Hi, I ran Ad-Aware just now and it found several instances of Surf Sidekick.... how is this possible? I am posting the log and deleting all critical objects mentioned by Ad-aware. It seems like my system is running pretty well right now, so I was surprised by the Ad-aware results. What are your thoughts?Ad-Aware SE Build 1.06r1
Logfile Created on:Saturday, November 19, 2005 11:15:35 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R75 15.11.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
CmdServices(TAC index:4):9 total references
MRU List(TAC index:0):10 total references
SurfSideKickBHO(TAC index:7):3 total references
Tracking Cookie(TAC index:3):5 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R74 09.11.2005
Internal build : 86
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 540082 Bytes
Total size : 1622678 Bytes
Signature data size : 1589004 Bytes
Reference data size : 33162 Bytes
Signatures total : 45269
CSI Fingerprints total : 1076
CSI data size : 30430 Bytes
Target categories : 15
Target families : 772
11-19-2005 11:14:43 AM Performing WebUpdate...
Installing Update...
Definitions File Loaded:
Reference Number : SE1R75 15.11.2005
Internal build : 87
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 546018 Bytes
Total size : 1639939 Bytes
Signature data size : 1606071 Bytes
Reference data size : 33356 Bytes
Signatures total : 45707
CSI Fingerprints total : 1103
CSI data size : 31460 Bytes
Target categories : 15
Target families : 782
11-19-2005 11:14:56 AM Success
Update successfully downloaded and installed.
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:31 %
Total physical memory:392272 kb
Available physical memory:119352 kb
Total page file size:940976 kb
Available on page file:620100 kb
Total virtual memory:2097024 kb
Available virtual memory:2040100 kb
OS:Microsoft Windows 2000 Professional Service Pack 4 (Build 2195)
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
11-19-2005 11:15:35 AM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\anne\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1935655697-2111687655-1060284298-1000\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1935655697-2111687655-1060284298-1000\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1935655697-2111687655-1060284298-1000\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console
MRU List Object Recognized!
Location: : S-1-5-21-1935655697-2111687655-1060284298-1000\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1935655697-2111687655-1060284298-1000\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1935655697-2111687655-1060284298-1000\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-1935655697-2111687655-1060284298-1000\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run
MRU List Object Recognized!
Location: : S-1-5-21-1935655697-2111687655-1060284298-1000\software\nico mak computing\winzip\filemenu
Description : winzip recently used archives
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 152
ThreadCreationTime : 11-19-2005 5:30:08 AM
BasePriority : Normal
#:2 [winlogon.exe]
ModuleName : \??\C:\WINNT\system32\winlogon.exe
Command Line : n/a
ProcessID : 172
ThreadCreationTime : 11-19-2005 5:30:15 AM
BasePriority : High
#:3 [services.exe]
ModuleName : C:\WINNT\system32\services.exe
Command Line : n/a
ProcessID : 224
ThreadCreationTime : 11-19-2005 5:30:17 AM
BasePriority : Normal
FileVersion : 5.00.2195.7035
ProductVersion : 5.00.2195.7035
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : services.exe
#:4 [lsass.exe]
ModuleName : C:\WINNT\system32\lsass.exe
Command Line : n/a
ProcessID : 236
ThreadCreationTime : 11-19-2005 5:30:17 AM
BasePriority : Normal
FileVersion : 5.00.2195.7011
ProductVersion : 5.00.2195.7011
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Executable and Server DLL (Export Version)
InternalName : lsasrv.dll and lsass.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : lsasrv.dll and lsass.exe
#:5 [svchost.exe]
ModuleName : C:\WINNT\system32\svchost.exe
Command Line : n/a
ProcessID : 416
ThreadCreationTime : 11-19-2005 5:30:23 AM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : svchost.exe
