[zola1]

[COLOR=blue][COLOR=blue][COLOR=blue]

Hi,

Can you help diagnose the log enclosed ?.

With thanks !


Ad-Aware SE Build 1.05
Logfile Created on:08 May 2005 07:55:02
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R8 13.09.2004
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
404search(TAC index:5):5 total references
Alexa(TAC index:5):8 total references
BroadCastPC(TAC index:7):2 total references
Claria(TAC index:7):2 total references
CoolWebSearch(TAC index:10):14 total references
Holystic-Dialer(TAC index:5):7 total references
istbar(TAC index:6):5 total references
iWon(TAC index:5):43 total references
Possible Browser Hijack attempt(TAC index:3):6 total references
SysWeb-Telecom Dialer(TAC index:5):3 total references
Tracking Cookie(TAC index:3):312 total references
VX2(TAC index:10):8 total references
WinFavorites(TAC index:6):3 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R8 13.09.2004
Internal build : 12
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE
PERSONAL\defs.ref
File size : 344723 Bytes
Total size : 1092481 Bytes
Signature data size : 1068971 Bytes
Reference data size : 22998 Bytes
Signatures total : 30122
Fingerprints total : 154
Fingerprints size : 7129 Bytes
Target categories : 15
Target families : 560


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Non Intel
Memory available:46 %
Total physical memory:130524 kb
Available physical memory:31736 kb
Total page file size:1421952 kb
Available on page file:1409392 kb
Total virtual memory:2093056 kb
Available virtual memory:2051520 kb
OS:Microsoft Windows 98

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


08-05-2005 07:55:02 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [KERNEL32.DLL]
ModuleName : C:\WINDOWS\SYSTEM\KERNEL32.DLL
Command Line : n/a
ProcessID : 4279214727
Threads : 4
Priority : High
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
LegalCopyright : Copyright © Microsoft Corp. 1991-1999
OriginalFilename : KERNEL32.DLL

#:2 [MSGSRV32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MSGSRV32.EXE
Command Line : n/a
ProcessID : 4294964835
Threads : 1
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
LegalCopyright : Copyright © Microsoft Corp. 1992-1998
OriginalFilename : MSGSRV32.EXE

#:3 [MPREXE.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MPREXE.EXE
Command Line : C:\WINDOWS\SYSTEM\MPREXE.EXE
ProcessID : 4294959603
Threads : 1
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
LegalCopyright : Copyright © Microsoft Corp. 1993-1998
OriginalFilename : MPREXE.EXE

#:4 [EXPLORER.EXE]
ModuleName : C:\WINDOWS\EXPLORER.EXE
Command Line : C:\WINDOWS\Explorer.exe
ProcessID : 4294952123
Threads : 4
Priority : Normal
FileVersion : 4.72.3110.1
ProductVersion : 4.72.3110.1
ProductName : Microsoft® Windows NT® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-1997
OriginalFilename : EXPLORER.EXE

#:5 [RPCSS.EXE]
ModuleName : C:\WINDOWS\SYSTEM\RPCSS.EXE
Command Line : RPCSS
ProcessID : 4294863255
Threads : 4
Priority : Normal
FileVersion : 4.71.2900
ProductVersion : 4.71.2900
ProductName : Microsoft® Windows NT™ Operating System
CompanyName : Microsoft Corporation
FileDescription : Distributed COM Services
InternalName : rpcss.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1998
OriginalFilename : rpcss.exe

#:6 [SPOOL32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\SPOOL32.EXE
Command Line : C:\WINDOWS\SYSTEM\spool32.exe
ProcessID : 4294825427
Threads : 4
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler Sub System Process
InternalName : spool32
LegalCopyright : Copyright © Microsoft Corp. 1994 - 1998
OriginalFilename : spool32.exe

#:7 [LEXBCES.EXE]
ModuleName : C:\WINDOWS\SYSTEM\LEXBCES.EXE
Command Line : LEXBCES.EXE
ProcessID : 4294731423
Threads : 6
Priority : Normal
FileVersion : 5,12,00,00
ProductVersion : 5,12,00,00
ProductName : MarkVision for Windows (32 bit)
CompanyName : Lexmark International, Inc.
FileDescription : LexBce Service
InternalName : LexBce Service
LegalCopyright : © 1993 - 2000 Lexmark International, Inc.
OriginalFilename : LexBceS.exe

#:8 [AD-AWARE.EXE]
ModuleName : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\AD-AWARE.EXE
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 4294825959
Threads : 2
Priority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

404search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{f03a19f6-a511-49c4-ae3d-160e3465ccfb}

404search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{f03a19f6-a511-49c4-ae3d-160e3465ccfb}
Value :

404search Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\search.dll

404search Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\search.dll
Value : AppID

404search Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .Default\software\search404

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuText

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuStatusBar

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Script

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : clsid

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Icon

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : HotIcon

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : ButtonText

Holystic-Dialer Object Recognized!
Type : Regkey
Data : hol1
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .Default\software\local appwizard-generated applications\HOL1941981

Holystic-Dialer Object Recognized!
Type : Regkey
Data : hol1
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : Software\software\local appwizard-generated applications\HOL1941981

Holystic-Dialer Object Recognized!
Type : Regkey
Data : hol2
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .Default\software\local appwizard-generated applications\HOL2011338

Holystic-Dialer Object Recognized!
Type : Regkey
Data : hol2
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : Software\software\local appwizard-generated applications\HOL2011338

istbar Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .Default\software\iesearchbar

istbar Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\iesearchbariesearchbar

istbar Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\iesearchbariesearchbar
Value : DisplayName

istbar Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\iesearchbariesearchbar
Value : UninstallString

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07b18ea2-a523-4961-b6bb-170de4475cca}

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{07b18ea2-a523-4961-b6bb-170de4475cca}
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearch.outlookaddin

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearch.outlookaddin
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearch.outlookaddin.1

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearch.outlookaddin.1
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearchtoolbar.settingsplugin

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearchtoolbar.settingsplugin
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearchtoolbar.settingsplugin.1

