i am posting the adaware log. i also have the hijack-this log if needed.
thanks alot i appreciate the help!
Lavasoft Ad-Aware Personal Build 1.03
Logfile Created on:Saturday, April 23, 2005 4:23:24 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R40 20.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
BookedSpace(TAC index:10):10 total references.
MRU List(TAC index:0):6 total references.
Tracking Cookie(TAC index:3):13 total references.
Windows(TAC index:3):1 total references.
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Prior to deletion, allow unloading Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Backup current definition file before updating
Set : Play sound at scan completion if scan locates critical objects
4-23-2005 4:23:24 PM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1715567821-179605362-839522115-1004\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1715567821-179605362-839522115-1004\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-1715567821-179605362-839522115-1004\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 672
ThreadCreationTime : 4-23-2005 6:25:54 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 720
ThreadCreationTime : 4-23-2005 6:25:56 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 748
ThreadCreationTime : 4-23-2005 6:25:58 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 792
ThreadCreationTime : 4-23-2005 6:25:58 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 804
ThreadCreationTime : 4-23-2005 6:25:58 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [ati2evxx.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 956
ThreadCreationTime : 4-23-2005 6:25:58 PM
BasePriority : Normal
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 996
ThreadCreationTime : 4-23-2005 6:25:58 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1020
ThreadCreationTime : 4-23-2005 6:25:59 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1164
ThreadCreationTime : 4-23-2005 6:25:59 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1192
ThreadCreationTime : 4-23-2005 6:25:59 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1396
ThreadCreationTime : 4-23-2005 6:26:00 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1728
ThreadCreationTime : 4-23-2005 6:26:07 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:13 [aolacsd.exe]
FilePath : C:\Program Files\Common Files\AOL\ACS\
ProcessID : 1744
ThreadCreationTime : 4-23-2005 6:26:07 PM
BasePriority : Normal
FileVersion : 3.0.0.1
ProductVersion : 3.0.0.1
ProductName : AOL Connectivity Service
CompanyName : America Online
FileDescription : AOL Connectivity Service
InternalName : AOLacsd
LegalCopyright : Copyright © 2004 America Online
OriginalFilename : AOLacsd.exe
#:14 [aoltsmon.exe]
FilePath : C:\Program Files\Common Files\AOL\TopSpeed\2.0\
ProcessID : 1768
ThreadCreationTime : 4-23-2005 6:26:07 PM
BasePriority : Normal
FileVersion : 2, 0, 0, 0
ProductVersion : 2, 0, 0, 0
ProductName : AOL TopSpeed Monitor
CompanyName : America Online, Inc
FileDescription : AOL TopSpeed Monitor
InternalName : AOL TopSpeed Monitor
LegalCopyright : Copyright © 2004 America Online, Inc.
