S
spobozny
Ad-Aware SE Build 1.05
Logfile Created on:Friday, February 18, 2005 7:56:28 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R27 05.02.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):15 total references
Tracking Cookie(TAC index:3):11 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user
only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates
critical objects
2-18-2005 7:56:28 AM - Scan started. (Smart mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 168
ThreadCreationTime : 2-18-2005 12:57:56 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 192
ThreadCreationTime : 2-18-2005 12:58:04 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 212
ThreadCreationTime : 2-18-2005 12:58:07 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINNT\system32\
ProcessID : 240
ThreadCreationTime : 2-18-2005 12:58:08 PM
BasePriority : Normal
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINNT\system32\
ProcessID : 252
ThreadCreationTime : 2-18-2005 12:58:08 PM
BasePriority : Normal
FileVersion : 5.00.2195.6902
ProductVersion : 5.00.2195.6902
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Executable and Server DLL
(Export Version)
InternalName : lsasrv.dll and lsass.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : lsasrv.dll and lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 440
ThreadCreationTime : 2-18-2005 12:58:13 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe
#:7 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ProcessID : 468
ThreadCreationTime : 2-18-2005 12:58:16 PM
BasePriority : Normal
FileVersion : 5.00.2195.6659
ProductVersion : 5.00.2195.6659
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : spoolss.exe
#:8 [ati2evxx.exe]
FilePath : C:\WINNT\System32\
ProcessID : 540
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
#:9 [cdac11ba.exe]
FilePath : C:\WINNT\System32\drivers\
ProcessID : 552
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 4.16.050
ProductVersion : 4.16.050 Windows NT 2002/04/24
ProductName : SafeCast Windows NT
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
LegalCopyright : Copyright (c) 1998-2002
Macrovision Corp.
OriginalFilename : CDANTSRV.EXE
Comments : StringFileInfo: U.S. English
#:10 [defwatch.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ProcessID : 572
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 8.1.0.825
ProductVersion : 8.1.0.825
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Virus Definition Daemon
InternalName : DefWatch
LegalCopyright : Copyright © 1998 Symantec
Corporation
OriginalFilename : DefWatch.exe
#:11 [svchost.exe]
FilePath : C:\WINNT\System32\
ProcessID : 592
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe
#:12 [frameworkservice.exe]
FilePath : C:\ePOAgent\
ProcessID : 616
ThreadCreationTime : 2-18-2005 12:58:24 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Framework Service
InternalName : Framework
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : Framework.exe
#:13 [mdm.exe]
FilePath : C:\Program Files\Common
Files\Microsoft Shared\VS7Debug\
ProcessID : 716
ThreadCreationTime : 2-18-2005 12:58:29 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All
rights reserved.
OriginalFilename : mdm.exe
#:14 [regsvc.exe]
FilePath : C:\WINNT\system32\
ProcessID : 788
ThreadCreationTime : 2-18-2005 12:58:31 PM
BasePriority : Normal
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : REGSVC.EXE
#:15 [mstask.exe]
FilePath : C:\WINNT\system32\
ProcessID : 812
ThreadCreationTime : 2-18-2005 12:58:32 PM
BasePriority : Normal
FileVersion : 4.71.2195.6920
ProductVersion : 4.71.2195.6920
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright (C) Microsoft Corp. 1997
OriginalFilename : mstask.exe
#:16 [tcpsvcs.exe]
FilePath : C:\WINNT\system32\
ProcessID : 856
ThreadCreationTime : 2-18-2005 12:58:33 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : TCP/IP Services Application
InternalName : TCPSVCS.EXE
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : TCPSVCS.EXE
#:17 [mspmspsv.exe]
FilePath : C:\WINNT\System32\
ProcessID : 900
ThreadCreationTime : 2-18-2005 12:58:34 PM
BasePriority : Normal
FileVersion : 7.01.00.3055
ProductVersion : 7.01.00.3055
ProductName : Microsoft (R) DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright (C) Microsoft Corp.