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.0.0
Rootkey : HKEY_CLASSES_ROOT
Object : mywebsearchtoolbar.settingsplugin.1
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.popswatterbarbutton

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.popswatterbarbutton
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.popswattersettingscontrol.1

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.popswattersettingscontrol.1
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.popswattersettingscontrol

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.popswattersettingscontrol
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.htmlmenu.2

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.htmlmenu.2
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.htmlmenu

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.htmlmenu
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.htmlmenu.1

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.htmlmenu.1
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.popswatterbarbutton.1

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : funwebproducts.popswatterbarbutton.1
Value :

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\mywebsearch

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\office\word\addins\mywebsearch.outlookaddin

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\office\word\addins\mywebsearch.outlookaddin
Value : Description

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\office\word\addins\mywebsearch.outlookaddin
Value : FriendlyName

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\office\word\addins\mywebsearch.outlookaddin
Value : LoadBehavior

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\office\outlook\addins\mywebsearch.outlookaddin

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\office\outlook\addins\mywebsearch.outlookaddin
Value : Description

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\office\outlook\addins\mywebsearch.outlookaddin
Value : FriendlyName

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\office\outlook\addins\mywebsearch.outlookaddin
Value : LoadBehavior

iWon Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall
Value : DisplayName

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall
Value : UninstallString

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall
Value :

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall
Value : HelpLink

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall
Value : Publisher

iWon Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : SmileyCentralPFSetup2.0.2.1
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\mywebsearch bar uninstall
Value : UrlInfoAbout

SysWeb-Telecom Dialer Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : syswebtelecom.syswebtelecom

SysWeb-Telecom Dialer Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : syswebtelecom.syswebtelecom
Value :

SysWeb-Telecom Dialer Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .Default\software\syswebtelecom

WinFavorites Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{c094876d-1b0e-46fa-b6a6-7ffc0f970c27}

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "StashedGEF"
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion
Value : StashedGEF

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "StashedGMG"
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion
Value : StashedGMG

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment : "HOMEOldSP"
Rootkey : HKEY_USERS
Object : .Default\software\microsoft\internet explorer\main
Value : HOMEOldSP

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 68
Objects found so far: 68


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Possible Browser Hijack attempt : Software\Microsoft\Internet ExplorerSearchout.true-counter.co

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer
Value : Search
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Possible Browser Hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainDefault_Search_URLout.true-counter.co

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Default_Search_URL
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Possible Browser Hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainDefault_Page_URLout.true-counter.co

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%61/?%31%30%31"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Default_Page_URL
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%61/?%31%30%31"
Possible Browser Hijack attempt : .Default\Software\Microsoft\Internet Explorer\SearchCustomizeSearchout.true-counter.co

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Search
Value : CustomizeSearch
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Possible Browser Hijack attempt : .Default\Software\Microsoft\Internet ExplorerSearchURLout.true-counter.co

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer
Value : SearchURL
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Possible Browser Hijack attempt : .Default\Software\Microsoft\Internet ExplorerSearchout.true-counter.co

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer
Value : Search
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 6
Objects found so far: 74


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@fastclick[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@fastclick[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@doubleclick[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@valueclick[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@valueclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@bfast[4].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@bfast[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@doubleclick[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@doubleclick[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@fortunecity[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@fortunecity[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@admonitor[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@admonitor[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@cgi-bin[4].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@cgi-bin[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@trafficmp[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@trafficmp[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@x10[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@x10[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@tribalfusion[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@tribalfusion[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@hitbox[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@hitbox[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@tmpad[1].txt
Category : Data Miner
Comment : www.searchtraffic.com
Value : C:\WINDOWS\Cookies\\dwiltshi@tmpad[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@bfast[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@bfast[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@trafficmp[3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@trafficmp[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@doubleclick[4].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@doubleclick[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@euniverseads[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@euniverseads[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@mediaplex[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@mediaplex[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@adviva[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@adviva[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@hitbox[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@hitbox[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@fastclick[4].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@fastclick[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@ajrotator[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@ajrotator[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@bravenet[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@bravenet[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@bluestreak[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@bluestreak[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@atdmt[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@atdmt[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@cgi-bin[5].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@cgi-bin[5].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@ad-flow[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@ad-flow[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@cgi-bin[3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@cgi-bin[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@trafficmp[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@trafficmp[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@tripod[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@tripod[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@valueclick[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@valueclick[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@targetnet[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@targetnet[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@cgi-bin[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@cgi-bin[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@centrport[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@centrport[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@ajrotator[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@ajrotator[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@fastclick[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@fastclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@adviva[3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@adviva[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@peel[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@peel[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@clickagents[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@clickagents[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@fortunecity[3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@fortunecity[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@atdmt[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@atdmt[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@euniverseads[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@euniverseads[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@questionmarket[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@questionmarket[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@bfast[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@bfast[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@realmedia[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@realmedia[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@valueclick[4].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@valueclick[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : www.searchtraffic.com
Value : C:\WINDOWS\Cookies\\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@admonitor[3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@admonitor[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@tmpad[3].txt
Category : Data Miner
Comment : www.searchtraffic.com
Value : C:\WINDOWS\Cookies\\dwiltshi@tmpad[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@overture[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@overture[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@zedo[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@zedo[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@tribalfusion[3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@tribalfusion[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@doubleclick[3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@doubleclick[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@bluestreak[3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@bluestreak[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@hitbox[3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@hitbox[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@x10[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@x10[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@mediaplex[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@mediaplex[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@kelkoo[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@kelkoo[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@ajrotator[3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@ajrotator[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@clickagents[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@clickagents[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@cgi-bin[6].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\\dwiltshi@cgi-bin[6].txt

Tracking Cookie Object Recognized

[Advertisements]

Yes, I can help you with your logfile, but only after you have updated.
You have way too old definitions file, please perform webupdate.
Then rescan with "Full system scan", and post the new log.

- Rawe

[Rawe]

Yes, I can help you with your logfile, but only after you have updated.
You have way too old definitions file, please perform webupdate.
Then rescan with "Full system scan", and post the new log.

- Rawe

[zola1]

Hi Rawe,

Many thanks for the quick reply,

Will get back to you soon.

