836056 kb
Available on page file:1703660 kb
Total virtual memory:2093056 kb
Available virtual memory:2043520 kb
OS:Microsoft Windows 98 SE
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Move deleted files to Recycle Bin
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
4-5-05 8:45:23 PM - Scan started. (Custom mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [KERNEL32.DLL]
ModuleName : C:\WINDOWS\SYSTEM\KERNEL32.DLL
Command Line : n/a
ProcessID : 4291783471
Threads : 8
Priority : High
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
LegalCopyright : Copyright © Microsoft Corp. 1991-1999
OriginalFilename : KERNEL32.DLL
#:2 [MSGSRV32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MSGSRV32.EXE
Command Line : n/a
ProcessID : 4294912883
Threads : 1
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
LegalCopyright : Copyright © Microsoft Corp. 1992-1998
OriginalFilename : MSGSRV32.EXE
#:3 [SPOOL32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\SPOOL32.EXE
Command Line : C:\WINDOWS\SYSTEM\spool32.exe
ProcessID : 4294910827
Threads : 3
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler Sub System Process
InternalName : spool32
LegalCopyright : Copyright © Microsoft Corp. 1994 - 1998
OriginalFilename : spool32.exe
#:4 [MPREXE.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MPREXE.EXE
Command Line : C:\WINDOWS\SYSTEM\MPREXE.EXE
ProcessID : 4294956699
Threads : 1
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
LegalCopyright : Copyright © Microsoft Corp. 1993-1998
OriginalFilename : MPREXE.EXE
#:5 [CCEVTMGR.EXE]
ModuleName : C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE
Command Line : "c:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
ProcessID : 4294841195
Threads : 21
Priority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:6 [CCSETMGR.EXE]
ModuleName : C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE
Command Line : "c:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
ProcessID : 4294852063
Threads : 5
Priority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe
#:7 [MSTASK.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MSTASK.EXE
Command Line : mstask.exe
ProcessID : 4294892443
Threads : 2
Priority : Normal
FileVersion : 4.71.1972.1
ProductVersion : 4.71.1972.1
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright © Microsoft Corp. 2000
OriginalFilename : mstask.exe
#:8 [KB891711.EXE]
ModuleName : c:\windows\SYSTEM\KB891711\KB891711.EXE
Command Line : n/a
ProcessID : 4294901103
Threads : 1
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows KB891711 component
InternalName : KB891711
LegalCopyright : Copyright © Microsoft Corp. 1991-2005
OriginalFilename : KB891711.EXE
#:9 [mmtask.tsk]
ModuleName : C:\WINDOWS\SYSTEM\mmtask.tsk
Command Line : n/a
ProcessID : 4294861923
Threads : 1
Priority : Normal
FileVersion : 4.03.1998
ProductVersion : 4.03.1998
ProductName : Microsoft Windows
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
LegalCopyright : Copyright © Microsoft Corp. 1991-1998
OriginalFilename : mmtask.tsk
#:10 [TASKMON.EXE]
ModuleName : C:\WINDOWS\TASKMON.EXE
Command Line : "C:\windows\taskmon.exe"
ProcessID : 4294780543
Threads : 1
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Task Monitor
InternalName : TaskMon
LegalCopyright : Copyright © Microsoft Corp. 1998
OriginalFilename : TASKMON.EXE
#:11 [SYSTRAY.EXE]
ModuleName : C:\WINDOWS\SYSTEM\SYSTRAY.EXE
Command Line : "C:\WINDOWS\SYSTEM\SysTray.Exe"
ProcessID : 4294870787
Threads : 1
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : System Tray Applet
InternalName : SYSTRAY
LegalCopyright : Copyright © Microsoft Corp. 1993-1998
OriginalFilename : SYSTRAY.EXE
#:12 [AHQTB.EXE]
ModuleName : C:\PROGRAM FILES\CREATIVE\SBLIVE\AUDIOHQ\AHQTB.EXE
Command Line : "C:\Program Files\Creative\SBLive\AudioHQ\AHQTB.EXE"
ProcessID : 4294730883
Threads : 1
Priority : Normal
FileVersion : 1.0.185
ProductVersion : 1.0.185
ProductName : AudioHQ
CompanyName : Creative Technology Ltd.
FileDescription : Creative AudioHQ
InternalName : AHQTaskBar
LegalCopyright : Copyright © Creative Technology Ltd. 1997-1999
OriginalFilename : AHQTb.exe
Comments : Creative AudioHQ
#:13 [DIRECTCD.EXE]
ModuleName : C:\PROGRAM FILES\ADAPTEC\DIRECTCD\DIRECTCD.EXE
Command Line : "C:\PROGRA~1\ADAPTEC\DIRECTCD\DIRECTCD.EXE"
ProcessID : 4294708767
Threads : 1
Priority : Normal
FileVersion : 3.01 (162)
ProductVersion : 3.01 (162)
ProductName : DirectCD
CompanyName : Adaptec
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright © 1996-2000 Adaptec, Inc.