1981-2000
OriginalFilename : MSPMSPSV.EXE
#:18 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 920
ThreadCreationTime : 2-18-2005 12:58:34 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe
#:19 [naprdmgr.exe]
FilePath : C:\ePOAgent\
ProcessID : 964
ThreadCreationTime : 2-18-2005 12:58:40 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : NAI Product Manager
InternalName : Product Manager
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : naPrdMgr.exe
#:20 [explorer.exe]
FilePath : C:\WINNT\
ProcessID : 1236
ThreadCreationTime : 2-18-2005 12:59:23 PM
BasePriority : Normal
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : EXPLORER.EXE
#:21 [atiptaxx.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1328
ThreadCreationTime : 2-18-2005 12:59:32 PM
BasePriority : Normal
FileVersion : 4.12.2470
ProductVersion : 4.12.2470
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Task Icon
InternalName : ATIPDSXX
LegalCopyright : Copyright (C) 1998-2000 ATI
Technologies Inc.
OriginalFilename : ATIPTAXX.DLL
#:22 [dadapp.exe]
FilePath : C:\Program
Files\DELL\AccessDirect\
ProcessID : 1332
ThreadCreationTime : 2-18-2005 12:59:33 PM
BasePriority : Normal
#:23 [tppaldr.exe]
FilePath : C:\WINNT\
ProcessID : 1312
ThreadCreationTime : 2-18-2005 12:59:33 PM
BasePriority : Normal
FileVersion : 5.04.1150.0
ProductVersion : 5.04.1150.0
ProductName : TPP Storage Adapter
CompanyName : In-System Design, Inc.
FileDescription : TPP Auto Loader Application
InternalName : TPPALDR.EXE
LegalCopyright : Copyright (C) 1998-2001 In-System
Design, Inc.
OriginalFilename : TPPALDR.EXE
#:24 [hpoopm07.exe]
FilePath : C:\WINNT\system32
\spool\DRIVERS\W32X86\
ProcessID : 872
ThreadCreationTime : 2-18-2005 12:59:34 PM
BasePriority : Normal
#:25 [createcd50.exe]
FilePath : C:\Program Files\Common
Files\Adaptec Shared\CreateCD\
ProcessID : 1384
ThreadCreationTime : 2-18-2005 12:59:36 PM
BasePriority : Normal
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
ProductName : Easy CD Creator
CompanyName : Roxio
FileDescription : Roxio Create CD
InternalName : createcd.exe
LegalCopyright : Copyright (c) 1999-2002 Roxio,
Inc.
OriginalFilename : createcd.exe
#:26 [directcd.exe]
FilePath : C:\Program Files\Roxio\Easy CD
Creator 5\DirectCD\
ProcessID : 1392
ThreadCreationTime : 2-18-2005 12:59:36 PM
BasePriority : Normal
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
ProductName : DirectCD
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright (c) 2001,2002, Roxio,
Inc.
OriginalFilename : Directcd.exe
#:27 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1400
ThreadCreationTime : 2-18-2005 12:59:37 PM
BasePriority : Normal
FileVersion : 7.2.12 17Mar03
ProductVersion : 7.2.12 17Mar03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright (C) Synaptics, Inc.
1996-2003
OriginalFilename : SynTPLpr.exe
#:28 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1408
ThreadCreationTime : 2-18-2005 12:59:37 PM
BasePriority : Normal
FileVersion : 7.2.12 17Mar03
ProductVersion : 7.2.12 17Mar03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright (C) Synaptics, Inc.
1996-2003
OriginalFilename : SynTPEnh.exe
#:29 [updaterui.exe]
FilePath : C:\ePOAgent\
ProcessID : 1420
ThreadCreationTime : 2-18-2005 12:59:38 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Common User Interface
InternalName : UpdaterUI
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : UpdaterUI.exe
#:30 [statusclient.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Toolbox2.0\Apache Tomcat 4.0
\webapps\Toolbox\StatusClient\
ProcessID : 1476
ThreadCreationTime : 2-18-2005 12:59:40 PM
BasePriority : Normal
FileVersion : 00.00.13
ProductVersion : 00.00.13
ProductName : Hewlett-Packard T-TR Status Client
CompanyName : Hewlett-Packard
FileDescription : Hewlett-Packard T-TR Status Client
InternalName : StatusClient.exe
LegalCopyright : Copyright © 2002 Hewlett-Packard
Company
LegalTrademarks : All Rights Reserved.