#:6 [spoolsv.exe]
ModuleName : C:\WINNT\system32\spoolsv.exe
Command Line : n/a
ProcessID : 448
ThreadCreationTime : 11-19-2005 5:30:26 AM
BasePriority : Normal
FileVersion : 5.00.2195.7059
ProductVersion : 5.00.2195.7059
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : spoolss.exe
#:7 [acsd.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
Command Line : n/a
ProcessID : 484
ThreadCreationTime : 11-19-2005 5:30:27 AM
BasePriority : Normal
#:8 [ccsetmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
Command Line : n/a
ProcessID : 528
ThreadCreationTime : 11-19-2005 5:30:31 AM
BasePriority : Normal
FileVersion : 103.0.5.2
ProductVersion : 103.0.5.2
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe
#:9 [svchost.exe]
ModuleName : C:\WINNT\System32\svchost.exe
Command Line : n/a
ProcessID : 548
ThreadCreationTime : 11-19-2005 5:30:33 AM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : svchost.exe
#:10 [ewidoctrl.exe]
ModuleName : C:\Program Files\ewido\security suite\ewidoctrl.exe
Command Line : n/a
ProcessID : 564
ThreadCreationTime : 11-19-2005 5:30:33 AM
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : ewido control
CompanyName : ewido networks
FileDescription : ewido control
InternalName : ewido control
LegalCopyright : Copyright © 2004
OriginalFilename : ewidoctrl.exe
#:11 [navapsvc.exe]
ModuleName : C:\Program Files\Norton AntiVirus\navapsvc.exe
Command Line : n/a
ProcessID : 264
ThreadCreationTime : 11-19-2005 5:30:35 AM
BasePriority : Normal
FileVersion : 11.0.16.2
ProductVersion : 11.0.16
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:12 [npfmntor.exe]
ModuleName : C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
Command Line : n/a
ProcessID : 680
ThreadCreationTime : 11-19-2005 5:30:40 AM
BasePriority : Normal
FileVersion : 11.0.16.2
ProductVersion : 11.0.16
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE
#:13 [nvsvc32.exe]
ModuleName : C:\WINNT\system32\nvsvc32.exe
Command Line : n/a
ProcessID : 728
ThreadCreationTime : 11-19-2005 5:30:41 AM
BasePriority : Normal
FileVersion : 6.14.10.5216
ProductVersion : 6.14.10.5216
ProductName : NVIDIA Driver Helper Service, Version 52.16
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 52.16
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe
#:14 [pppoeservice.exe]
ModuleName : C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
Command Line : n/a
ProcessID : 784
ThreadCreationTime : 11-19-2005 5:30:43 AM
BasePriority : Normal
#:15 [regsvc.exe]
ModuleName : C:\WINNT\system32\regsvc.exe
Command Line : n/a
ProcessID : 812
ThreadCreationTime : 11-19-2005 5:30:44 AM
BasePriority : Normal
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : REGSVC.EXE
#:16 [mstask.exe]
ModuleName : C:\WINNT\system32\MSTask.exe
Command Line : n/a
ProcessID : 860
ThreadCreationTime : 11-19-2005 5:30:45 AM
BasePriority : Normal
FileVersion : 4.71.2195.6972
ProductVersion : 4.71.2195.6972
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright © Microsoft Corp. 1997
OriginalFilename : mstask.exe
#:17 [sndsrvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
Command Line : n/a
ProcessID : 880
ThreadCreationTime : 11-19-2005 5:30:47 AM
BasePriority : Normal
FileVersion : 5.5.1.6
ProductVersion : 5.5
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe
#:18 [spbbcsvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
Command Line : n/a
ProcessID : 948
ThreadCreationTime : 11-19-2005 5:30:50 AM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe
#:19 [stisvc.exe]
ModuleName : C:\WINNT\system32\stisvc.exe
Command Line : n/a
ProcessID : 968
ThreadCreationTime : 11-19-2005 5:30:51 AM
BasePriority : Normal
FileVersion : 5.00.2195.6656
ProductVersion : 5.00.2195.6656
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Still Image Devices Monitor
InternalName : STIMON
LegalCopyright : Copyright © Microsoft Corp. 1996-1997
OriginalFilename : STIMON.EXE
#:20 [symlcsvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Command Line : n/a
ProcessID : 1016
ThreadCreationTime : 11-19-2005 5:30:57 AM
BasePriority : Normal
FileVersion : 1.8.54.841
ProductVersion : 1.8.54.841