[Rawe]

Ok.
Post the log whenever you have time.

- Rawe

[zola1]

H Rawe,

Latest log enclosed :-


Ad-Aware SE Build 1.05
Logfile Created on:08 May 2005 10:33:11
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
404search(TAC index:5):5 total references
Alexa(TAC index:5):9 total references
BargainBuddy(TAC index:8):3 total references
BroadCastPC(TAC index:7):2 total references
Claria(TAC index:7):2 total references
CoolWebSearch(TAC index:10):28 total references
EffectiveBrandToolbar(TAC index:7):18 total references
Holystic-Dialer(TAC index:5):7 total references
IBIS Toolbar(TAC index:5):17 total references
istbar(TAC index:7):6 total references
Possible Browser Hijack attempt(TAC index:3):6 total references
Security iGuard(TAC index:9):3 total references
SysWeb-Telecom Dialer(TAC index:5):3 total references
Tracking Cookie(TAC index:3):312 total references
WinFavorites(TAC index:6):3 total references
VX2(TAC index:10):26 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R43 06.05.2005
Internal build : 50
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL
\defs.ref
File size : 467649 Bytes
Total size : 1414672 Bytes
Signature data size : 1383852 Bytes
Reference data size : 30308 Bytes
Signatures total : 39494
Fingerprints total : 847
Fingerprints size : 28739 Bytes
Target categories : 15
Target families : 663


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Non Intel
Memory available:5 %
Total physical memory:130500 kb
Available physical memory:2196 kb
Total page file size:1510240 kb
Available on page file:1347784 kb
Total virtual memory:2093056 kb
Available virtual memory:2045568 kb
OS:Microsoft Windows 98

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


08-05-2005 10:33:11 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [KERNEL32.DLL]
ModuleName : C:\WINDOWS\SYSTEM\KERNEL32.DLL
Command Line : n/a
ProcessID : 4279174009
Threads : 6
Priority : High
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
LegalCopyright : Copyright © Microsoft Corp. 1991-1999
OriginalFilename : KERNEL32.DLL

#:2 [MSGSRV32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MSGSRV32.EXE
Command Line : n/a
ProcessID : 4294916065
Threads : 1
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
LegalCopyright : Copyright © Microsoft Corp. 1992-1998
OriginalFilename : MSGSRV32.EXE

#:3 [MPREXE.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MPREXE.EXE
Command Line : C:\WINDOWS\SYSTEM\MPREXE.EXE
ProcessID : 4294950929
Threads : 2
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
LegalCopyright : Copyright © Microsoft Corp. 1993-1998
OriginalFilename : MPREXE.EXE

#:4 [mmtask.tsk]
ModuleName : C:\WINDOWS\SYSTEM\mmtask.tsk
Command Line : n/a
ProcessID : 4294937653
Threads : 1
Priority : Normal
FileVersion : 4.03.1998
ProductVersion : 4.03.1998
ProductName : Microsoft Windows
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
LegalCopyright : Copyright © Microsoft Corp. 1991-1998
OriginalFilename : mmtask.tsk

#:5 [JAVAZE.EXE]
ModuleName : C:\WINDOWS\JAVAZE.EXE
Command Line : C:\WINDOWS\JAVAZE.EXE /s
ProcessID : 4294863357
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : JAVAZE.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\JAVAZE.EXE)

"C:\WINDOWS\JAVAZE.EXE"Process terminated successfully

#:6 [ADDBJ32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\ADDBJ32.EXE
Command Line : C:\WINDOWS\SYSTEM\ADDBJ32.EXE /s
ProcessID : 4294864985
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : ADDBJ32.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\SYSTEM\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSTEM\ADDBJ32.EXE)

"C:\WINDOWS\SYSTEM\ADDBJ32.EXE"Process terminated successfully

#:7 [APIRB32.EXE]
ModuleName : C:\WINDOWS\APIRB32.EXE
Command Line : C:\WINDOWS\APIRB32.EXE /s
ProcessID : 4294868733
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : APIRB32.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\APIRB32.EXE)

"C:\WINDOWS\APIRB32.EXE"Process terminated successfully

#:8 [SDKTV.EXE]
ModuleName : C:\WINDOWS\SDKTV.EXE
Command Line : C:\WINDOWS\SDKTV.EXE /s
ProcessID : 4294837657
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : SDKTV.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\SDKTV.EXE)

"C:\WINDOWS\SDKTV.EXE"Process terminated successfully

#:9 [MSOD.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MSOD.EXE
Command Line : C:\WINDOWS\SYSTEM\MSOD.EXE /s
ProcessID : 4294842569
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : MSOD.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\SYSTEM\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSTEM\MSOD.EXE)

"C:\WINDOWS\SYSTEM\MSOD.EXE"Process terminated successfully

#:10 [NTEV32.EXE]
ModuleName : C:\WINDOWS\NTEV32.EXE
Command Line : C:\WINDOWS\NTEV32.EXE /s
ProcessID : 4294849897
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : NTEV32.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\NTEV32.EXE)

"C:\WINDOWS\NTEV32.EXE"Process terminated successfully

#:11 [NETKG.EXE]
ModuleName : C:\WINDOWS\NETKG.EXE
Command Line : C:\WINDOWS\NETKG.EXE /s
ProcessID : 4294885581
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : NETKG.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\NETKG.EXE)

"C:\WINDOWS\NETKG.EXE"Process terminated successfully

#:12 [SYSXI.EXE]
ModuleName : C:\WINDOWS\SYSTEM\SYSXI.EXE
Command Line : C:\WINDOWS\SYSTEM\SYSXI.EXE /s
ProcessID : 4294887453
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : SYSXI.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\SYSTEM\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSTEM\SYSXI.EXE)

"C:\WINDOWS\SYSTEM\SYSXI.EXE"Process terminated successfully

#:13 [SYSVY.EXE]
ModuleName : C:\WINDOWS\SYSVY.EXE
Command Line : C:\WINDOWS\SYSVY.EXE /s
ProcessID : 4294900737
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : SYSVY.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSVY.EXE)

