alright here is the NEW logfile
Ad-Aware SE Build 1.05
Logfile Created on:Monday, May 02, 2005 3:17:44 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R42 28.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
CoolWebSearch(TAC index:10):10 total references
IBIS Toolbar(TAC index:5):11 total references
MRU List(TAC index:0):19 total references
Possible Browser Hijack attempt(TAC index:3):1 total references
SahAgent(TAC index:9):3 total references
Tracking Cookie(TAC index:3):15 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
5-2-2005 3:17:44 PM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\Owner.COMP\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\mediaplayer\preferences
Description : last cd record path used in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run
MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\nvidia corporation\global\nview\windowmanagement
Description : nvidia nview cached application window positions
MRU List Object Recognized!
Location: : S-1-5-21-836974428-1043987114-338991507-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 368
ThreadCreationTime : 5-2-2005 9:30:46 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 520
ThreadCreationTime : 5-2-2005 9:30:48 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 544
ThreadCreationTime : 5-2-2005 9:30:49 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 692
ThreadCreationTime : 5-2-2005 9:30:49 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 704
ThreadCreationTime : 5-2-2005 9:30:49 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 872
ThreadCreationTime : 5-2-2005 9:30:49 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 972
ThreadCreationTime : 5-2-2005 9:30:49 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1232
ThreadCreationTime : 5-2-2005 9:31:01 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1264
ThreadCreationTime : 5-2-2005 9:31:01 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1368
ThreadCreationTime : 5-2-2005 9:31:01 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:11 [navapsvc.exe]
FilePath : c:\Program Files\Norton AntiVirus\
ProcessID : 1504
ThreadCreationTime : 5-2-2005 9:31:07 PM
BasePriority : Normal
FileVersion : 9.05.1015
ProductVersion : 9.05.1015
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Copyright © 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:12 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1528
ThreadCreationTime : 5-2-2005 9:31:07 PM
BasePriority : Normal
FileVersion : 6.14.10.4403
ProductVersion : 6.14.10.4403
ProductName : NVIDIA Driver Helper Service, Version 44.03
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 44.03
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe
#:13 [omniserv.exe]
FilePath : C:\Program Files\Softex\OmniPass\
ProcessID : 1540
ThreadCreationTime : 5-2-2005 9:31:07 PM
BasePriority : Normal
#:14 [opxpapp.exe]
FilePath : C:\Program Files\Softex\OmniPass\
ProcessID : 1768
ThreadCreationTime : 5-2-2005 9:31:13 PM
BasePriority : Normal
#:15 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1988
ThreadCreationTime : 5-2-2005 9:31:14 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:16 [hpsysdrv.exe]
FilePath : C:\windows\system\
ProcessID : 352
ThreadCreationTime : 5-2-2005 9:31:18 PM
BasePriority : Normal
FileVersion : 1, 7, 0, 0
ProductVersion : 1, 7, 0, 0
ProductName : hpsysdrv
CompanyName : Hewlett-Packard Company
FileDescription : hpsysdrv
InternalName : hpsysdrv
LegalCopyright : Copyright © 1998
OriginalFilename : hpsysdrv.exe
#:17 [hpqcmon.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\
ProcessID : 708
ThreadCreationTime : 5-2-2005 9:31:18 PM
BasePriority : Normal
FileVersion : 2.0.0.133
ProductVersion : 2.0.0.133
ProductName : HpqCmon Application
FileDescription : HpqCmon MFC Application
InternalName : HpqCmon