OriginalFilename : aoltsmon.exe
#:15 [aoltpspd.exe]
FilePath : C:\Program Files\Common Files\AOL\TopSpeed\2.0\
ProcessID : 1804
ThreadCreationTime : 4-23-2005 6:26:07 PM
BasePriority : Normal
FileVersion : 2, 0, 0, 0
ProductVersion : 2, 0, 0, 0
ProductName : AOL TopSpeed
CompanyName : America Online Inc
FileDescription : AOL TopSpeed
InternalName : AOL TopSpeed Loader
LegalCopyright : Copyright © 2003-2004
LegalTrademarks : AOL TopSpeed
OriginalFilename : aoltpspd.exe
#:16 [gearsec.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1832
ThreadCreationTime : 4-23-2005 6:26:08 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 6
ProductVersion : 1, 0, 0, 6
ProductName : gearsec
CompanyName : GEAR Software
FileDescription : gearsec
InternalName : gearsec
LegalCopyright : Copyright © 2001-2003 GEAR Software
OriginalFilename : gearsec.exe
#:17 [mcvsrte.exe]
FilePath : c:\PROGRA~1\mcafee.com\vso\
ProcessID : 1852
ThreadCreationTime : 4-23-2005 6:26:08 PM
BasePriority : Normal
FileVersion : 8, 0, 0, 12
ProductVersion : 8, 0, 0, 0
ProductName : McAfee VirusScan
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee VirusScan Real-time Engine
InternalName : mcvsrte
LegalCopyright : Copyright © 1998-2003 Networks Associates Technology, Inc
OriginalFilename : mcvsrte.exe
Comments : McAfee VirusScan Real-time Engine
#:18 [smagent.exe]
FilePath : C:\Program Files\Analog Devices\SoundMAX\
ProcessID : 1888
ThreadCreationTime : 4-23-2005 6:26:08 PM
BasePriority : Normal
FileVersion : 3, 2, 6, 0
ProductVersion : 3, 2, 6, 0
ProductName : SoundMAX service agent
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX service agent component
InternalName : SMAgent
LegalCopyright : Copyright © 2002
OriginalFilename : SMAgent.exe
#:19 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1912
ThreadCreationTime : 4-23-2005 6:26:08 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:20 [wdfmgr.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1944
ThreadCreationTime : 4-23-2005 6:26:08 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:21 [wanmpsvc.exe]
FilePath : C:\WINDOWS\
ProcessID : 2040
ThreadCreationTime : 4-23-2005 6:26:10 PM
BasePriority : Normal
FileVersion : 9, 0, 0, 0
ProductVersion : 9, 0, 0, 0
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : Wan Miniport (ATW) Service
InternalName : WanMPSvc
LegalCopyright : Copyright © 2001 America Online, Inc.
OriginalFilename : WanMPSvc.exe
#:22 [ati2evxx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 440
ThreadCreationTime : 4-23-2005 6:26:13 PM
BasePriority : Normal
#:23 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 508
ThreadCreationTime : 4-23-2005 6:26:13 PM
BasePriority : Normal
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:24 [mcshield.exe]
FilePath : c:\PROGRA~1\mcafee.com\vso\
ProcessID : 1492
ThreadCreationTime : 4-23-2005 6:26:24 PM
BasePriority : High
#:25 [apoint.exe]
FilePath : C:\Program Files\Apoint2K\
ProcessID : 1552
ThreadCreationTime : 4-23-2005 6:26:25 PM
BasePriority : Normal
FileVersion : 5.3.10.177
ProductVersion : 5.3.10.177
ProductName : Alps Pointing-device Driver
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver
InternalName : Alps Pointing-device Driver
LegalCopyright : Copyright © 1999-2003 Alps Electric Co., Ltd.
OriginalFilename : Apoint.exe
#:26 [agrsmmsg.exe]
FilePath : C:\WINDOWS\
ProcessID : 1640
ThreadCreationTime : 4-23-2005 6:26:25 PM
BasePriority : Normal
FileVersion : 2.1.35 2.1.35 10/23/2003 14:21:54
ProductVersion : 2.1.35 2.1.35 10/23/2003 14:21:54
ProductName : Agere SoftModem Messaging Applet
CompanyName : Agere Systems
FileDescription : SoftModem Messaging Applet
InternalName : smdmstat.exe
LegalCopyright : Copyright © Agere Systems 1998-2000
OriginalFilename : smdmstat.exe
#:27 [atiptaxx.exe]
FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\
ProcessID : 1676
ThreadCreationTime : 4-23-2005 6:26:27 PM
BasePriority : Normal
FileVersion : 6.14.10.5090
ProductVersion : 6.14.10.5090
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright © 1998-2004 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe
#:28 [eabservr.exe]
FilePath : C:\Program Files\HPQ\Quick Launch Buttons\
ProcessID : 1460
ThreadCreationTime : 4-23-2005 6:26:27 PM
BasePriority : Normal
FileVersion : 4, 20, 4, 1
ProductVersion : 4, 20, 4, 1
ProductName : Quick Launch Buttons
CompanyName : Hewlett-Packard
FileDescription : Quick Launch Buttons
InternalName : eabsrvr
LegalCopyright : Copyright © 2001-2003 Hewlett-Packard Company
OriginalFilename : eabsrvr.exe
#:29 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 1880
ThreadCreationTime : 4-23-2005 6:26:27 PM
BasePriority : Normal
FileVersion : 6.5
ProductVersion : QuickTime 6.5
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:30 [apntex.exe]
FilePath : C:\Program Files\Apoint2K\
ProcessID : 1908
ThreadCreationTime : 4-23-2005 6:26:29 PM
BasePriority : Normal
FileVersion : 5.0.1.15
ProductVersion : 5.0.1.15
ProductName : Alps Pointing-device Driver for Windows NT/2000/XP
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver for Windows NT/2000/XP
InternalName : Alps Pointing-device Driver for Windows NT/2000/XP
LegalCopyright : Copyright © 1998-2003 Alps Electric Co., Ltd.