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe
#:21 [winmgmt.exe]
ModuleName : C:\WINNT\System32\WBEM\WinMgmt.exe
Command Line : n/a
ProcessID : 1088
ThreadCreationTime : 11-19-2005 5:31:04 AM
BasePriority : Normal
FileVersion : 1.50.1085.0100
ProductVersion : 1.50.1085.0100
ProductName : Windows Management Instrumentation
CompanyName : Microsoft Corporation
FileDescription : Windows Management Instrumentation
InternalName : WINMGMT
LegalCopyright : Copyright © Microsoft Corp. 1995-1999
#:22 [explorer.exe]
ModuleName : C:\WINNT\Explorer.EXE
Command Line : C:\WINNT\Explorer.EXE
ProcessID : 1116
ThreadCreationTime : 11-19-2005 5:31:04 AM
BasePriority : Normal
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : EXPLORER.EXE
#:23 [svchost.exe]
ModuleName : C:\WINNT\system32\svchost.exe
Command Line : n/a
ProcessID : 1144
ThreadCreationTime : 11-19-2005 5:31:06 AM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : svchost.exe
#:24 [ccevtmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
Command Line : n/a
ProcessID : 1156
ThreadCreationTime : 11-19-2005 5:31:06 AM
BasePriority : Normal
FileVersion : 103.0.5.2
ProductVersion : 103.0.5.2
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:25 [motivesb.exe]
ModuleName : C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe
Command Line : "C:\PROGRA~1\SBCSEL~1\SMARTB~1\MotiveSB.exe"
ProcessID : 1340
ThreadCreationTime : 11-19-2005 5:31:20 AM
BasePriority : Normal
FileVersion : 5.6.7.asst_classic.smartbridge.20031210_035000
ProductVersion : 5.6.7.asst_classic.smartbridge
ProductName : Motive System
CompanyName : Motive Communications, Inc.
FileDescription : SBC Self Support Tool Alerts
InternalName : version
LegalCopyright : Copyright 1998-2003
OriginalFilename : version
#:26 [ccapp.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Command Line : n/a
ProcessID : 1368
ThreadCreationTime : 11-19-2005 5:31:21 AM
BasePriority : Normal
FileVersion : 103.0.5.2
ProductVersion : 103.0.5.2
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:27 [ipmon32.exe]
ModuleName : C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe
Command Line : "C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPMon32.exe"
ProcessID : 648
ThreadCreationTime : 11-19-2005 5:31:22 AM
BasePriority : Normal
FileVersion : 5.5.33.226
ProductVersion : 5.5.33.226
ProductName : Visual IP InSight
CompanyName : Visual Networks
FileDescription : IP Monitor
InternalName : IPMON32
LegalCopyright : Copyright © 1996-2001 Visual Networks Technologies, Inc.
OriginalFilename : ipmon32.exe
#:28 [hpwuschd2.exe]
ModuleName : C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
Command Line : "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
ProcessID : 1388
ThreadCreationTime : 11-19-2005 5:31:23 AM
BasePriority : Normal
FileVersion : 5, 0, 0, 0
ProductVersion : 5, 0, 0, 0
ProductName : HP Software Update Application
CompanyName : Hewlett-Packard Company
FileDescription : hpwuSchd
InternalName : hpwuSchd
LegalCopyright : Copyright © 2003
OriginalFilename : hpwuSchd.exe
#:29 [ituneshelper.exe]
ModuleName : C:\Program Files\iTunes\iTunesHelper.exe
Command Line : "C:\Program Files\iTunes\iTunesHelper.exe"
ProcessID : 1408
ThreadCreationTime : 11-19-2005 5:31:24 AM
BasePriority : Normal
FileVersion : 6.0.0.18
ProductVersion : 6.0.0.18
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2005 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe
#:30 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 1416
ThreadCreationTime : 11-19-2005 5:31:25 AM
BasePriority : Normal
FileVersion : 7.0.3
ProductVersion : QuickTime 7.0.3
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
FileDescription : QuickTime Task
InternalName : QuickTime Task
LegalCopyright : Copyright Apple Computer, Inc. 1989-2005
OriginalFilename : QTTask.exe
#:31 [wzqkpick.exe]
ModuleName : C:\Program Files\WinZip\WZQKPICK.EXE
Command Line : "C:\Program Files\WinZip\WZQKPICK.EXE"
ProcessID : 1528
ThreadCreationTime : 11-19-2005 5:31:29 AM
BasePriority : Normal
FileVersion : 1.0 (32-bit)
ProductVersion : 9.0 (6224)
ProductName : WinZip
CompanyName : WinZip Computing, Inc.