LegalCopyright : Copyright © 2001
OriginalFilename : HpqCmon.EXE
#:18 [hpwuschd.exe]
FilePath : C:\Program Files\HP\HP Software Update\
ProcessID : 828
ThreadCreationTime : 5-2-2005 9:31:18 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : Hewlett-Packard hpwuSchd
CompanyName : Hewlett-Packard
FileDescription : hpwuSchd
InternalName : hpwuSchd
LegalCopyright : Copyright © 2003
OriginalFilename : hpwuSchd.exe
#:19 [hphmon05.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 896
ThreadCreationTime : 5-2-2005 9:31:18 PM
BasePriority : Normal
FileVersion : 5,0,84
ProductVersion : 5,0,84
ProductName : HP Photosmart
CompanyName : Hewlett-Packard
FileDescription : HPHmon05
InternalName : HPHmon05
LegalCopyright : Copyright © 2003
OriginalFilename : HPHmon05.exe
#:20 [kbd.exe]
FilePath : C:\HP\KBD\
ProcessID : 920
ThreadCreationTime : 5-2-2005 9:31:18 PM
BasePriority : High
#:21 [shwicon2k.exe]
FilePath : C:\Program Files\Multimedia Card Reader\
ProcessID : 1700
ThreadCreationTime : 5-2-2005 9:31:22 PM
BasePriority : Idle
FileVersion : 1, 0, 0, 5
ProductVersion : 1, 0, 0, 5
ProductName : Alcor Micro Sunkist
CompanyName : Alcor Micro Corp
FileDescription : Sunkist
InternalName : Sunkist
LegalCopyright : Copyright c 2002
OriginalFilename : Sunkist.exe
#:22 [alcxmntr.exe]
FilePath : C:\WINDOWS\
ProcessID : 1780
ThreadCreationTime : 5-2-2005 9:31:22 PM
BasePriority : Normal
FileVersion : 1.2
ProductVersion : 1.2
ProductName : Realtek AC97 Audio - Event Monitor
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek AC97 Audio - Event Monitor
InternalName : Alcxmntr
LegalCopyright : Copyright © 2003 Realtek Semiconductor Corp.
OriginalFilename : Alcxmntr.exe
#:23 [hpztsb08.exe]
FilePath : C:\WINDOWS\System32\spool\drivers\w32x86\3\
ProcessID : 1852
ThreadCreationTime : 5-2-2005 9:31:22 PM
BasePriority : Normal
FileVersion : 2,224,2,0
ProductVersion : 2,224,2,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright © Hewlett-Packard Company 1999-2003
#:24 [gamechannel.exe]
FilePath : C:\Program Files\WildTangent\Apps\
ProcessID : 1860
ThreadCreationTime : 5-2-2005 9:31:22 PM
BasePriority : Normal
FileVersion : 1, 5, 1, 19
ProductVersion : 1, 5, 1, 0
ProductName : Game Channel
CompanyName : WildTangent
FileDescription : Game Channel
InternalName : Game Channel
LegalCopyright : Copyright © 2002
OriginalFilename : GameChannel.exe
#:25 [gamedrvr.exe]
FilePath : C:\Program Files\WildTangent\Apps\CDA\
ProcessID : 1900
ThreadCreationTime : 5-2-2005 9:31:22 PM
BasePriority : Normal
FileVersion : 5.0.0.190
ProductVersion : 5.0.0.190
ProductName : WildTangent Game Loader
CompanyName : WildTangent, Inc.
FileDescription : WildTangent Automatic Update Manager
LegalCopyright : All Rights Reserved © 2003-2004 WildTangent, Inc.
#:26 [winos.exe]
FilePath : C:\WINDOWS\
ProcessID : 1868
ThreadCreationTime : 5-2-2005 9:31:23 PM
BasePriority : Normal
#:27 [ccevtmgr.exe]
FilePath : c:\Program Files\Common Files\Symantec Shared\
ProcessID : 2036
ThreadCreationTime : 5-2-2005 9:31:23 PM
BasePriority : Normal
FileVersion : 1.03.4
ProductVersion : 1.03.4
ProductName : Event Manager
CompanyName : Symantec Corporation
FileDescription : Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2002 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:28 [ypager.exe]
FilePath : C:\PROGRA~1\Yahoo!\MESSEN~1\
ProcessID : 396
ThreadCreationTime : 5-2-2005 9:31:24 PM
BasePriority : Normal
FileVersion : 6,0,0,1922
ProductVersion : 6,0,0,1922
ProductName : Yahoo! Messenger
CompanyName : Yahoo! Inc.
FileDescription : Yahoo! Messenger
InternalName : Yahoo! Messengerr
LegalCopyright : Copyright 1998-2005
OriginalFilename : YPager.exe
#:29 [pydmgz.exe]
FilePath : c:\windows\system32\
ProcessID : 452
ThreadCreationTime : 5-2-2005 9:31:24 PM
BasePriority : Normal
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.