OriginalFilename : ApntEx.exe
#:31 [mcvsshld.exe]
FilePath : C:\PROGRA~1\mcafee.com\vso\
ProcessID : 1416
ThreadCreationTime : 4-23-2005 6:26:29 PM
BasePriority : Normal
FileVersion : 8, 0, 0, 15
ProductVersion : 8, 0, 0, 0
ProductName : McAfee VirusScan
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee VirusScan ActiveShield Resource
InternalName : msvcshld
LegalCopyright : Copyright © 1998-2003 Networks Associates Technology, Inc
OriginalFilename : mcvsshld.exe
Comments : McAfee VirusScan ActiveShield Resource
#:32 [mcagent.exe]
FilePath : C:\PROGRA~1\McAfee.com\Agent\
ProcessID : 220
ThreadCreationTime : 4-23-2005 6:26:30 PM
BasePriority : Normal
FileVersion : 4, 3, 0, 10
ProductVersion : 4, 3, 0, 0
ProductName : McAfee SecurityCenter
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee SecurityCenter Agent
InternalName : mcagent
LegalCopyright : Copyright © 1998-2002 Networks Associates Technology, Inc.
OriginalFilename : mcagent.exe
#:33 [mcvsescn.exe]
FilePath : c:\progra~1\mcafee.com\vso\
ProcessID : 460
ThreadCreationTime : 4-23-2005 6:26:31 PM
BasePriority : Normal
FileVersion : 8, 0, 0, 30
ProductVersion : 8, 0, 0, 0
ProductName : McAfee VirusScan
CompanyName : Networks Associates Technology, Inc
FileDescription : McAfee VirusScan E-mail Scan Module
InternalName : mcvsescn
LegalCopyright : Copyright © 1998-2003 Networks Associates Technology, Inc
OriginalFilename : mcvsescn.EXE
Comments : McAfee VirusScan E-mail Scan Module
#:34 [omempk.exe]
FilePath : c:\windows\system32\
ProcessID : 496
ThreadCreationTime : 4-23-2005 6:26:32 PM
BasePriority : Normal
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.
#:35 [wuauclt.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2216
ThreadCreationTime : 4-23-2005 6:27:18 PM
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe
#:36 [waol.exe]
FilePath : C:\Program Files\America Online 9.0a\
ProcessID : 1260
ThreadCreationTime : 4-23-2005 8:18:43 PM
BasePriority : Normal
#:37 [shellmon.exe]
FilePath : C:\Program Files\America Online 9.0a\
ProcessID : 3656
ThreadCreationTime : 4-23-2005 8:19:30 PM
BasePriority : Normal
#:38 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3652
ThreadCreationTime : 4-23-2005 8:23:08 PM
BasePriority : Normal
FileVersion : 6.2.0.162
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 6
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
BookedSpace Object Recognized!