FileDescription : WinZip Executable
InternalName : WZQKPICK.EXE
LegalCopyright : Copyright © WinZip Computing, Inc. 1991-2004 - All Rights Reserved
LegalTrademarks : WinZip is a registered trademark of WinZip Computing, Inc
OriginalFilename : WZQKPICK.EXE
Comments : StringFileInfo: U.S. English
#:32 [hpqtra08.exe]
ModuleName : C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Command Line : "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"
ProcessID : 1580
ThreadCreationTime : 11-19-2005 5:31:31 AM
BasePriority : Normal
FileVersion : 45.4.157.000
ProductVersion : 045.004.157.000
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP Digital Imaging Monitor
InternalName : HPQTRA00
LegalCopyright : Copyright © Hewlett-Packard Co. 1995-2004
OriginalFilename : HPQTRA00.EXE
Comments : HP Digital Imaging Monitor
#:33 [mpbtn.exe]
ModuleName : C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe
Command Line : "C:\Program Files\SBC Self Support Tool\bin\mpbtn.exe"
ProcessID : 1484
ThreadCreationTime : 11-19-2005 5:31:50 AM
BasePriority : Normal
#:34 [hpqgalry.exe]
ModuleName : C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
Command Line : "C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe" -s
ProcessID : 1864
ThreadCreationTime : 11-19-2005 5:32:12 AM
BasePriority : Normal
#:35 [ipodservice.exe]
ModuleName : C:\Program Files\iPod\bin\iPodService.exe
Command Line : n/a
ProcessID : 1176
ThreadCreationTime : 11-19-2005 5:33:09 AM
BasePriority : Normal
FileVersion : 6.0.0.18
ProductVersion : 6.0.0.18
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2005 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe
#:36 [ycommon.exe]
ModuleName : C:\PROGRA~1\YAHOO!\browser\ycommon.exe
Command Line : C:\PROGRA~1\YAHOO!\browser\ycommon.exe -Embedding
ProcessID : 476
ThreadCreationTime : 11-19-2005 5:48:00 AM
BasePriority : Normal
FileVersion : 2003, 9, 3, 1
ProductVersion : 1, 0, 0, 1
ProductName : YCommon Exe Module
CompanyName : Yahoo!, Inc.
FileDescription : YCommon Exe Module
InternalName : YCommonExe
LegalCopyright : Copyright 2003 Yahoo! Inc.
OriginalFilename : YCommon.EXE
#:37 [rsvp.exe]
ModuleName : C:\WINNT\System32\rsvp.exe
Command Line : n/a
ProcessID : 296
ThreadCreationTime : 11-19-2005 5:48:20 AM
BasePriority : Normal
FileVersion : 5.00.2195.6663
ProductVersion : 5.00.2195.6663
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Microsoft RSVP 1.0
InternalName : rsvp.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : rsvp.exe
#:38 [ybrwicon.exe]
ModuleName : C:\Program Files\Yahoo!\browser\ybrwicon.exe
Command Line : "C:\Program Files\Yahoo!\browser\ybrwicon.exe"
ProcessID : 1804
ThreadCreationTime : 11-19-2005 5:48:21 AM
BasePriority : Normal
FileVersion : 2003, 7, 11, 1
ProductVersion : 1, 0, 0, 1
ProductName : Yahoo!, Inc. YBrwIcon
CompanyName : Yahoo!, Inc.
