Logfile Created on:Friday, April 22, 2005 12:19:08 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R40 20.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
CoolWebSearch(TAC index:10):4 total references
Ebates MoneyMaker(TAC index:4):7 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R40 20.04.2005
Internal build : 47
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 461235 Bytes
Total size : 1395231 Bytes
Signature data size : 1364710 Bytes
Reference data size : 30009 Bytes
Signatures total : 38921
Fingerprints total : 813
Fingerprints size : 29073 Bytes
Target categories : 15
Target families : 650
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:24 %
Total physical memory:122352 kb
Available physical memory:29000 kb
Total page file size:295592 kb
Available on page file:63508 kb
Total virtual memory:2097024 kb
Available virtual memory:2046324 kb
OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)
Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects
4-22-2005 12:19:08 PM - Scan started. (Full System Scan)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 360
ThreadCreationTime : 4-22-2005 5:12:49 PM
BasePriority : Normal
#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 416
ThreadCreationTime : 4-22-2005 5:12:51 PM
BasePriority : Normal
#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 444
ThreadCreationTime : 4-22-2005 5:12:58 PM
BasePriority : High
#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 488
ThreadCreationTime : 4-22-2005 5:12:58 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 500
ThreadCreationTime : 4-22-2005 5:12:58 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch
ProcessID : 644
ThreadCreationTime : 4-22-2005 5:12:59 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 692
ThreadCreationTime : 4-22-2005 5:13:00 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 728
ThreadCreationTime : 4-22-2005 5:13:00 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 780
ThreadCreationTime : 4-22-2005 5:13:01 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 864
ThreadCreationTime : 4-22-2005 5:13:01 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1132
ThreadCreationTime : 4-22-2005 5:13:03 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [explorer.exe]
ModuleName : C:\WINDOWS\explorer.exe
Command Line : "C:\WINDOWS\explorer.exe"
ProcessID : 1244
ThreadCreationTime : 4-22-2005 5:13:04 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:13 [taskmgru.exe]
ModuleName : C:\WINDOWS\system32\TASKMGRU.EXE
Command Line : "C:\WINDOWS\system32\TASKMGRU.EXE" open
ProcessID : 1344
ThreadCreationTime : 4-22-2005 5:13:05 PM
BasePriority : Normal
#:14 [msimn32.exe]
ModuleName : C:\WINDOWS\system32\MSIMN32.EXE
Command Line : "C:\WINDOWS\system32\MSIMN32.EXE" open
ProcessID : 1352
ThreadCreationTime : 4-22-2005 5:13:05 PM
BasePriority : Normal
#:15 [00thotkey.exe]
ModuleName : C:\WINDOWS\System32\00THotkey.exe
Command Line : "C:\WINDOWS\System32\00THotkey.exe"
ProcessID : 1400
ThreadCreationTime : 4-22-2005 5:13:06 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 0
ProductVersion : 1, 0, 0, 0
ProductName : TOSHIBA THotkey
CompanyName : TOSHIBA Corp.
FileDescription : THotkey
InternalName : THotkey
LegalCopyright : Copyright © 1999
OriginalFilename : THotkey.exe
#:16 [tfncky.exe]
ModuleName : C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
Command Line : "C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe" /Type 10
ProcessID : 1408
ThreadCreationTime : 4-22-2005 5:13:06 PM
BasePriority : Normal
FileVersion : 2.15
ProductVersion : 2.15
ProductName : TFncKy
CompanyName : Toshiba Corporation
FileDescription : TFncKy
InternalName : TFncKy
LegalCopyright : Copyright 1997-2000 Toshiba Corporation. All rights reserved.
OriginalFilename : TFncKy.EXE
#:17 [tpwrtray.exe]
ModuleName : C:\WINDOWS\system32\TPWRTRAY.EXE
Command Line : "C:\WINDOWS\system32\TPWRTRAY.EXE"
ProcessID : 1432
ThreadCreationTime : 4-22-2005 5:13:06 PM
BasePriority : Normal
FileVersion : 4. 0. 0. 0
ProductVersion : 4. 0. 0. 0
ProductName : TOSHIBA Power Saver
CompanyName : TOSHIBA Corporation
FileDescription : TOSHIBA Power Saver
InternalName : Tpwrtray
LegalCopyright : Copyright 1999-2001 TOSHIBA Corporation.
OriginalFilename : Tpwrtray.exe
Comments : TOSHIBA Power Saver
#:18 [em_exec.exe]
ModuleName : C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
Command Line : "C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE"
ProcessID : 1440
ThreadCreationTime : 4-22-2005 5:13:06 PM
BasePriority : Normal
FileVersion : 9.40.139
ProductVersion : 9.40
ProductName : MouseWare
CompanyName : Logitech Inc.
FileDescription : Control Center
InternalName : EM_EXEC
LegalCopyright : Copyright © Logitech Inc. 1987-2001.
LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc.