OriginalFilename : StatusClient.exe
#:31 [vptray.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ProcessID : 1516
ThreadCreationTime : 2-18-2005 12:59:42 PM
BasePriority : Normal
FileVersion : 8.1.0.825
ProductVersion : 8.1.0.825
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright (C) Symantec
Corporation 1991-2003
#:32 [gcasserv.exe]
FilePath : C:\Program Files\Microsoft
AntiSpyware\
ProcessID : 1536
ThreadCreationTime : 2-18-2005 12:59:42 PM
BasePriority : Idle
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Service
InternalName : gcasServ
LegalCopyright : Copyright © 2004-2005 Microsoft
Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are
registered trademarks of Microsoft Corporation. SpyNet(tm)
is a trademark of Microsoft Corporation.
OriginalFilename : gcasServ.exe
#:33 [ctfmon.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1232
ThreadCreationTime : 2-18-2005 12:59:43 PM
BasePriority : Normal
FileVersion : 1.00.2409.7 built by: Lab06_N
ProductVersion : 1.00.2409.7
ProductName : Microsoft(R) Windows NT(R)
Operating System
CompanyName : Microsoft Corporation
FileDescription : Cicero Loader
InternalName : CICLOAD
LegalCopyright : Copyright (C) Microsoft
Corporation. 1981-2001
OriginalFilename : CICLOAD.EXE
#:34 [javaw.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\
ProcessID : 1632
ThreadCreationTime : 2-18-2005 12:59:48 PM
BasePriority : Normal
#:35 [gcasdtserv.exe]
FilePath : C:\Program Files\Microsoft
AntiSpyware\
ProcessID : 1648
ThreadCreationTime : 2-18-2005 12:59:49 PM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft
Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are
registered trademarks of Microsoft Corporation. SpyNet(tm)
is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe
#:36 [hpzipm12.exe]
FilePath : C:\WINNT\system32\
ProcessID : 316
ThreadCreationTime : 2-18-2005 1:01:42 PM
BasePriority : Normal
FileVersion : 5, 0, 5, 3
ProductVersion : 5, 0, 5, 3
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-
Packard Company
OriginalFilename : PmlDrv.exe
#:37 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-
Aware SE Personal\
ProcessID : 940
ThreadCreationTime : 2-18-2005 1:56:18 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (e-mail address removed)
[1].txt
Category : Data Miner
Comment : Hits:5
Value :
Cookie:[email protected]/
Expires : 2-16-2006 1:27:16 PM
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
fssep111@dcsgcxwngpifwznfzlmv83o6w_5w4m[1].txt
Category : Data Miner
Comment : Hits:4
Value :
Cookie:[email protected]/dcsgcxwngpifwznfzl
mv83o6w_5w4m
Expires : 2-14-2015 6:33:26 AM
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@S111319[1].txt
Category : Data Miner
Comment : Hits:6
Value :
Cookie:[email protected]/S111319
Expires : 12-31-2020 2:00:00 AM
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@bluestreak[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 2-15-2015 4:47:38 AM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@qksrv[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 2-15-2010 9:56:22 AM
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@apmebf[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 2-15-2010 9:56:22 AM
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@statcounter[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:[email protected]/
Expires : 2-15-2010 12:23:28 PM
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (e-mail address removed)[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/
Expires : 3-18-2005 2:55:58 PM
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@mediaplex[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 6-21-2009 6:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@2o7[2].txt
Category : Data Miner
Comment : Hits:13
Value : Cookie:[email protected]/
Expires : 2-16-2010 7:47:04 AM
LastSync : Hits:13
UseCount : 0
Hits : 13
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@zedo[2].txt
Category : Data Miner
Comment : Hits:11
Value : Cookie:[email protected]/
Expires : 2-15-2015 10:46:54 AM
LastSync : Hits:11
UseCount : 0
Hits : 11
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 11
Objects found so far: 11
Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\WINNT
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Disk Scan Result for C:\WINNT\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Disk Scan Result for C:\DOCUME~1\fssep111\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Scanning Hosts file......
