Bob
Ad-Aware SE Build 1.05
Logfile Created on:Thursday, May 12, 2005 8:44:18 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R44 10.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
CoolWebSearch(TAC index:10):2 total references
Tracking Cookie(TAC index:3):5 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R44 10.05.2005
Internal build : 52
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\defs.ref
File size : 470885 Bytes
Total size : 1423894 Bytes
Signature data size : 1392940 Bytes
Reference data size : 30442 Bytes
Signatures total : 39753
Fingerprints total : 872
Fingerprints size : 29756 Bytes
Target categories : 15
Target families : 668
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:0 %
Total physical memory:130588 kb
Available physical memory:856 kb
Total page file size:1966560 kb
Available on page file:1809508 kb
Total virtual memory:2093056 kb
Available virtual memory:1768896 kb
OS:Microsoft Windows 98 SE
Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects
5-12-05 8:44:19 PM - Scan started. (Full System Scan)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [KERNEL32.DLL]
ModuleName : C:\WINDOWS\SYSTEM\KERNEL32.DLL
Command Line : n/a
ProcessID : 4279235445
Threads : 5
Priority : High
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
LegalCopyright : Copyright © Microsoft Corp. 1991-1999
OriginalFilename : KERNEL32.DLL
#:2 [MSGSRV32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MSGSRV32.EXE
Command Line : n/a
ProcessID : 4294944125
Threads : 1
Priority : Normal
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
LegalCopyright : Copyright © Microsoft Corp. 1992-1998
OriginalFilename : MSGSRV32.EXE
#:3 [SPOOL32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\SPOOL32.EXE
Command Line : C:\WINDOWS\SYSTEM\spool32.exe
ProcessID : 4294946149
Threads : 4
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler Sub System Process
InternalName : spool32
LegalCopyright : Copyright © Microsoft Corp. 1994 - 1998
OriginalFilename : spool32.exe
#:4 [MPREXE.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MPREXE.EXE
Command Line : C:\WINDOWS\SYSTEM\MPREXE.EXE
ProcessID : 4294854613
Threads : 1
Priority : Normal
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
LegalCopyright : Copyright © Microsoft Corp. 1993-1998
OriginalFilename : MPREXE.EXE
#:5 [VSSTAT.EXE]
ModuleName : C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\VSSTAT.EXE
Command Line : "c:\Program Files\McAfee\McAfee VirusScan\VSSTAT.EXE" /SHOWWARNING
ProcessID : 4294849393
Threads : 2
Priority : Normal
FileVersion : 4.0.3
ProductVersion : 4.0.3
ProductName : McAfee VirusScan
CompanyName : Network Associates Inc
FileDescription : VShield Statistics
InternalName : VsStat.exe
LegalCopyright : Copyright © 1999 Network Associates Inc.
LegalTrademarks : VirusScan® is a registered trademark of Network Associates Inc. McAfee is a trademark of Network Associates Inc.
OriginalFilename : VSStat.exe
#:6 [WEBSCANX.EXE]
ModuleName : C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\WEBSCANX.EXE
Command Line : "C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\WebScanX.Exe" /RUNSERVICES
ProcessID : 4294893517
Threads : 2
Priority : Normal
FileVersion : 4.0.3
ProductVersion : 4.0.3
ProductName : McAfee VirusScan
CompanyName : Network Associates, Inc.
FileDescription : WebScanX
InternalName : McAfee WebScanX
LegalCopyright : Copyright © 1999 Network Associates Inc.
LegalTrademarks : VirusScan® is a registered trademark of Network Associates Inc. McAfee is a trademark of Network Associates Inc.
OriginalFilename : WebScanX.exe
#:7 [MSTASK.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MSTASK.EXE
Command Line : mstask.exe
ProcessID : 4294881125
Threads : 2
Priority : Normal
FileVersion : 4.71.1972.1
ProductVersion : 4.71.1972.1
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright © Microsoft Corp. 2000
OriginalFilename : mstask.exe
#:8 [ABCD.EXE]
ModuleName : C:\WINDOWS\SYSTEM\ABCD.EXE
Command Line : "C:\WINDOWS\SYSTEM\abcd.exe" /S
ProcessID : 4294873517
Threads : 2
Priority : Normal
FileVersion : 1, 3, 0, 120
ProductVersion : 1, 3, 0, 0
ProductName : abCD
CompanyName : Prassi Software USA, Inc.
FileDescription : abCD Interface application
InternalName : abCD
LegalCopyright : Copyright© 1998-99 by Prassi Software USA, Inc.
LegalTrademarks : "Prassi abCD" is a Trademark of Prassi Software USA, Inc.