Type : RegKey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\bookedspace.dll
BookedSpace Object Recognized!
Type : RegKey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : bookedspace.extension
BookedSpace Object Recognized!
Type : RegKey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : bookedspace.extension.5
BookedSpace Object Recognized!
Type : RegKey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{0dc5cd7c-f653-4417-aa43-d457be3a9622}
BookedSpace Object Recognized!
Type : RegKey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{05080e6b-a88a-4cfd-8c3d-9b2557670b6e}
BookedSpace Object Recognized!
Type : RegKey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{0dc5cd7c-f653-4417-aa43-d457be3a9622}
BookedSpace Object Recognized!
Type : RegKey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{0019c3e2-dd48-4a6d-abcd-8d32436323d9}
BookedSpace Object Recognized!
Type : RegKey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\bookedspace
BookedSpace Object Recognized!
Type : RegKey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{0019c3e2-dd48-4a6d-abcd-8d32436323d9}
Windows Object Recognized!
Type : RegData
Data : explorer.exe c:\windows\nail.exe
Category : Vulnerability
Comment : Shell Possibly Compromised
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows nt\currentversion\winlogon
Value : Shell
Data : explorer.exe c:\windows\nail.exe
Registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 10
Objects found so far: 16
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 16
Started tracking cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : christopher amador@2o7[1].txt
Category : Data Miner
Comment : Cookie:christopher [email protected]/
Value : Cookie:christopher [email protected]/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : christopher amador@atdmt[2].txt
Category : Data Miner
Comment : Cookie:christopher [email protected]/
Value : Cookie:christopher [email protected]/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : christopher amador@hitbox[2].txt
Category : Data Miner
Comment : Cookie:christopher [email protected]/
Value : Cookie:christopher [email protected]/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : christopher amador@tribalfusion[2].txt
Category : Data Miner
Comment : Cookie:christopher [email protected]/
Value : Cookie:christopher [email protected]/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : christopher amador@fastclick[1].txt
Category : Data Miner
Comment : Cookie:christopher [email protected]/
Value : Cookie:christopher [email protected]/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : christopher amador@doubleclick[1].txt
Category : Data Miner
Comment : Cookie:christopher [email protected]/
Value : Cookie:christopher [email protected]/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : christopher amador@apmebf[2].txt
Category : Data Miner
Comment : Cookie:christopher [email protected]/
Value : Cookie:christopher [email protected]/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : christopher amador@qksrv[2].txt
Category : Data Miner
Comment : Cookie:christopher [email protected]/
Value : Cookie:christopher [email protected]/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : christopher amador@overture[1].txt
Category : Data Miner
Comment : Cookie:christopher [email protected]/
Value : Cookie:christopher [email protected]/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : christopher amador@trafficmp[1].txt
Category : Data Miner
Comment : Cookie:christopher [email protected]/
Value : Cookie:christopher [email protected]/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : christopher [email protected][2].txt
Category : Data Miner
Comment : Cookie:christopher [email protected]/
Value : Cookie:christopher [email protected]/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : christopher [email protected][1].txt
Category : Data Miner
Comment : Cookie:christopher [email protected]/
Value : Cookie:christopher [email protected]/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : christopher [email protected][1].txt
Category : Data Miner
Comment : Cookie:christopher [email protected]/
Value : Cookie:christopher [email protected]/
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 13
Objects found so far: 29
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk scan result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 0
Objects found so far: 29
Scanning Hosts file...
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
2 entries scanned.
New Critical Objects:0
Objects found so far: 29
Performing conditional scans..
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
BookedSpace Object Recognized!
Type : File
Data : bsx32.ini
Category : Malware
Comment :
Object : C:\WINDOWS\
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New Critical Objects: 1
Objects found so far: 30
4:37:27 PM Scan Complete
Summary of this scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:14:03.625
Objects scanned:110197
Objects identified:24
Objects ignored:0
New Critical Objects:24