OriginalFilename : EM_EXEC.CPP
Comments : Created by the MouseWare Team
#:19 [msmsgs.exe]
ModuleName : C:\Program Files\Messenger\msmsgs.exe
Command Line : "C:\Program Files\Messenger\msmsgs.exe" /background
ProcessID : 1464
ThreadCreationTime : 4-22-2005 5:13:07 PM
BasePriority : Normal
FileVersion : 4.7.3000
ProductVersion : Version 4.7.3000
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe
#:20 [taskmgru.exe]
ModuleName : C:\WINDOWS\system32\TASKMGRU.EXE
Command Line : "C:\WINDOWS\system32\TASKMGRU.EXE"
ProcessID : 1472
ThreadCreationTime : 4-22-2005 5:13:07 PM
BasePriority : Normal
#:21 [msimn32.exe]
ModuleName : C:\WINDOWS\system32\MSIMN32.EXE
Command Line : "C:\WINDOWS\system32\MSIMN32.EXE"
ProcessID : 1480
ThreadCreationTime : 4-22-2005 5:13:07 PM
BasePriority : Normal
#:22 [swdoctor.exe]
ModuleName : C:\Program Files\Spyware Doctor\swdoctor.exe
Command Line : "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
ProcessID : 1520
ThreadCreationTime : 4-22-2005 5:13:09 PM
BasePriority : Normal
FileVersion : 3.2.0.3421
ProductVersion : 3.1
ProductName : Spyware Doctor
CompanyName : PCTools
FileDescription : Spyware Doctor
InternalName : Spyware Doctor
LegalCopyright : Copyright © 2004. Distributed by PC Tools Pty Ltd
OriginalFilename : swdr.exe
#:23 [hotsync.exe]
ModuleName : C:\Palm\HOTSYNC.EXE
Command Line : "C:\Palm\HOTSYNC.EXE"
ProcessID : 1700
ThreadCreationTime : 4-22-2005 5:13:15 PM
BasePriority : Normal
FileVersion : 4.0
ProductVersion : 4.0
ProductName : HotSync® Manager, Palm Desktop
CompanyName : Palm, Inc.
FileDescription : HotSync® Manager Application
InternalName : HotSync®
LegalCopyright : Copyright © 1995-2001 Palm, Inc.
LegalTrademarks : HotSync® is a registered trademark of Palm, Inc.
OriginalFilename : Hotsync.exe
#:24 [config.exe]
ModuleName : C:\Program Files\Linksys\Configuration Utility\Config.exe
Command Line : "C:\Program Files\Linksys\Configuration Utility\Config.exe"
ProcessID : 1716
ThreadCreationTime : 4-22-2005 5:13:15 PM
BasePriority : Normal
FileVersion : 1.07.29
ProductVersion : 1.07.29.1032
ProductName : PRISM Wireless LAN
CompanyName : LINKSYS Corporation
FileDescription : PRISM Status Tray Applet
InternalName : [email protected]
LegalCopyright : Copyright © 2001, LINKSYS Corporation
OriginalFilename : PRISMSTA.exe
Comments : Developed by TriplePoint, Inc. <www.TriplePoint.com>
#:25 [alarmapp.exe]
ModuleName : C:\Palm\AlarmApp.exe
Command Line : "C:\Palm\AlarmApp.exe"
ProcessID : 1724
ThreadCreationTime : 4-22-2005 5:13:16 PM
BasePriority : Normal
FileVersion : 4.0.1
ProductVersion : 4.0.1
ProductName : Palm Desktop
CompanyName : Palm, Inc.
FileDescription : Alarm Application
LegalCopyright : © 2000-2001 Palm, Inc.
#:26 [netdevsw.exe]
ModuleName : C:\Program Files\TOSHIBA\NetDevSW\NetDevSW.exe
Command Line : "C:\Program Files\TOSHIBA\NetDevSW\NetDevSW.exe"
ProcessID : 1732
ThreadCreationTime : 4-22-2005 5:13:17 PM
BasePriority : Normal
#:27 [spysub.exe]
ModuleName : C:\Program Files\InterMute\SpySubtract\SpySub.exe
Command Line : "C:\Program Files\InterMute\SpySubtract\SpySub.exe" -autostart
ProcessID : 1740
ThreadCreationTime : 4-22-2005 5:13:17 PM
BasePriority : Normal
FileVersion : 1, 0, 1, 49
ProductVersion : 2.60
ProductName : SpySubtract
CompanyName : InterMute, Inc.
FileDescription : SpySubtract Program EXE
InternalName : SpySub.exe
LegalCopyright : Copyright © 2004 InterMute, Inc. All rights reserved.
OriginalFilename : SpySub.exe
#:28 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 1096
ThreadCreationTime : 4-22-2005 5:14:39 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:29 [wscntfy.exe]
ModuleName : C:\WINDOWS\system32\wscntfy.exe
Command Line : C:\WINDOWS\system32\wscntfy.exe
ProcessID : 1208
ThreadCreationTime : 4-22-2005 5:14:43 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Security Center Notification App
InternalName : wscntfy.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wscntfy.exe
#:30 [wuauclt.exe]
ModuleName : C:\WINDOWS\system32\wuauclt.exe
Command Line : "C:\WINDOWS\system32\wuauclt.exe"
ProcessID : 144
ThreadCreationTime : 4-22-2005 5:15:17 PM
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe
#:31 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k HTTPFilter
ProcessID : 852
ThreadCreationTime : 4-22-2005 5:15:49 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:32 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 2128
ThreadCreationTime : 4-22-2005 5:17:00 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{0b6ef17e-18e5-4449-86ea-64c82d596eae}
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{0b6ef17e-18e5-4449-86ea-64c82d596eae}
Value :
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{b1e68d42-02c4-465b-8368-5ed9b732e22d}
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{b1e68d42-02c4-465b-8368-5ed9b732e22d}
Value :
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "AC"
Rootkey : HKEY_USERS
Object : S-1-5-21-1801674531-854245398-1708537768-1004\software\lq
Value : AC
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 5
Objects found so far: 5
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 5
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 5
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 5
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 5
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ebates MoneyMaker Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : TM
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : U
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AD
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : AC
Ebates MoneyMaker Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\lq
Value : I
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 6
Objects found so far: 11
12:33:49 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:14:41.488
Objects scanned:114193
Objects identified:11
Objects ignored:0
New critical objects:11