"C:\WINDOWS\SYSVY.EXE"Process terminated successfully

#:14 [APPQH.EXE]
ModuleName : C:\WINDOWS\APPQH.EXE
Command Line : C:\WINDOWS\APPQH.EXE /s
ProcessID : 4294874097
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : APPQH.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\APPQH.EXE)

"C:\WINDOWS\APPQH.EXE"Process terminated successfully

#:15 [MFCBU32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MFCBU32.EXE
Command Line : C:\WINDOWS\SYSTEM\MFCBU32.EXE /s
ProcessID : 4294875269
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : MFCBU32.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\SYSTEM\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSTEM\MFCBU32.EXE)

"C:\WINDOWS\SYSTEM\MFCBU32.EXE"Process terminated successfully

#:16 [D3UZ32.EXE]
ModuleName : C:\WINDOWS\D3UZ32.EXE
Command Line : C:\WINDOWS\D3UZ32.EXE /s
ProcessID : 4294844505
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : D3UZ32.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\D3UZ32.EXE)

"C:\WINDOWS\D3UZ32.EXE"Process terminated successfully

#:17 [EXPLORER.EXE]
ModuleName : C:\WINDOWS\EXPLORER.EXE
Command Line : C:\WINDOWS\Explorer.exe
ProcessID : 4294788701
Threads : 5
Priority : Normal
FileVersion : 4.72.3110.1
ProductVersion : 4.72.3110.1
ProductName : Microsoft® Windows NT® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-1997
OriginalFilename : EXPLORER.EXE

#:18 [D3UL.EXE]
ModuleName : C:\WINDOWS\D3UL.EXE
Command Line : C:\WINDOWS\D3UL.EXE /s
ProcessID : 4294788557
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : D3UL.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\D3UL.EXE)

"C:\WINDOWS\D3UL.EXE"Process terminated successfully

#:19 [RPCSS.EXE]
ModuleName : C:\WINDOWS\SYSTEM\RPCSS.EXE
Command Line : RPCSS
ProcessID : 4294822645
Threads : 5
Priority : Normal
FileVersion : 4.71.2900
ProductVersion : 4.71.2900
ProductName : Microsoft® Windows NT™ Operating System
CompanyName : Microsoft Corporation
FileDescription : Distributed COM Services
InternalName : rpcss.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1998
OriginalFilename : rpcss.exe

#:20 [SYSTRAY.EXE]
ModuleName : C:\WINDOWS\SYSTEM\SYSTRAY.EXE
Command Line : "C:\WINDOWS\SYSTEM\SysTray.Exe"
ProcessID : 4294737433
Threads : 1
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : System Tray Applet
InternalName : SYSTRAY
LegalCopyright : Copyright © Microsoft Corp. 1993-1998
OriginalFilename : SYSTRAY.EXE

#:21 [LOADQM.EXE]
ModuleName : C:\WINDOWS\LOADQM.EXE
Command Line : "C:\WINDOWS\loadqm.exe"
ProcessID : 4294718765
Threads : 3
Priority : Normal
FileVersion : 5.4.1103.3
ProductVersion : 5.4.1103.3
ProductName : QMgr Loader
CompanyName : Microsoft Corporation
FileDescription : Microsoft QMgr
InternalName : LOADQM.EXE
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : LOADQM.EXE

#:22 [STIMON.EXE]
ModuleName : C:\WINDOWS\SYSTEM\STIMON.EXE
Command Line : "C:\WINDOWS\SYSTEM\STIMON.EXE"
ProcessID : 4294754793
Threads : 3
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Still Image Devices Monitor
InternalName : STIMON
LegalCopyright : Copyright © Microsoft Corp. 1996-1998
OriginalFilename : STIMON.EXE

#:23 [UMSD.EXE]
ModuleName : C:\PROGRAM FILES\UMSD TOOLS\UMSD.EXE
Command Line : "C:\program files\umsd tools\umsd.exe" sys_auto_run C:\Program Files\UMSD Tools
ProcessID : 4294761589
Threads : 2
Priority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : UMSD Application
FileDescription : UMSD MFC Application
InternalName : UMSD
LegalCopyright : Copyright © 2002
OriginalFilename : UMSD.EXE

#:24 [QTTASK.EXE]
ModuleName : C:\WINDOWS\SYSTEM\QTTASK.EXE
Command Line : "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
ProcessID : 4294762353
Threads : 2
Priority : Normal
FileVersion : 6.5
ProductVersion : QuickTime 6.5
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:25 [USBMONIT.EXE]
ModuleName : C:\WINDOWS\SYSTEM\USBMONIT.EXE
Command Line : "C:\WINDOWS\SYSTEM\USBMonit.exe"
ProcessID : 4294717041
Threads : 1
Priority : Normal
FileVersion : 2, 3, 0, 0
ProductVersion : 2, 3, 0, 0
ProductName : Gene USB Monitor
CompanyName : General
FileDescription : Gene USB Monitor
InternalName : USBMonitor
LegalCopyright : Copyright © 2000-2004
OriginalFilename : USBMonit.exe

#:26 [REALSCHED.EXE]
ModuleName : C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
ProcessID : 4294744653
Threads : 2
Priority : Normal
FileVersion : 0.1.0.3275
ProductVersion : 0.1.0.3275
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:27 [SYSKA32.EXE]
ModuleName : C:\WINDOWS\SYSKA32.EXE
Command Line : "C:\WINDOWS\SYSKA32.EXE"
ProcessID : 4294643569
Threads : 4
Priority : Normal


#:28 [THGUARD.EXE]
ModuleName : C:\PROGRAM FILES\TROJANHUNTER 4.2\THGUARD.EXE
Command Line : "C:\PROGRAM FILES\TROJANHUNTER 4.2\THGUARD.EXE"
ProcessID : 4294750429
Threads : 2
Priority : Normal
FileVersion : 3.8.0.275
ProductVersion : 1.0.0.0
ProductName : TrojanHunter Guard
CompanyName : Mischel Internet Security
FileDescription : TrojanHunter Guard
LegalCopyright : Mischel Internet Security
LegalTrademarks : TrojanHunter is a trademark of Mischel Internet Security.
OriginalFilename : THGuard.exe