FileDescription : YBrwIcon
InternalName : YBrwIcon
LegalCopyright : Copyright © 2003
OriginalFilename : YBrwIcon.exe
#:39 [aim.exe]
ModuleName : C:\Program Files\AIM\aim.exe
Command Line : "C:\Program Files\AIM\aim.exe"
ProcessID : 632
ThreadCreationTime : 11-19-2005 3:48:09 PM
BasePriority : Normal
FileVersion : 5.5.3595
ProductVersion : 5.5.3595
ProductName : AOL Instant Messenger
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger
InternalName : AIM
LegalCopyright : Copyright © 1996-2004 America Online, Inc.
OriginalFilename : AIM.EXE
#:40 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 1836
ThreadCreationTime : 11-19-2005 5:13:47 PM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
#:41 [ybrowser.exe]
ModuleName : C:\Program Files\Yahoo!\browser\ybrowser.exe
Command Line : "C:\Program Files\Yahoo!\browser\ybrowser.exe"
ProcessID : 1820
ThreadCreationTime : 11-19-2005 5:13:55 PM
BasePriority : Normal
FileVersion : 2003, 10, 22, 2
ProductVersion : 3, 0, 2, 0
ProductName : Yahoo! Browser
CompanyName : Yahoo!, Inc.
FileDescription : Yahoo! Browser
InternalName : YBrowser
LegalCopyright : Copyright © 2002-2003 Yahoo! Inc.
OriginalFilename : YBrowser.EXE
#:42 [enternet.exe]
ModuleName : C:\PROGRA~1\EFFICI~1\ENTERN~1\app\EnterNet.exe
Command Line : n/a
ProcessID : 2100
ThreadCreationTime : 11-19-2005 5:14:03 PM
BasePriority : Normal
#:43 [ipclient.exe]
ModuleName : C:\Program Files\SBC Yahoo!\Connection Manager\IP InSight\IPClient.exe
Command Line : -w
ProcessID : 696
ThreadCreationTime : 11-19-2005 5:14:13 PM
BasePriority : Normal
FileVersion : 5.5.33.226
ProductVersion : 5.5.33.226
ProductName : Visual IP InSight
CompanyName : Visual Networks
FileDescription : IP Session Statistics
InternalName : IPCLIENT
LegalCopyright : Copyright © 1996-2001 Visual Networks Technologies, Inc.
OriginalFilename : ipclient32.exe
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 10
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
SurfSideKickBHO Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{02ee5b04-f144-47bb-83fb-a60bd91b74a9}
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 11Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anne@realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:
[email protected]/
Expires : 12-31-2020 6:00:00 PM
LastSync : Hits:8
UseCount : 0
Hits : 8
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anne@apmebf[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:
[email protected]/
Expires : 11-15-2010 11:39:30 PM
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:
[email protected]/
Expires : 11-17-2006 10:42:02 PM
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anne@inet-traffic[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:
[email protected]/
Expires : 11-12-2010 5:55:16 PM
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:
[email protected]/
Expires : 12-30-2037 10:00:00 AM
LastSync : Hits:8
UseCount : 0
Hits : 8
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 5
Objects found so far: 16
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
CmdServices Object Recognized!
Type : File
Data : atmtd.dll
TAC Rating : 4
Category : Adware
Comment :
Object : C:\WINNT\system32\
CmdServices Object Recognized!
Type : File
Data : atmtd.dll._
TAC Rating : 4
Category : Adware
Comment :
Object : C:\WINNT\system32\
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 18
Scanning Hosts file......
Hosts file location:"C:\WINNT\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 18
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
SurfSideKickBHO Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\surfsidekick3
SurfSideKickBHO Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\surfsidekick3 CmdServices Object Recognized!
Type : Regkey
Data :
TAC Rating : 4
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}
CmdServices Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}
Value : DisplayName
CmdServices Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}
Value : DisplayVersion
CmdServices Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}
Value : NoModify
CmdServices Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}
Value : NoRemove
CmdServices Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}
Value : NoRepair
CmdServices Object Recognized!
Type : RegValue
Data :
TAC Rating : 4
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920}
Value : UninstallString
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 9
Objects found so far: 27
11:25:39 AM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:10:03.568
Objects scanned:86024
Objects identified:17
Objects ignored:0
New critical objects:17
[color=#3333FF]