#:30 [rundll32.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 464
ThreadCreationTime : 5-2-2005 9:31:24 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE
#:31 [wp.exe]
FilePath : C:\
ProcessID : 576
ThreadCreationTime : 5-2-2005 9:31:25 PM
BasePriority : Normal
#:32 [aoltray.exe]
FilePath : C:\Program Files\America Online 9.0a\
ProcessID : 240
ThreadCreationTime : 5-2-2005 9:31:27 PM
BasePriority : Normal
FileVersion : 9.00.000
ProductVersion : 9.00.000
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : AOL Tray Icon
InternalName : AolTray
LegalCopyright : Copyright © America Online, Inc. 1999 - 2003
#:33 [hpqtra08.exe]
FilePath : C:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ProcessID : 956
ThreadCreationTime : 5-2-2005 9:31:27 PM
BasePriority : Normal
FileVersion : 5.30.0.131
ProductVersion : 005.030.000.131
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP Digital Imaging Monitor (CUE)
InternalName : HPQTRA00
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2001
OriginalFilename : HPQTRA00.EXE
Comments : HP Digital Imaging Monitor (CUE)
#:34 [wincinemamgr.exe]
FilePath : C:\Program Files\InterVideo\Common\Bin\
ProcessID : 2096
ThreadCreationTime : 5-2-2005 9:31:31 PM
BasePriority : Normal
FileVersion : 1.8.2
ProductVersion : 1, 8, 2, 0
ProductName : WinCinema Manager for InterVideo WinCinema products
CompanyName : InterVideo Inc.
FileDescription : WinCinema Manager
InternalName : WinCinema Manager
LegalCopyright : Copyright 1999-2003 InterVideo, Inc. All rights reserved.
OriginalFilename : WinCinemaMgr.EXE
#:35 [wi32.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2600
ThreadCreationTime : 5-2-2005 9:31:54 PM
BasePriority : Normal
#:36 [gcasdtserv.exe]
FilePath : C:\Program Files\Microsoft AntiSpyware\
ProcessID : 2768
ThreadCreationTime : 5-2-2005 9:32:16 PM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe
#:37 [calcheck.exe]
FilePath : C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 SE\
ProcessID : 2960
ThreadCreationTime : 5-2-2005 9:32:27 PM
BasePriority : Normal
FileVersion : 4, 0, 0, 0
ProductVersion : 4, 0, 0, 0
ProductName : Calendar Checker Application
CompanyName : Ulead Systems, Inc.
FileDescription : Photo Express -- Calendar Checker
InternalName : CalCheck
LegalCopyright : Copyright © 1992-1999.Ulead Systems, Inc.
LegalTrademarks : Ulead Systems, MediaStudio, PhotoImpact and Photo Express are registered trademarks of Ulead Systems, Inc.
OriginalFilename : CalCheck.EXE
#:38 [limewire.exe]
FilePath : C:\Program Files\LimeWire\
ProcessID : 3032
ThreadCreationTime : 5-2-2005 9:32:31 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 2
ProductVersion : 1, 0, 0, 2
ProductName : LimeWire
CompanyName : Lime Wire, LLC
FileDescription : LimeWire
InternalName : LimeWire
LegalCopyright : Copyright © 2004
OriginalFilename : LimeWire.exe
Comments : The most advanced file sharing program on the planet.