#:29 [SWDOCTOR.EXE]
ModuleName : C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE
Command Line : "C:\PROGRAM FILES\SPYWARE DOCTOR\SWDOCTOR.EXE" /Q
ProcessID : 4294824421
Threads : 7
Priority : Normal
FileVersion : 3.2.0.3421
ProductVersion : 3.1
ProductName : Spyware Doctor
CompanyName : PCTools
FileDescription : Spyware Doctor
InternalName : Spyware Doctor
LegalCopyright : Copyright © 2004. Distributed by PC Tools Pty Ltd
OriginalFilename : swdr.exe

#:30 [WPC11CFG.EXE]
ModuleName : C:\PROGRAM FILES\LINKSYS\WIRELESS-B NOTEBOOK ADAPTER\WPC11CFG.EXE
Command Line : "C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe"
ProcessID : 4294646565
Threads : 1
Priority : Normal
FileVersion : 2.1.0.4
ProductVersion : 1.0.5.0
ProductName : Linksys Instant WLAN Monitor
CompanyName : Cisco-Linksys, LLC.
FileDescription : Linksys Instant WLAN Monitor
InternalName : WLANMonitor.EXE
LegalCopyright : Copyright © 2003, Cisco-Linksys, LLC.
LegalTrademarks : Instant Wireless
OriginalFilename : WLANMonitor.EXE
Comments : Linksys Instant WLAN Monitor

#:31 [SDKTV.EXE]
ModuleName : C:\WINDOWS\SDKTV.EXE
Command Line : n/a
ProcessID : 4294595861
Threads : 1
Priority : Normal


#:32 [APIRB32.EXE]
ModuleName : C:\WINDOWS\APIRB32.EXE
Command Line : C:\WINDOWS\APIRB32.EXE /s
ProcessID : 4294598029
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : APIRB32.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\APIRB32.EXE)

"C:\WINDOWS\APIRB32.EXE"Process terminated successfully

#:33 [ADDBJ32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\ADDBJ32.EXE
Command Line : C:\WINDOWS\SYSTEM\ADDBJ32.EXE /s
ProcessID : 4294252045
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : ADDBJ32.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\SYSTEM\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSTEM\ADDBJ32.EXE)

"C:\WINDOWS\SYSTEM\ADDBJ32.EXE"Process terminated successfully

#:34 [D3UL.EXE]
ModuleName : C:\WINDOWS\D3UL.EXE
Command Line : C:\WINDOWS\D3UL.EXE /s
ProcessID : 4294281425
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : D3UL.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\D3UL.EXE)

"C:\WINDOWS\D3UL.EXE"Process terminated successfully

#:35 [APIRB32.EXE]
ModuleName : C:\WINDOWS\APIRB32.EXE
Command Line : C:\WINDOWS\APIRB32.EXE /s
ProcessID : 4294345597
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : APIRB32.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\


Warning! VX2 Object found in memory(C:\WINDOWS\APIRB32.EXE)

"C:\WINDOWS\APIRB32.EXE"Process terminated successfully

#:36 [AD-AWARE.EXE]
ModuleName : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\AD-AWARE.EXE
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 4294292037
Threads : 2
Priority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 17
Objects found so far: 17


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

404search Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\search.dll

404search Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\search.dll
Value : AppID

404search Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{f03a19f6-a511-49c4-ae3d-160e3465ccfb}

404search Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{f03a19f6-a511-49c4-ae3d-160e3465ccfb}
Value :

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{676575dd-4d46-911d-8037-9b10d6ee8bb5}

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{676575dd-4d46-911d-8037-9b10d6ee8bb5}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2c4e6d22-b71f-491f-aad3-b6972a650d50}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{2c4e6d22-b71f-491f-aad3-b6972a650d50}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{c380566d-f343-42ab-987b-6b38a1a35747}

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{c380566d-f343-42ab-987b-6b38a1a35747}
Value :

IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.plugindownadd

IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : tbps.plugindownadd
Value :

SysWeb-Telecom Dialer Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : syswebtelecom.syswebtelecom

SysWeb-Telecom Dialer Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : syswebtelecom.syswebtelecom
Value :

WinFavorites Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{c094876d-1b0e-46fa-b6a6-7ffc0f970c27}

404search Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .Default\software\search404

EffectiveBrandToolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .Default\software\effective-i

EffectiveBrandToolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .Default\software\maxthon\plugin\toolbar\{44be0690-5429-47f0-85bb-3ffd8020233e}

EffectiveBrandToolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : .Default\software\maxthon\plugin\toolbar\{44be0690-5429-47f0-85bb-3ffd8020233e}
Value :

Holystic-Dialer Object Recognized!
Type : Regkey
Data : hol1
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .Default\software\local appwizard-generated applications\HOL1941981

Holystic-Dialer Object Recognized!
Type : Regkey
Data : hol1
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : Software\software\local appwizard-generated applications\HOL1941981

Holystic-Dialer Object Recognized!
Type : Regkey
Data : hol2
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .Default\software\local appwizard-generated applications\HOL2011338

Holystic-Dialer Object Recognized!
Type : Regkey
Data : hol2
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : Software\software\local appwizard-generated applications\HOL2011338

istbar Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .Default\software\iesearchbar

SysWeb-Telecom Dialer Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : .Default\software\syswebtelecom

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuText

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : MenuStatusBar

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Script

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : clsid

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : Icon

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : HotIcon

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Value : ButtonText

EffectiveBrandToolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\effective-i

EffectiveBrandToolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ucmore - the search accelerator

EffectiveBrandToolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ucmore - the search accelerator
Value : DisplayName

EffectiveBrandToolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ucmore - the search accelerator
Value : UninstallString

EffectiveBrandToolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ucmore - the search accelerator
Value : DisplayVersion

EffectiveBrandToolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ucmore - the search accelerator
Value : HelpLink

EffectiveBrandToolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ucmore - the search accelerator
Value : Publisher

EffectiveBrandToolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ucmore - the search accelerator
Value : URLInfoAbout

EffectiveBrandToolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ucmore - the search accelerator
Value : Contact

EffectiveBrandToolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ucmore - the search accelerator
Value : Comments

EffectiveBrandToolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\ucmore - the search accelerator
Value : DisplayIcon

istbar Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\iesearchbariesearchbar

istbar Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\iesearchbariesearchbar
Value : DisplayName

istbar Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\iesearchbariesearchbar
Value : UninstallString

Security iGuard Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\rex-services

Security iGuard Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\rex-services
Value : MGuid

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : .Default\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment : "HOMEOldSP"
Rootkey : HKEY_USERS
Object : .Default\software\microsoft\internet explorer\main
Value : HOMEOldSP

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "StashedGEF"
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion
Value : StashedGEF

Claria Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment : "StashedGMG"
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion
Value : StashedGMG

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 53
Objects found so far: 70


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Possible Browser Hijack attempt : Software\Microsoft\Internet ExplorerSearchout.true-counter.co

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer
Value : Search
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Possible Browser Hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainDefault_Search_URLout.true-counter.co

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Default_Search_URL
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Possible Browser Hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainDefault_Page_URLout.true-counter.co

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%61/?%31%30%31"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Default_Page_URL
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%61/?%31%30%31"
Possible Browser Hijack attempt : .Default\Software\Microsoft\Internet Explorer\SearchCustomizeSearchout.true-counter.co

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Search
Value : CustomizeSearch
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Possible Browser Hijack attempt : .Default\Software\Microsoft\Internet ExplorerSearchURLout.true-counter.co

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer
Value : SearchURL
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Possible Browser Hijack attempt : .Default\Software\Microsoft\Internet ExplorerSearchout.true-counter.co

Possible Browser Hijack attempt Object Recognized!
Type : RegData
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"
Category : Malware
Comment : Possible Browser Hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer
Value : Search
Data : "http://%6f%75%74%2e%74%72%75%65%2d%63%6f%75%6e%74%65%72%2e%63%6f%6d/%62/?%31%30%31"

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 6
Objects found so far: 76


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@fastclick[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@fastclick[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@doubleclick[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@doubleclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@valueclick[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@valueclick[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@bfast[4].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@bfast[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@doubleclick[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@doubleclick[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@fortunecity[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@fortunecity[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@admonitor[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@admonitor[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@cgi-bin[4].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@cgi-bin[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@trafficmp[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@trafficmp[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@x10[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@x10[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@tribalfusion[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@tribalfusion[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@hitbox[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@hitbox[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@tmpad[1].txt
Category : Data Miner
Comment : www.searchtraffic.com
Value : C:\WINDOWS\Cookies\dwiltshi@tmpad[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@bfast[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@bfast[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@trafficmp[3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@trafficmp[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@doubleclick[4].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@doubleclick[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@euniverseads[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@euniverseads[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@mediaplex[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@mediaplex[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@adviva[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@adviva[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@hitbox[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@hitbox[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@fastclick[4].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@fastclick[4].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@ajrotator[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@ajrotator[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@bravenet[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@bravenet[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@bluestreak[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@bluestreak[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@atdmt[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@atdmt[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@cgi-bin[5].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@cgi-bin[5].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@ad-flow[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@ad-flow[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@cgi-bin[3].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@cgi-bin[3].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\[email protected][2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@trafficmp[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@trafficmp[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@tripod[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@tripod[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@valueclick[2].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@valueclick[2].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@targetnet[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@targetnet[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@cgi-bin[1].txt
Category : Data Miner
Comment :
Value : C:\WINDOWS\Cookies\dwiltshi@cgi-bin[1].txt

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dwiltshi@centrport[1].txt
Category : Data Miner
Comment :
Value

[Rawe]

Let's see..

Ad-aware has found object(s) on your computer

If you chose to clean your computer from what Ad-aware found, follow these instructions below…

Make sure that you are using the * SE1R43 06.05.2005 * definition file.


Open up Ad-Aware SE and click on the gear to access the Configuration menu. Make sure that this setting is applied.

Click on Tweak > Cleaning engine > UNcheck "Always try to unload modules before deletion".

Disconnect from the internet (for broadband/cable users, it is recommended that you disconnect the cable connection) and close all open browsers or other programs you have running.

Then boot into Safe Mode

To clean your machine, it is highly recommended that you clean the following directory contents (but not the directory folder);

Run CCleaner to help in this process.
Download CCleaner (Setup: go to >options > settings > Uncheck "Only delete files in Windows Temp folders older than 48 hours" for cleaning malware files!)

* C:\Windows\Temp\
* C:\Documents and Settings\<Your Profile>\Local Settings\Temporary Internet Files\ <- This will delete all your cached internet content including cookies.
* C:\Documents and Settings\<Your Profile>\Local Settings\Temp\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temporary Internet Files\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temp\
* Empty your "Recycle Bin".

Run Ad-Aware SE from the command lines shown in the instructions shown below.

Click "Start" > select "Run" > type the text shown below (including the quotation marks and with the same spacing as shown)

"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" /full +procnuke
(For the Professional version)

"C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe" /full +procnuke
(For the Plus version)

"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnuke
(For the Personal version)


Click Ok.

Note; the path above is of the default installation location for Ad-aware SE, if this is different, adjust it to the location that you have installed it to.

When the scan has completed, select next. In the Scanning Results window, select the "Scan Summary"- tab. Check the box next to any objects you wish to remove. Click next, Click Ok.

If problems are caused by deleting a family, just leave it.


Reboot your computer after removal, run a new "full system scan" and post the results as a reply. Don't open any programs or connect to the internet at this time.

Then copy & paste the complete log file here. Don't quarantine or remove anything at this time, just post a complete logfile. This can sometimes takes 2-3 posts to get it all posted, once the "Summary of this scan" information is shown, you have posted all of your logfile.

Also, keep in mind that when you are posting another logfile keep "Search for negligible risk entries" deselected as negligible risk entries (Mru's) aren't considered as a threat. This option can be changed when choosing your scan type.

Remember to post your fresh scanlog in THIS topic.