OriginalFilename : abCD.exe
#:9 [LXBTPPLS.EXE]
ModuleName : C:\WINDOWS\SYSTEM\LXBTPPLS.EXE
Command Line : "C:\WINDOWS\SYSTEM\LXBTppls.exe"
ProcessID : 4294785277
Threads : 2
Priority : Normal
FileVersion : 1.27.12.0
ProductVersion : 1.27.12.0
ProductName : Lexmark Communication System
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark Communication System
InternalName : LXBTppls.exe
LegalCopyright : © Lexmark International, Inc. 2001-2004
OriginalFilename : LXBTppls.exe
#:10 [RPCSS.EXE]
ModuleName : C:\WINDOWS\SYSTEM\RPCSS.EXE
Command Line : RPCSS
ProcessID : 4294817525
Threads : 5
Priority : Normal
FileVersion : 4.71.2900
ProductVersion : 4.71.2900
ProductName : Microsoft® Windows NT Operating System
CompanyName : Microsoft Corporation
FileDescription : Distributed COM Services
InternalName : rpcss.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1998
OriginalFilename : rpcss.exe
#:11 [mmtask.tsk]
ModuleName : C:\WINDOWS\SYSTEM\mmtask.tsk
Command Line : n/a
ProcessID : 4294801701
Threads : 1
Priority : Normal
FileVersion : 4.03.1998
ProductVersion : 4.03.1998
ProductName : Microsoft Windows
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
LegalCopyright : Copyright © Microsoft Corp. 1991-1998
OriginalFilename : mmtask.tsk
#:12 [EXPLORER.EXE]
ModuleName : C:\WINDOWS\EXPLORER.EXE
Command Line : C:\WINDOWS\Explorer.exe
ProcessID : 4294720469
Threads : 4
Priority : Normal
FileVersion : 4.72.3110.1
ProductVersion : 4.72.3110.1
ProductName : Microsoft® Windows NT® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-1997
OriginalFilename : EXPLORER.EXE
#:13 [ALOGSERV.EXE]
ModuleName : C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\ALOGSERV.EXE
Command Line : "C:\Program Files\McAfee\McAfee VirusScan\AlogServ.exe"
ProcessID : 4294718621
Threads : 2
Priority : Normal
FileVersion : 1.0
ProductVersion : 1.0
ProductName : Part of VirusScan 2000
CompanyName : Network Associates
FileDescription : AlogServ
InternalName : AlogServ
LegalCopyright : Copyright © 1999 Network Associates
OriginalFilename : AlogServ.exe
Comments : Activity Log Server
#:14 [AVCONSOL.EXE]
ModuleName : C:\PROGRAM FILES\MCAFEE\MCAFEE VIRUSSCAN\AVCONSOL.EXE
Command Line : "C:\Program Files\McAfee\McAfee VirusScan\avconsol.exe" /minimize
ProcessID : 4294747533
Threads : 1
Priority : Normal
FileVersion : 4.0.3
ProductVersion : 4.0.3
ProductName : VirusScan
CompanyName : Network Associates Inc
FileDescription : McAfee VirusScan Scheduler File
InternalName : VirusScan Scheduler
LegalCopyright : Copyright © 1999 Network Associates Inc.
LegalTrademarks : VirusScan® is a registered trademark of Network Associates Inc. McAfee is a trademark of Network Associates Inc.
OriginalFilename : Schedule.exe
#:15 [CMGRDIAN.EXE]
ModuleName : C:\PROGRAM FILES\MCAFEE\MCAFEE SHARED COMPONENTS\GUARDIAN\CMGRDIAN.EXE
Command Line : "C:\PROGRAM FILES\MCAFEE\MCAFEE SHARED COMPONENTS\GUARDIAN\CMGRDIAN.EXE" /SU
ProcessID : 4294753461
Threads : 1
Priority : Normal
FileVersion : 2.0.0.3
ProductVersion : 2.0.0.3
ProductName : First Aid Guardian
CompanyName : Network Associates, Inc.
FileDescription : First Aid Guardian
InternalName : CMGrdian
LegalCopyright : Copyright © 1997-1999 Network Associates, Inc.
OriginalFilename : CMGrdian.exe
#:16 [LXBTBMGR.EXE]
ModuleName : C:\PROGRAM FILES\LEXMARK 5200 SERIES\LXBTBMGR.EXE
Command Line : "C:\Program Files\Lexmark 5200 series\lxbtbmgr.exe"
ProcessID : 4294640381
Threads : 1
Priority : Normal
FileVersion : 1.0.5.7
ProductVersion : 1.0.5.7
ProductName : Button Manager Executable
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark 5200 Series Button Manager
InternalName : lxbtbmgr.exe
LegalCopyright : © 2002 Lexmark International, Inc.