Hosts file location:"C:\WINNT\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 11
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\nico mak
computing\winzip\filemenu
Description : winzip recently used archives
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\comdlg3
2\opensavemru
Description : list of recently saved files,
stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\comdlg3
2\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\recentd
ocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\office\10.0
\common\open find\microsoft word\settings\save as\file
name mru
Description : list of recent documents saved by
microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\office\10.0
\excel\recent files
Description : list of recent files used by
microsoft excel
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in
microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\internet explorer
Description : last download directory used in
microsoft internet explorer
MRU List Object Recognized!
Location: :
software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use
microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\internet
explorer\typedurls
Description : list of recently entered
addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in
microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft
windows media player
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\windows
media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : C:\Documents and Settings\fssep111
\Application Data\microsoft\office\recent
Description : list of recently opened documents
using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\fssep111
\recent
Description : list of recently opened documents
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 26
7:57:36 AM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:01:08.388
Objects scanned:43768
Objects identified:11
Objects ignored:0
New critical objects:11
Logfile Created on:Friday, February 18, 2005 7:56:28 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R27 05.02.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):15 total references
Tracking Cookie(TAC index:3):11 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user
only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates
critical objects
2-18-2005 7:56:28 AM - Scan started. (Smart mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 168
ThreadCreationTime : 2-18-2005 12:57:56 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 192
ThreadCreationTime : 2-18-2005 12:58:04 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 212
ThreadCreationTime : 2-18-2005 12:58:07 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINNT\system32\
ProcessID : 240
ThreadCreationTime : 2-18-2005 12:58:08 PM
BasePriority : Normal
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINNT\system32\
ProcessID : 252
ThreadCreationTime : 2-18-2005 12:58:08 PM
BasePriority : Normal
FileVersion : 5.00.2195.6902
ProductVersion : 5.00.2195.6902
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Executable and Server DLL
(Export Version)
InternalName : lsasrv.dll and lsass.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : lsasrv.dll and lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 440
ThreadCreationTime : 2-18-2005 12:58:13 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe
#:7 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ProcessID : 468
ThreadCreationTime : 2-18-2005 12:58:16 PM
BasePriority : Normal
FileVersion : 5.00.2195.6659
ProductVersion : 5.00.2195.6659
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : spoolss.exe
#:8 [ati2evxx.exe]
FilePath : C:\WINNT\System32\
ProcessID : 540
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
#:9 [cdac11ba.exe]
FilePath : C:\WINNT\System32\drivers\
ProcessID : 552
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 4.16.050
ProductVersion : 4.16.050 Windows NT 2002/04/24
ProductName : SafeCast Windows NT
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
LegalCopyright : Copyright (c) 1998-2002
Macrovision Corp.
OriginalFilename : CDANTSRV.EXE
Comments : StringFileInfo: U.S. English
#:10 [defwatch.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ProcessID : 572
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 8.1.0.825
ProductVersion : 8.1.0.825
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Virus Definition Daemon
InternalName : DefWatch
LegalCopyright : Copyright © 1998 Symantec
Corporation
OriginalFilename : DefWatch.exe
#:11 [svchost.exe]
FilePath : C:\WINNT\System32\
ProcessID : 592
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe
#:12 [frameworkservice.exe]
FilePath : C:\ePOAgent\
ProcessID : 616
ThreadCreationTime : 2-18-2005 12:58:24 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Framework Service
InternalName : Framework
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : Framework.exe
#:13 [mdm.exe]
FilePath : C:\Program Files\Common
Files\Microsoft Shared\VS7Debug\
ProcessID : 716
ThreadCreationTime : 2-18-2005 12:58:29 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All
rights reserved.