- Rawe

[zola1]

Hi Rawe,

Carried out instructions, latest scan below (still getting hijack of pc e.g :- Internet Explorer trying to connect to www.newgenlook.com website & "Air Tickets" icon appears on my desktop ???


Ad-Aware SE Build 1.05
Logfile Created on:08 May 2005 20:21:00
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
None
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R43 06.05.2005
Internal build : 50
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\defs.ref
File size : 467649 Bytes
Total size : 1414672 Bytes
Signature data size : 1383852 Bytes
Reference data size : 30308 Bytes
Signatures total : 39494
Fingerprints total : 847
Fingerprints size : 28739 Bytes
Target categories : 15
Target families : 663


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Non Intel
Memory available:68 %
Total physical memory:130524 kb
Available physical memory:60128 kb
Total page file size:1743608 kb
Available on page file:1743608 kb
Total virtual memory:2093056 kb
Available virtual memory:2049472 kb
OS:Microsoft Windows 98

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


08-05-2005 20:21:01 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [KERNEL32.DLL]
ModuleName : C:\WINDOWS\SYSTEM\KERNEL32.DLL
Command Line : n/a
ProcessID : 4279214419
Threads : 4
Priority : High
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
LegalCopyright : Copyright © Microsoft Corp. 1991-1999
OriginalFilename : KERNEL32.DLL

#:2 [MSGSRV32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MSGSRV32.EXE
Command Line : n/a
ProcessID : 4294964663
Threads : 1
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
LegalCopyright : Copyright © Microsoft Corp. 1992-1998
OriginalFilename : MSGSRV32.EXE

#:3 [MPREXE.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MPREXE.EXE
Command Line : C:\WINDOWS\SYSTEM\MPREXE.EXE
ProcessID : 4294959655
Threads : 1
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
LegalCopyright : Copyright © Microsoft Corp. 1993-1998
OriginalFilename : MPREXE.EXE

#:4 [EXPLORER.EXE]
ModuleName : C:\WINDOWS\EXPLORER.EXE
Command Line : C:\WINDOWS\Explorer.exe
ProcessID : 4294952815
Threads : 4
Priority : Normal
FileVersion : 4.72.3110.1
ProductVersion : 4.72.3110.1
ProductName : Microsoft® Windows NT® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-1997
OriginalFilename : EXPLORER.EXE

#:5 [RPCSS.EXE]
ModuleName : C:\WINDOWS\SYSTEM\RPCSS.EXE
Command Line : RPCSS
ProcessID : 4294863427
Threads : 4
Priority : Normal
FileVersion : 4.71.2900
ProductVersion : 4.71.2900
ProductName : Microsoft® Windows NT™ Operating System
CompanyName : Microsoft Corporation
FileDescription : Distributed COM Services
InternalName : rpcss.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1998
OriginalFilename : rpcss.exe

#:6 [AD-AWARE.EXE]
ModuleName : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\AD-AWARE.EXE
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 4294782287
Threads : 2
Priority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0



Deep scanning and examining files (c:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for c:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
20:34:00 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:12:59.390
Objects scanned:75500
Objects identified:0
Objects ignored:0
New critical objects:0

[zola1]

Hi Rawe,

I guess your kinda busy ..any chance of some more advice ?

[zola1]

Hi Andy,

Yes ! i am currently running Firefox as IE is still opening this newlookgen page !!!

Can you suggest the next path ?

Regards

zola

[zola1]

Thanks Andy, will post it this pm .
regards

Zola

[zola1]

Hi Andy,

Scanlog enclosed any help appreciated !


Ad-Aware SE Build 1.05
Logfile Created on:19 May 2005 19:04:25
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
VX2(TAC index:10):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R43 06.05.2005
Internal build : 50
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\defs.ref
File size : 467649 Bytes
Total size : 1414672 Bytes
Signature data size : 1383852 Bytes
Reference data size : 30308 Bytes
Signatures total : 39494
Fingerprints total : 847
Fingerprints size : 28739 Bytes
Target categories : 15
Target families : 663


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Non Intel
Memory available:32 %
Total physical memory:130500 kb
Available physical memory:4732 kb
Total page file size:1734080 kb
Available on page file:1656152 kb
Total virtual memory:2093056 kb
Available virtual memory:2025856 kb
OS:Microsoft Windows 98

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects


19-05-2005 19:04:25 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [KERNEL32.DLL]
ModuleName : C:\WINDOWS\SYSTEM\KERNEL32.DLL
Command Line : n/a
ProcessID : 4279195785
Threads : 10
Priority : High
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
LegalCopyright : Copyright © Microsoft Corp. 1991-1999
OriginalFilename : KERNEL32.DLL

#:2 [MSGSRV32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MSGSRV32.EXE
Command Line : n/a
ProcessID : 4294908757
Threads : 1
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
LegalCopyright : Copyright © Microsoft Corp. 1992-1998
OriginalFilename : MSGSRV32.EXE

#:3 [MPREXE.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MPREXE.EXE
Command Line : C:\WINDOWS\SYSTEM\MPREXE.EXE
ProcessID : 4294907429
Threads : 3
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
LegalCopyright : Copyright © Microsoft Corp. 1993-1998
OriginalFilename : MPREXE.EXE

#:4 [mmtask.tsk]
ModuleName : C:\WINDOWS\SYSTEM\mmtask.tsk
Command Line : n/a
ProcessID : 4294936785
Threads : 1
Priority : Normal
FileVersion : 4.03.1998
ProductVersion : 4.03.1998
ProductName : Microsoft Windows
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
LegalCopyright : Copyright © Microsoft Corp. 1991-1998
OriginalFilename : mmtask.tsk

#:5 [EXPLORER.EXE]
ModuleName : C:\WINDOWS\EXPLORER.EXE
Command Line : C:\WINDOWS\Explorer.exe
ProcessID : 4294854313
Threads : 4
Priority : Normal
FileVersion : 4.72.3110.1
ProductVersion : 4.72.3110.1
ProductName : Microsoft® Windows NT® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-1997
OriginalFilename : EXPLORER.EXE