OriginalFilename : lxbtbmgr.exe
#:17 [LOADQM.EXE]
ModuleName : C:\WINDOWS\LOADQM.EXE
Command Line : "C:\WINDOWS\loadqm.exe"
ProcessID : 4294690577
Threads : 3
Priority : Normal
FileVersion : 5.4.1103.3
ProductVersion : 5.4.1103.3
ProductName : QMgr Loader
CompanyName : Microsoft Corporation
FileDescription : Microsoft QMgr
InternalName : LOADQM.EXE
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : LOADQM.EXE
#:18 [MSNMSGR.EXE]
ModuleName : C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
Command Line : "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
ProcessID : 4294667497
Threads : 2
Priority : Normal
FileVersion : 6.2.0137
ProductVersion : Version 6.2
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright © Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe
#:19 [LXBTBMON.EXE]
ModuleName : C:\PROGRAM FILES\LEXMARK 5200 SERIES\LXBTBMON.EXE
Command Line : "C:\PROGRAM FILES\LEXMARK 5200 SERIES\lxbtbmon.exe"
ProcessID : 4294654669
Threads : 2
Priority : Normal
FileVersion : 1.0.5.7
ProductVersion : 1.0.5.7
ProductName : Button Monitor Executable
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark 5200 Series Button Monitor
InternalName : lxbtbmon.exe
LegalCopyright : © 2002 Lexmark International, Inc.
OriginalFilename : lxbtbmon.exe
#:20 [SPYSUB.EXE]
ModuleName : C:\PROGRAM FILES\INTERMUTE\SPYSUBTRACT\SPYSUB.EXE
Command Line : "C:\Program Files\interMute\SpySubtract\SpySub.exe" -autostart
ProcessID : 4294598433
Threads : 9
Priority : Normal
FileVersion : 1, 0, 1, 49
ProductVersion : 2.60
ProductName : SpySubtract
CompanyName : InterMute, Inc.
FileDescription : SpySubtract Program EXE
InternalName : SpySub.exe
LegalCopyright : Copyright © 2004 InterMute, Inc. All rights reserved.
OriginalFilename : SpySub.exe
#:21 [CRASHMON.EXE]
ModuleName : C:\PROGRAM FILES\MCAFEE\MCAFEE SHARED COMPONENTS\CRASH PROTECTOR\CRASHMON.EXE
Command Line : "C:\PROGRAM FILES\MCAFEE\MCAFEE SHARED COMPONENTS\CRASH PROTECTOR\CRASHMON.EXE" /16:1 /32:1 /kernel:1
ProcessID : 4294690533
Threads : 1
Priority : Normal
FileVersion : 6.0.0.0
ProductVersion : 6.0.0.0
ProductName : Crash Protector
CompanyName : Network Associates, Inc.
FileDescription : McAfee Crash Monitor Application
InternalName : crashmon.exe
LegalCopyright : Copyright © 1998 Network Associates, Inc.
OriginalFilename : crashmon.exe
#:22 [FACPRMON.EXE]
ModuleName : C:\PROGRAM FILES\MCAFEE\MCAFEE SHARED COMPONENTS\CRASH PROTECTOR\FACPRMON.EXE
Command Line : "C:\PROGRAM FILES\MCAFEE\MCAFEE SHARED COMPONENTS\CRASH PROTECTOR\FACPRMON.EXE" /cad:1
ProcessID : 4294537401
Threads : 1
Priority : Normal
FileVersion : 6.0.0.0
ProductVersion : 6.0.0.0
ProductName : Crash Protector
CompanyName : Network Associates, Inc.
FileDescription : cprmon Application
InternalName : cprmon.exe
LegalCopyright : Copyright © 1998 Network Associates, Inc.
OriginalFilename : cprmon.rc
#:23 [FAMONHKW.EXE]
ModuleName : C:\PROGRAM FILES\MCAFEE\FIRST AID\FAMONHKW.EXE
Command Line : "C:\PROGRAM FILES\MCAFEE\FIRST AID\FAMONHKW.EXE" /START
ProcessID : 4294540737
Threads : 1
Priority : Normal
FileVersion : 6.0.0.5
ProductVersion : 6.0.0.5
ProductName : First Aid
CompanyName : Network Associates, Inc.
FileDescription : Event Monitor Hook Exe
InternalName : FAMONHKW
LegalCopyright : Copyright © 1998-1999 Network Associates, Inc.
OriginalFilename : FAMONHKW.EXE
#:24 [RESMON.EXE]
ModuleName : C:\PROGRAM FILES\MCAFEE\FIRST AID\RESMON.EXE
Command Line : "C:\PROGRAM FILES\MCAFEE\FIRST AID\RESMON.EXE"
ProcessID : 4294511485
Threads : 1
Priority : Normal
FileVersion : 6.0.0.0
ProductVersion : 6.0.0.0
ProductName : FirstAid
CompanyName : Network Associates, Inc.
