Here's my Log File:
Ad-Aware SE Build 1.05
Logfile Created on:Monday, May 02, 2005 10:23:52 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R42 28.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
ClickSpring(TAC index:6):1 total references
MRU List(TAC index:0):14 total references
Tracking Cookie(TAC index:3):4 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : D:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:26 %
Total physical memory:245232 kb
Available physical memory:62560 kb
Total page file size:600860 kb
Available on page file:379452 kb
Total virtual memory:2097024 kb
Available virtual memory:2047752 kb
OS:Microsoft Windows XP Professional Service Pack 1 (Build 2600)
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
02-May-05 10:23:52 AM - Scan started. (Custom mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 404
ThreadCreationTime : 02-May-05 2:47:57 PM
BasePriority : Normal
#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 452
ThreadCreationTime : 02-May-05 2:48:01 PM
BasePriority : Normal
#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 476
ThreadCreationTime : 02-May-05 2:48:06 PM
BasePriority : High
#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 520
ThreadCreationTime : 02-May-05 2:48:07 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 532
ThreadCreationTime : 02-May-05 2:48:07 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 704
ThreadCreationTime : 02-May-05 2:48:10 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 728
ThreadCreationTime : 02-May-05 2:48:10 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k NetworkService
ProcessID : 844
ThreadCreationTime : 02-May-05 2:48:12 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 888
ThreadCreationTime : 02-May-05 2:48:13 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1084
ThreadCreationTime : 02-May-05 2:48:16 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:11 [avgamsvr.exe]
ModuleName : d:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Command Line : d:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
ProcessID : 1184
ThreadCreationTime : 02-May-05 2:48:17 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE
#:12 [avgupsvc.exe]
ModuleName : d:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
Command Line : d:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
ProcessID : 1216
ThreadCreationTime : 02-May-05 2:48:18 PM
BasePriority : Normal
FileVersion : 7,1,0,285
ProductVersion : 7.1.0.285
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE
#:13 [frameworkservice.exe]
ModuleName : C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
Command Line : "C:\Program Files\Network Associates\Common Framework\FrameworkService.exe" /ServiceStart
ProcessID : 1276
ThreadCreationTime : 02-May-05 2:48:22 PM
BasePriority : Normal
FileVersion : 3.0.0.595
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Framework Service
InternalName : Framework
LegalCopyright : Copyright© 2000-2002 Networks Associates Technology, Inc. All Rights Reserved.
OriginalFilename : Framework.exe
#:14 [mcshield.exe]
ModuleName : D:\Program Files\Network Associates\VirusScan\Mcshield.exe
Command Line : "D:\Program Files\Network Associates\VirusScan\Mcshield.exe"
ProcessID : 1308
ThreadCreationTime : 02-May-05 2:48:23 PM
BasePriority : High
#:15 [vstskmgr.exe]
ModuleName : D:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
Command Line : "D:\Program Files\Network Associates\VirusScan\VsTskMgr.exe"
ProcessID : 1380
ThreadCreationTime : 02-May-05 2:48:24 PM
BasePriority : Normal
#:16 [naprdmgr.exe]
ModuleName : C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
Command Line : C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe -Embedding
ProcessID : 1424
ThreadCreationTime : 02-May-05 2:48:27 PM
BasePriority : Normal
FileVersion : 3.0.0.595
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : NAI Product Manager
InternalName : Product Manager
LegalCopyright : Copyright© 2000-2002 Networks Associates Technology, Inc. All Rights Reserved.
OriginalFilename : naPrdMgr.exe
#:17 [mdm.exe]
ModuleName : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
Command Line : "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
ProcessID : 1556
ThreadCreationTime : 02-May-05 2:48:34 PM
BasePriority : Normal
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
ProductName : Microsoft Development Environment
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright © Microsoft Corp. 1997-2000
OriginalFilename : mdm.exe
#:18 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 1608
ThreadCreationTime : 02-May-05 2:48:34 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:19 [wdfmgr.exe]
ModuleName : C:\WINDOWS\System32\wdfmgr.exe
Command Line : C:\WINDOWS\System32\wdfmgr.exe
ProcessID : 1628
ThreadCreationTime : 02-May-05 2:48:34 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:20 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 152
ThreadCreationTime : 02-May-05 2:48:44 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:21 [sethook.exe]
ModuleName : D:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
Command Line : "D:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe"
ProcessID : 1156
ThreadCreationTime : 02-May-05 2:52:12 PM
BasePriority : Normal
FileVersion : 4,0,0,136
ProductVersion : 4,0,0,136
ProductName : MediaFACE
CompanyName : Fellowes, Inc.
FileDescription : MediaFACE Hook Application
InternalName : SetHook
LegalCopyright : Copyright © 2002 Fellowes, Inc.
LegalTrademarks : MediaFACE® are registered trademarks of Fellowes, Inc.
OriginalFilename : SetHook.exe
#:22 [realsched.exe]
ModuleName : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
ProcessID : 1260
ThreadCreationTime : 02-May-05 2:52:12 PM
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:23 [gnotify.exe]
ModuleName : D:\Program Files\Google\Gmail Notifier\gnotify.exe
Command Line : "D:\Program Files\Google\Gmail Notifier\gnotify.exe"
ProcessID : 1464
ThreadCreationTime : 02-May-05 2:52:13 PM
BasePriority : Normal
FileVersion : 1.0.24.0
ProductVersion : 1.0.24.0
ProductName : Gmail
CompanyName : Google Inc.