#:39 [wuauclt.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3168
ThreadCreationTime : 5-2-2005 9:33:01 PM
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe
#:40 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 2656
ThreadCreationTime : 5-2-2005 9:38:04 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
#:41 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2952
ThreadCreationTime : 5-2-2005 10:16:55 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@overstock[2].txt
Category : Data Miner
Comment : Hits:10
Value : Cookie:
[email protected]/
Expires : 5-1-2006 7:13:04 PM
LastSync : Hits:10
UseCount : 0
Hits : 10
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@tribalfusion[2].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:
[email protected]/
Expires : 12-31-2037 5:00:00 PM
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:
[email protected]/
Expires : 5-1-2006 7:12:30 PM
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@oinadserve[1].txt
Category : Data Miner
Comment : Hits:7
Value : Cookie:
[email protected]/
Expires : 12-31-2020 5:00:00 PM
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@2o7[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:
[email protected]/
Expires : 4-30-2010 7:13:06 PM
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:
[email protected]/
Expires : 5-1-2006 4:41:54 PM
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@fastclick[2].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:
[email protected]/
Expires : 4-21-2007 4:41:24 PM
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@seeq[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:
[email protected]/
Expires : 5-1-2006 4:41:40 PM
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@atdmt[2].txt
Category : Data Miner
Comment : Hits:8
Value : Cookie:
[email protected]/
Expires : 4-30-2010 5:00:00 PM
LastSync : Hits:8
UseCount : 0
Hits : 8
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][1].txt
Category : Data Miner
Comment : Hits:21
Value : Cookie:
[email protected]/
Expires : 12-31-2099 5:00:00 PM
LastSync : Hits:21
UseCount : 0
Hits : 21
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@hitbox[1].txt
Category : Data Miner
Comment : Hits:9
Value : Cookie:
[email protected]/
Expires : 5-1-2006 7:12:30 PM
LastSync : Hits:9
UseCount : 0
Hits : 9
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:
[email protected]/
Expires : 5-1-2006 5:13:14 PM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:
[email protected]/
Expires : 12-31-2009 5:00:00 PM
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@mediaplex[2].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:
[email protected]/
Expires : 6-21-2009 5:00:00 PM
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : owner@doubleclick[2].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:
[email protected]/
Expires : 4-30-2008 5:12:58 PM
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 15
Objects found so far: 34
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
IBIS Toolbar Object Recognized!
Type : File
Data : A0003834.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP7\
IBIS Toolbar Object Recognized!
Type : File
Data : A0003836.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP7\
IBIS Toolbar Object Recognized!
Type : File
Data : A0003838.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP7\
IBIS Toolbar Object Recognized!
Type : File
Data : A0003840.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP7\
IBIS Toolbar Object Recognized!
Type : File
Data : A0003841.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP7\
IBIS Toolbar Object Recognized!
Type : File
Data : A0003842.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP7\
IBIS Toolbar Object Recognized!
Type : File
Data : A0003843.cfg
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP7\
IBIS Toolbar Object Recognized!
Type : File
Data : A0003844.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP7\
SahAgent Object Recognized!
Type : File
Data : A0003987.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP7\
FileVersion : 4, 0, 0, 4
ProductVersion : 4, 0, 0, 4
SahAgent Object Recognized!
Type : File
Data : A0003988.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP7\
FileVersion : 4, 0, 0, 2
ProductVersion : 4, 0, 0, 2
SahAgent Object Recognized!
Type : File
Data : A0003989.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{F2681A7D-91E5-401A-AC8B-015335799DC0}\RP7\
FileVersion : 4, 0, 0, 4
ProductVersion : 4, 0, 0, 4
CoolWebSearch Object Recognized!
Type : File
Data : stop.00009_4.exe
Category : Malware
Comment :
Object : C:\WINDOWS\
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 46
Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 46
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 46
Possible Browser Hijack attempt Object Recognized!
Type : File
Data : free xxx pics & movies.url
Category : Misc
Comment : Problematic URL discovered:
http://gotosex4all.com Object : C:\Documents and Settings\Owner.COMP\Favorites\
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : You will need to restart your computer and rescan in order to complete the removal of this item.
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\enum\root\legacy_tbpssvc
IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\enum\root\legacy_wintoolssvc
IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer
Value : ServerProc
CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : protocols\filter\text/html
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : protocols\filter\text/html
Value :
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : protocols\filter\text/html
Value : CLSID
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main
Value : Search Bar
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\search\searchproperties\en-us
Value : SingleProvider
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\classes\protocols\filter\text/html
Value : CLSID
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\main
Value : Use Custom Search URL
CoolWebSearch Object Recognized!
Type : RegData
Data : no
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main
Value : Use Search Asst
Data : no
CoolWebSearch Object Recognized!
Type : File
Data : free xxx pics & movies.url
Category : Malware
Comment :
Object : C:\Documents and Settings\Owner.COMP\Favorites\
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 12
Objects found so far: 59
4:49:41 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:01:31:56.312
Objects scanned:193040
Objects identified:40
Objects ignored:0
New critical objects:40