FileDescription : resmon
InternalName : resmon
LegalCopyright : Copyright © 1998 Network Associates, Inc.
OriginalFilename : resmon.exe
#:25 [FADSKMON.EXE]
ModuleName : C:\PROGRAM FILES\MCAFEE\FIRST AID\FADSKMON.EXE
Command Line : "C:\PROGRAM FILES\MCAFEE\FIRST AID\FADSKMON.EXE"
ProcessID : 4294674605
Threads : 1
Priority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : NAI FADskmon
CompanyName : NAI
FileDescription : FADskmon
InternalName : FADskmon
LegalCopyright : Copyright © 1998
OriginalFilename : FADskmon.exe
#:26 [FASMTMON.EXE]
ModuleName : C:\PROGRAM FILES\MCAFEE\FIRST AID\FASMTMON.EXE
Command Line : "C:\PROGRAM FILES\MCAFEE\FIRST AID\FASMTMON.EXE"
ProcessID : 4294671001
Threads : 1
Priority : Normal
FileVersion : 6.0.0.0
ProductVersion : 6.0.0.0
ProductName : First Aid
CompanyName : Network Associates, Inc.
FileDescription : S.M.A.R.T. Disk Monitor
LegalCopyright : Copyright © 1998 Network Associates, Inc.
OriginalFilename : fasmtmon.exe
#:27 [CMCP16.EXE]
ModuleName : C:\PROGRAM FILES\MCAFEE\MCAFEE SHARED COMPONENTS\CRASH PROTECTOR\CMCP16.EXE
Command Line : n/a
ProcessID : 4294522985
Threads : 1
Priority : Normal
#:28 [PSTORES.EXE]
ModuleName : C:\WINDOWS\SYSTEM\PSTORES.EXE
Command Line : C:\WINDOWS\SYSTEM\PSTORES.EXE
ProcessID : 4294556453
Threads : 3
Priority : Normal
FileVersion : 5.00.1877.3
ProductVersion : 5.00.1877.3
ProductName : Microsoft® Windows NT® Operating System
CompanyName : Microsoft Corporation
FileDescription : Protected storage server
InternalName : Protected storage server
LegalCopyright : Copyright © Microsoft Corp. 1981-1998
OriginalFilename : Protected storage server
#:29 [AD-AWARE.EXE]
ModuleName : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\AD-AWARE.EXE
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 4294552185
Threads : 4
Priority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
#:30 [DDHELP.EXE]
ModuleName : C:\WINDOWS\SYSTEM\DDHELP.EXE
Command Line : ddhelp.exe
ProcessID : 4294278229
Threads : 5
Priority : Realtime
FileVersion : 4.09.00.0900
ProductVersion : 4.09.00.0900
ProductName : Microsoft® DirectX for Windows®
CompanyName : Microsoft Corporation
FileDescription : Microsoft DirectX Helper
InternalName : DDHelp.exe
LegalCopyright : Copyright © Microsoft Corp. 1994-2002
OriginalFilename : DDHelp.exe
#:31 [IEXPLORE.EXE]
ModuleName : C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
Command Line : "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
ProcessID : 4294274557
Threads : 13
Priority : Normal
FileVersion : 6.00.2600.0000
ProductVersion : 6.00.2600.0000
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
CoolWebSearch Object Recognized!
Type : Process
Data : MSSNQ.DLL
Category : Malware
Comment : (CSI MATCH)
Object : C:\WINDOWS\SYSTEM\
Warning! CoolWebSearch Object found in memory(C:\WINDOWS\SYSTEM\MSSNQ.DLL)
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:11
Value : Cookie:[email protected]/
Expires : 5-5-35 8:45:40 PM
LastSync : Hits:11
UseCount : 0
Hits : 11
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : bob@2o7[2].txt
Category : Data Miner
Comment : Hits:10
Value : Cookie:[email protected]/
Expires : 5-11-10 8:47:50 PM
LastSync : Hits:10
UseCount : 0
Hits : 10
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : bob@questionmarket[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 7-3-06 12:44:30 PM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 3
Objects found so far: 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : bob@questionmarket[1].txt
Category : Data Miner
Comment :
Value : c:\Windows\Profiles\Bob\Cookies\bob@questionmarket[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : bob@2o7[2].txt
Category : Data Miner
Comment :
Value : c:\Windows\Profiles\Bob\Cookies\bob@2o7[2].txt
Disk Scan Result for c:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 6
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\main
Value : Use Custom Search URL
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 7
9:11:57 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:27:38.970
Objects scanned:115124
Objects identified:6
Objects ignored:0
New critical objects:6