OriginalFilename : mdm.exe
#:14 [regsvc.exe]
FilePath : C:\WINNT\system32\
ProcessID : 788
ThreadCreationTime : 2-18-2005 12:58:31 PM
BasePriority : Normal
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : REGSVC.EXE
#:15 [mstask.exe]
FilePath : C:\WINNT\system32\
ProcessID : 812
ThreadCreationTime : 2-18-2005 12:58:32 PM
BasePriority : Normal
FileVersion : 4.71.2195.6920
ProductVersion : 4.71.2195.6920
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright (C) Microsoft Corp. 1997
OriginalFilename : mstask.exe
#:16 [tcpsvcs.exe]
FilePath : C:\WINNT\system32\
ProcessID : 856
ThreadCreationTime : 2-18-2005 12:58:33 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : TCP/IP Services Application
InternalName : TCPSVCS.EXE
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : TCPSVCS.EXE
#:17 [mspmspsv.exe]
FilePath : C:\WINNT\System32\
ProcessID : 900
ThreadCreationTime : 2-18-2005 12:58:34 PM
BasePriority : Normal
FileVersion : 7.01.00.3055
ProductVersion : 7.01.00.3055
ProductName : Microsoft (R) DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright (C) Microsoft Corp.
1981-2000
OriginalFilename : MSPMSPSV.EXE
#:18 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 920
ThreadCreationTime : 2-18-2005 12:58:34 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe
#:19 [naprdmgr.exe]
FilePath : C:\ePOAgent\
ProcessID : 964
ThreadCreationTime : 2-18-2005 12:58:40 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : NAI Product Manager
InternalName : Product Manager
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : naPrdMgr.exe
#:20 [explorer.exe]
FilePath : C:\WINNT\
ProcessID : 1236
ThreadCreationTime : 2-18-2005 12:59:23 PM
BasePriority : Normal
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : EXPLORER.EXE
#:21 [atiptaxx.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1328
ThreadCreationTime : 2-18-2005 12:59:32 PM
BasePriority : Normal
FileVersion : 4.12.2470
ProductVersion : 4.12.2470
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Task Icon
InternalName : ATIPDSXX
LegalCopyright : Copyright (C) 1998-2000 ATI
Technologies Inc.
OriginalFilename : ATIPTAXX.DLL
#:22 [dadapp.exe]
FilePath : C:\Program
Files\DELL\AccessDirect\
ProcessID : 1332
ThreadCreationTime : 2-18-2005 12:59:33 PM
BasePriority : Normal
#:23 [tppaldr.exe]
FilePath : C:\WINNT\
ProcessID : 1312
ThreadCreationTime : 2-18-2005 12:59:33 PM
BasePriority : Normal
FileVersion : 5.04.1150.0
ProductVersion : 5.04.1150.0
ProductName : TPP Storage Adapter
CompanyName : In-System Design, Inc.
FileDescription : TPP Auto Loader Application
InternalName : TPPALDR.EXE
LegalCopyright : Copyright (C) 1998-2001 In-System
Design, Inc.
OriginalFilename : TPPALDR.EXE
#:24 [hpoopm07.exe]
FilePath : C:\WINNT\system32
\spool\DRIVERS\W32X86\
ProcessID : 872
ThreadCreationTime : 2-18-2005 12:59:34 PM
BasePriority : Normal
#:25 [createcd50.exe]
FilePath : C:\Program Files\Common
Files\Adaptec Shared\CreateCD\
ProcessID : 1384
ThreadCreationTime : 2-18-2005 12:59:36 PM
BasePriority : Normal
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
ProductName : Easy CD Creator
CompanyName : Roxio
FileDescription : Roxio Create CD
InternalName : createcd.exe
LegalCopyright : Copyright (c) 1999-2002 Roxio,
Inc.
OriginalFilename : createcd.exe
#:26 [directcd.exe]
FilePath : C:\Program Files\Roxio\Easy CD
Creator 5\DirectCD\
ProcessID : 1392
ThreadCreationTime : 2-18-2005 12:59:36 PM
BasePriority : Normal
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
ProductName : DirectCD
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright (c) 2001,2002, Roxio,
Inc.
OriginalFilename : Directcd.exe
#:27 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1400
ThreadCreationTime : 2-18-2005 12:59:37 PM
BasePriority : Normal
FileVersion : 7.2.12 17Mar03
ProductVersion : 7.2.12 17Mar03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright (C) Synaptics, Inc.
1996-2003
OriginalFilename : SynTPLpr.exe
#:28 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1408
ThreadCreationTime : 2-18-2005 12:59:37 PM
BasePriority : Normal
FileVersion : 7.2.12 17Mar03
ProductVersion : 7.2.12 17Mar03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright (C) Synaptics, Inc.