OriginalFilename : DirectCD.EXE
#:14 [POINT32.EXE]
ModuleName : C:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\POINT32.EXE
Command Line : "C:\Program Files\Microsoft Hardware\Mouse\point32.exe"
ProcessID : 4294757395
Threads : 1
Priority : Normal
#:15 [HPSJVXD.EXE]
ModuleName : C:\WINDOWS\SYSTEM\HPSJVXD.EXE
Command Line : "C:\windows\SYSTEM\hpsjvxd.exe"
ProcessID : 4294742523
Threads : 1
Priority : Normal
#:16 [STIMON.EXE]
ModuleName : C:\WINDOWS\SYSTEM\STIMON.EXE
Command Line : "C:\WINDOWS\SYSTEM\STIMON.EXE"
ProcessID : 4294753543
Threads : 3
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Still Image Devices Monitor
InternalName : STIMON
LegalCopyright : Copyright © Microsoft Corp. 1996-1998
OriginalFilename : STIMON.EXE
#:17 [HPZTSB05.EXE]
ModuleName : C:\WINDOWS\SYSTEM\HPZTSB05.EXE
Command Line : "C:\WINDOWS\SYSTEM\hpztsb05.exe"
ProcessID : 4294747751
Threads : 1
Priority : Normal
FileVersion : 2,126,0,0
ProductVersion : 2,126,0,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright © Hewlett-Packard Company 1999-2002
#:18 [HPHMON04.EXE]
ModuleName : C:\WINDOWS\SYSTEM\HPHMON04.EXE
Command Line : "C:\WINDOWS\SYSTEM\HPHMON04.EXE"
ProcessID : 4294827803
Threads : 5
Priority : Normal
FileVersion : 4,0,34
ProductVersion : 4,0,34
ProductName : hp photosmart
CompanyName : Hewlett-Packard
FileDescription : HPHmon04
InternalName : HPHmon04
LegalCopyright : Copyright © 2001
OriginalFilename : HPHmon04.exe
#:19 [HPGS2WND.EXE]
ModuleName : C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WND.EXE
Command Line : "C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe"
ProcessID : 4294869715
Threads : 3
Priority : Normal
FileVersion : 2,3,0,0\ 161
ProductVersion : 2,3,0,0\ 161
ProductName : Hewlett-Packard hpgs2wnd
CompanyName : Hewlett-Packard
FileDescription : hpgs2wnd
InternalName : hpgs2wnd
LegalCopyright : Copyright © 2001
OriginalFilename : hpgs2wnd.exe
#:20 [SYMLCSVC.EXE]
ModuleName : C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
Command Line : "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe" start
ProcessID : 4294670519
Threads : 1
Priority : Normal
FileVersion : 1, 8, 48, 77
ProductVersion : 1, 8, 48, 77
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe
#:21 [CCAPP.EXE]
ModuleName : C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE
Command Line : "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
ProcessID : 4294741551
Threads : 27
Priority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:22 [HPGS2WNF.EXE]
ModuleName : C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
Command Line : C:\PROGRA~1\HEWLET~1\HPSHAR~1\HPGS2WNF.EXE -Embedding
ProcessID : 4294644911
Threads : 2
Priority : Normal
FileVersion : 2, 6, 0, 161
ProductVersion : 2, 6, 0, 161
ProductName : hpgs2wnf Module
FileDescription : hpgs2wnf Module
InternalName : hpgs2wnf
LegalCopyright : Copyright 2001
OriginalFilename : hpgs2wnf.EXE
#:23 [CREATECD.EXE]
ModuleName : C:\PROGRAM FILES\ADAPTEC\EASY CD CREATOR 4\CREATECD\CREATECD.EXE
Command Line : "C:\PROGRA~1\ADAPTEC\EASYCD~1\CREATECD\CREATECD.EXE" -r
ProcessID : 4294606547
Threads : 11
Priority : Normal
FileVersion : 4.02S (286)
ProductVersion : 4.02S (286)
ProductName : Easy CD Creator
CompanyName : Adaptec
FileDescription : Adaptec Create CD
InternalName : createcd.exe
LegalCopyright : Copyright © 1996-2000 Adaptec, Inc.