#:6 [RPCSS.EXE]
ModuleName : C:\WINDOWS\SYSTEM\RPCSS.EXE
Command Line : RPCSS
ProcessID : 4294854213
Threads : 5
Priority : Normal
FileVersion : 4.71.2900
ProductVersion : 4.71.2900
ProductName : Microsoft® Windows NT™ Operating System
CompanyName : Microsoft Corporation
FileDescription : Distributed COM Services
InternalName : rpcss.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1998
OriginalFilename : rpcss.exe

#:7 [SYSTRAY.EXE]
ModuleName : C:\WINDOWS\SYSTEM\SYSTRAY.EXE
Command Line : "C:\WINDOWS\SYSTEM\SysTray.Exe"
ProcessID : 4294869209
Threads : 1
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : System Tray Applet
InternalName : SYSTRAY
LegalCopyright : Copyright © Microsoft Corp. 1993-1998
OriginalFilename : SYSTRAY.EXE

#:8 [LOADQM.EXE]
ModuleName : C:\WINDOWS\LOADQM.EXE
Command Line : "C:\WINDOWS\loadqm.exe"
ProcessID : 4294791113
Threads : 3
Priority : Normal
FileVersion : 5.4.1103.3
ProductVersion : 5.4.1103.3
ProductName : QMgr Loader
CompanyName : Microsoft Corporation
FileDescription : Microsoft QMgr
InternalName : LOADQM.EXE
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : LOADQM.EXE

#:9 [STIMON.EXE]
ModuleName : C:\WINDOWS\SYSTEM\STIMON.EXE
Command Line : "C:\WINDOWS\SYSTEM\STIMON.EXE"
ProcessID : 4294793489
Threads : 3
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Still Image Devices Monitor
InternalName : STIMON
LegalCopyright : Copyright © Microsoft Corp. 1996-1998
OriginalFilename : STIMON.EXE

#:10 [UMSD.EXE]
ModuleName : C:\PROGRAM FILES\UMSD TOOLS\UMSD.EXE
Command Line : "C:\program files\umsd tools\umsd.exe" sys_auto_run C:\Program Files\UMSD Tools
ProcessID : 4294782397
Threads : 2
Priority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : UMSD Application
FileDescription : UMSD MFC Application
InternalName : UMSD
LegalCopyright : Copyright © 2002
OriginalFilename : UMSD.EXE

#:11 [QTTASK.EXE]
ModuleName : C:\WINDOWS\SYSTEM\QTTASK.EXE
Command Line : "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
ProcessID : 4294786665
Threads : 2
Priority : Normal
FileVersion : 6.5
ProductVersion : QuickTime 6.5
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:12 [USBMONIT.EXE]
ModuleName : C:\WINDOWS\SYSTEM\USBMONIT.EXE
Command Line : "C:\WINDOWS\SYSTEM\USBMonit.exe"
ProcessID : 4294777301
Threads : 1
Priority : Normal
FileVersion : 2, 3, 0, 0
ProductVersion : 2, 3, 0, 0
ProductName : Gene USB Monitor
CompanyName : General
FileDescription : Gene USB Monitor
InternalName : USBMonitor
LegalCopyright : Copyright © 2000-2004
OriginalFilename : USBMonit.exe

#:13 [REALSCHED.EXE]
ModuleName : C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
ProcessID : 4294799533
Threads : 2
Priority : Normal
FileVersion : 0.1.0.3275
ProductVersion : 0.1.0.3275
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:14 [SYSKA32.EXE]
ModuleName : C:\WINDOWS\SYSKA32.EXE
Command Line : "C:\WINDOWS\SYSKA32.EXE"
ProcessID : 4294830145
Threads : 4
Priority : Normal


#:15 [THGUARD.EXE]
ModuleName : C:\PROGRAM FILES\TROJANHUNTER 4.2\THGUARD.EXE
Command Line : "C:\PROGRAM FILES\TROJANHUNTER 4.2\THGUARD.EXE"
ProcessID : 4294828245
Threads : 2
Priority : Normal
FileVersion : 3.8.0.275
ProductVersion : 1.0.0.0
ProductName : TrojanHunter Guard
CompanyName : Mischel Internet Security
FileDescription : TrojanHunter Guard
LegalCopyright : Mischel Internet Security
LegalTrademarks : TrojanHunter is a trademark of Mischel Internet Security.
OriginalFilename : THGuard.exe

#:16 [WPC11CFG.EXE]
ModuleName : C:\PROGRAM FILES\LINKSYS\WIRELESS-B NOTEBOOK ADAPTER\WPC11CFG.EXE
Command Line : "C:\Program Files\Linksys\Wireless-B Notebook Adapter\WPC11Cfg.exe"
ProcessID : 4294812205
Threads : 1
Priority : Normal
FileVersion : 2.1.0.4
ProductVersion : 1.0.5.0
ProductName : Linksys Instant WLAN Monitor
CompanyName : Cisco-Linksys, LLC.
FileDescription : Linksys Instant WLAN Monitor
InternalName : WLANMonitor.EXE
LegalCopyright : Copyright © 2003, Cisco-Linksys, LLC.
LegalTrademarks : Instant Wireless
OriginalFilename : WLANMonitor.EXE
Comments : Linksys Instant WLAN Monitor

#:17 [AD-AWARE.EXE]
ModuleName : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\AD-AWARE.EXE
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 4294904493
Threads : 4
Priority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:18 [MFCJA.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MFCJA.EXE
Command Line : C:\WINDOWS\system\mfcja.exe /s
ProcessID : 4294266361
Threads : 1
Priority : Normal


VX2 Object Recognized!
Type : Process
Data : MFCJA.EXE
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\SYSTEM\


Warning! VX2 Object found in memory(C:\WINDOWS\SYSTEM\MFCJA.EXE)

"C:\WINDOWS\SYSTEM\MFCJA.EXE"Process terminated successfully

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 1


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1


Disk Scan Result for c:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1


Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1

19:13:17 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:08:52.610
Objects scanned:68438
Objects identified:1
Objects ignored:0
New critical objects:1