FileDescription : Gmail Notifier
LegalCopyright : Copyright © Google Inc. 2004
OriginalFilename : gnotify.exe
#:24 [shstat.exe]
ModuleName : D:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
Command Line : "D:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
ProcessID : 1756
ThreadCreationTime : 02-May-05 2:52:15 PM
BasePriority : Normal
#:25 [updaterui.exe]
ModuleName : C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
Command Line : "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
ProcessID : 1952
ThreadCreationTime : 02-May-05 2:52:19 PM
BasePriority : Normal
FileVersion : 3.0.0.595
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Common User Interface
InternalName : UpdaterUI
LegalCopyright : Copyright© 2000-2002 Networks Associates Technology, Inc. All Rights Reserved.
OriginalFilename : UpdaterUI.exe
#:26 [avgcc.exe]
ModuleName : D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
Command Line : "D:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
ProcessID : 1960
ThreadCreationTime : 02-May-05 2:52:20 PM
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE
#:27 [ctfmon.exe]
ModuleName : C:\WINDOWS\System32\ctfmon.exe
Command Line : "C:\WINDOWS\System32\ctfmon.exe"
ProcessID : 1928
ThreadCreationTime : 02-May-05 2:52:21 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:28 [ttdo.exe]
ModuleName : C:\Documents and Settings\Dave\Application Data\ttdo.exe
Command Line : "C:\Documents and Settings\Dave\Application Data\ttdo.exe"
ProcessID : 2000
ThreadCreationTime : 02-May-05 2:52:22 PM
BasePriority : Normal
#:29 [r?ndll32.exe]
ModuleName : C:\WINDOWS\System32\r?ndll32.exe
Command Line : "C:\WINDOWS\System32\r?ndll32.exe"
ProcessID : 2124
ThreadCreationTime : 02-May-05 2:52:25 PM
BasePriority : Normal
ClickSpring Object Recognized!
Type : Process
Data : r?ndll32.exe
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\System32\
Warning! ClickSpring Object found in memory(C:\WINDOWS\System32\r?ndll32.exe)
"C:\WINDOWS\System32\r?ndll32.exe"Process terminated successfully
"C:\WINDOWS\System32\r?ndll32.exe"Process terminated successfully
#:30 [iexplore.exe]
ModuleName : C:\Program Files\Internet Explorer\iexplore.exe
Command Line : "C:\Program Files\Internet Explorer\iexplore.exe"
ProcessID : 2296
ThreadCreationTime : 02-May-05 2:52:29 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
#:31 [acrotray.exe]
ModuleName : D:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
Command Line : "D:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe"
ProcessID : 2304
ThreadCreationTime : 02-May-05 2:52:30 PM
BasePriority : Normal
FileVersion : 6.0.0.2003051500
ProductVersion : 6.0.0.0
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
LegalCopyright : Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved.
OriginalFilename : AcroTray.exe
#:32 [w3dbsmgr.exe]
ModuleName : D:\PVSW\Bin\w3dbsmgr.exe
Command Line : "D:\PVSW\Bin\w3dbsmgr.exe" -SRDE
ProcessID : 2320
ThreadCreationTime : 02-May-05 2:52:31 PM
BasePriority : Normal
#:33 [wmiapsrv.exe]
ModuleName : C:\WINDOWS\System32\wbem\wmiapsrv.exe
Command Line : C:\WINDOWS\System32\wbem\wmiapsrv.exe
ProcessID : 2628
ThreadCreationTime : 02-May-05 2:53:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI Performance Adapter Service
InternalName : WmiApSrv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WmiApSrv.exe
#:34 [ad-aware.exe]
ModuleName : D:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "D:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 2532
ThreadCreationTime : 02-May-05 4:18:01 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 1
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1
MRU List Object Recognized!
Location: : C:\Documents and Settings\Dave\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\Dave\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1229272821-507921405-1708537768-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1229272821-507921405-1708537768-1003\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1229272821-507921405-1708537768-1003\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : S-1-5-21-1229272821-507921405-1708537768-1003\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-1229272821-507921405-1708537768-1003\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-1229272821-507921405-1708537768-1003\software\microsoft\office\10.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-1229272821-507921405-1708537768-1003\software\microsoft\office\10.0\excel\recent files
Description : list of recent files used by microsoft excel
MRU List Object Recognized!
Location: : S-1-5-21-1229272821-507921405-1708537768-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1229272821-507921405-1708537768-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1229272821-507921405-1708537768-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-1229272821-507921405-1708537768-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dave@oinadserve[1].txt
Category : Data Miner
Comment : Hits:9
Value : Cookie:[email protected]/
Expires : 31-Dec-20 6:00:00 PM
LastSync : Hits:9
UseCount : 0
Hits : 9
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 03-May-05 9:59:38 AM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dave@adrevolver[1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:[email protected]/adrevolver/
Expires : 23-Jan-08 5:39:54 AM
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 27-Apr-09 3:57:02 PM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 19
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19
Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
3 entries scanned.
New critical objects:0
Objects found so far: 19
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19
10:58:48 AM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:34:55.312
Objects scanned:141664
Objects identified:5
Objects ignored:0
New critical objects:5