OriginalFilename : createcd.exe
#:24 [HPHIPM11.EXE]
ModuleName : C:\WINDOWS\SYSTEM\HPHIPM11.EXE
Command Line : HPHipm11.exe
ProcessID : 4294619787
Threads : 1
Priority : Normal
FileVersion : 4, 5, 0, 770
ProductVersion : 4, 5, 0, 770
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-Packard Company
OriginalFilename : PmlDrv.exe
#:25 [EXPLORER.EXE]
ModuleName : C:\WINDOWS\EXPLORER.EXE
Command Line : C:\WINDOWS\Explorer.exe
ProcessID : 4294798531
Threads : 24
Priority : Normal
FileVersion : 4.72.3110.1
ProductVersion : 4.72.3110.1
ProductName : Microsoft® Windows NT® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-1997
OriginalFilename : EXPLORER.EXE
#:26 [DDHELP.EXE]
ModuleName : C:\WINDOWS\SYSTEM\DDHELP.EXE
Command Line : ddhelp.exe
ProcessID : 4294341555
Threads : 3
Priority : Realtime
FileVersion : 4.09.00.0900
ProductVersion : 4.09.00.0900
ProductName : Microsoft® DirectX for Windows®
CompanyName : Microsoft Corporation
FileDescription : Microsoft DirectX Helper
InternalName : DDHelp.exe
LegalCopyright : Copyright © Microsoft Corp. 1994-2002
OriginalFilename : DDHelp.exe
#:27 [PSTORES.EXE]
ModuleName : C:\WINDOWS\SYSTEM\PSTORES.EXE
Command Line : C:\WINDOWS\SYSTEM\PSTORES.EXE
ProcessID : 4294526435
Threads : 3
Priority : Normal
FileVersion : 5.00.1877.3
ProductVersion : 5.00.1877.3
ProductName : Microsoft® Windows NT® Operating System
CompanyName : Microsoft Corporation
FileDescription : Protected storage server
InternalName : Protected storage server
LegalCopyright : Copyright © Microsoft Corp. 1981-1998
OriginalFilename : Protected storage server
#:28 [AD-AWARE.EXE]
ModuleName : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\AD-AWARE.EXE
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 4294504951
Threads : 3
Priority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
SahAgent Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\70tovmto
SahAgent Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\70tovmto
Value : DisplayName
SahAgent Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\70tovmto
Value : UninstallString
Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 4
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Win32.Swen.A Object Recognized!
Type : Regkey
Data : by Begbie
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\RHZHT
Win32.Swen.A Object Recognized!
Type : RegValue
Data : by Begbie
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\RHZHT
Value : Install Item
Win32.Swen.A Object Recognized!
Type : RegValue
Data : by Begbie
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\RHZHT
Value : Unfile
Win32.Swen.A Object Recognized!
Type : RegValue
Data : by Begbie
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\RHZHT
Value : CacheBox Outfit
Win32.Swen.A Object Recognized!
Type : RegValue
Data : by Begbie
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\RHZHT
Value : ZipName
Win32.Swen.A Object Recognized!
Type : RegValue
Data : by Begbie
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\RHZHT
Value : Email Address
Win32.Swen.A Object Recognized!
Type : RegValue
Data : by Begbie
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\RHZHT
Value : Server
Win32.Swen.A Object Recognized!
Type : RegValue
Data : by Begbie
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\RHZHT
Value : VicName
Win32.Swen.A Object Recognized!
Type : RegValue
Data : by Begbie
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\RHZHT
Value : Installed
Win32.Swen.A Object Recognized!
Type : RegValue
Data : by Begbie
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\RHZHT
Value : Counter Visited
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 10
Objects found so far: 14
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\9.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\9.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\9.0\excel\recent files
Description : list of recent files used by microsoft excel
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\9.0\publisher\recent file list
Description : list of recent files used by microsoft publisher
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : .DEFAULT\software\creative tech\creative wavestudio\settings
Description : list of recently used directories in creative wavestudio
MRU List Object Recognized!
Location: : .DEFAULT\software\jasc\paint shop pro 7\recent file list
Description : list of recently used files in jasc paint shop pro
MRU List Object Recognized!
Location: : .DEFAULT\software\smartftp\connection data
Description : list of recently accessed servers using smartftp
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : .DEFAULT\software\jasc\paint shop pro 7\general
Description : last save as directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : .DEFAULT\software\smartftp\localview
Description : list of local views in smartftp
MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\fileconv
Description : file conversion location settings in musicmatch jukebox
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\doc find spec mru
Description : list of recently used search terms for locating files using the microsoft windows operating system
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : C:\WINDOWS\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 31
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 31
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 31
Possible Browser Hijack attempt Object Recognized!
Type : File
Data : MSN Search member directory.url
Category : Misc
Comment : Problematic URL discovered:
http://auto.search.m...embersdirectory Object : C:\WINDOWS\Favorites\
Possible Browser Hijack attempt Object Recognized!
Type : File
Data : Reverse Phone Lookup - SMARTPages.url
Category : Misc
Comment : Problematic URL discovered:
http://smartpages.in...rt/revphone.htm Object : C:\WINDOWS\Favorites\Quick Ref Info\
Possible Browser Hijack attempt Object Recognized!
Type : File
Data : CarsDirect.com --- 5 stars.url
Category : Misc
Comment : Problematic URL discovered:
http://www.carsdirect.com/home Object : C:\WINDOWS\Favorites\Cars\
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
<STOP>