1996-2003
OriginalFilename : SynTPEnh.exe
#:29 [updaterui.exe]
FilePath : C:\ePOAgent\
ProcessID : 1420
ThreadCreationTime : 2-18-2005 12:59:38 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Common User Interface
InternalName : UpdaterUI
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : UpdaterUI.exe
#:30 [statusclient.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Toolbox2.0\Apache Tomcat 4.0
\webapps\Toolbox\StatusClient\
ProcessID : 1476
ThreadCreationTime : 2-18-2005 12:59:40 PM
BasePriority : Normal
FileVersion : 00.00.13
ProductVersion : 00.00.13
ProductName : Hewlett-Packard T-TR Status Client
CompanyName : Hewlett-Packard
FileDescription : Hewlett-Packard T-TR Status Client
InternalName : StatusClient.exe
LegalCopyright : Copyright © 2002 Hewlett-Packard
Company
LegalTrademarks : All Rights Reserved.
OriginalFilename : StatusClient.exe
#:31 [vptray.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ProcessID : 1516
ThreadCreationTime : 2-18-2005 12:59:42 PM
BasePriority : Normal
FileVersion : 8.1.0.825
ProductVersion : 8.1.0.825
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright (C) Symantec
Corporation 1991-2003
#:32 [gcasserv.exe]
FilePath : C:\Program Files\Microsoft
AntiSpyware\
ProcessID : 1536
ThreadCreationTime : 2-18-2005 12:59:42 PM
BasePriority : Idle
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Service
InternalName : gcasServ
LegalCopyright : Copyright © 2004-2005 Microsoft
Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are
registered trademarks of Microsoft Corporation. SpyNet(tm)
is a trademark of Microsoft Corporation.
OriginalFilename : gcasServ.exe
#:33 [ctfmon.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1232
ThreadCreationTime : 2-18-2005 12:59:43 PM
BasePriority : Normal
FileVersion : 1.00.2409.7 built by: Lab06_N
ProductVersion : 1.00.2409.7
ProductName : Microsoft(R) Windows NT(R)
Operating System
CompanyName : Microsoft Corporation
FileDescription : Cicero Loader
InternalName : CICLOAD
LegalCopyright : Copyright (C) Microsoft
Corporation. 1981-2001
OriginalFilename : CICLOAD.EXE
#:34 [javaw.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\
ProcessID : 1632
ThreadCreationTime : 2-18-2005 12:59:48 PM
BasePriority : Normal
#:35 [gcasdtserv.exe]
FilePath : C:\Program Files\Microsoft
AntiSpyware\
ProcessID : 1648
ThreadCreationTime : 2-18-2005 12:59:49 PM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft
Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are
registered trademarks of Microsoft Corporation. SpyNet(tm)
is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe
#:36 [hpzipm12.exe]
FilePath : C:\WINNT\system32\
ProcessID : 316
ThreadCreationTime : 2-18-2005 1:01:42 PM
BasePriority : Normal
FileVersion : 5, 0, 5, 3
ProductVersion : 5, 0, 5, 3
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-
Packard Company
OriginalFilename : PmlDrv.exe
#:37 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-
Aware SE Personal\
ProcessID : 940
ThreadCreationTime : 2-18-2005 1:56:18 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (e-mail address removed)
[1].txt
Category : Data Miner
Comment : Hits:5
Value :
Cookie:[email protected]/
Expires : 2-16-2006 1:27:16 PM
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
fssep111@dcsgcxwngpifwznfzlmv83o6w_5w4m[1].txt
Category : Data Miner
Comment : Hits:4
Value :
Cookie:[email protected]/dcsgcxwngpifwznfzl
mv83o6w_5w4m
Expires : 2-14-2015 6:33:26 AM
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@S111319[1].txt
Category : Data Miner
Comment : Hits:6
Value :
Cookie:[email protected]/S111319
Expires : 12-31-2020 2:00:00 AM
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@bluestreak[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 2-15-2015 4:47:38 AM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@qksrv[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 2-15-2010 9:56:22 AM
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@apmebf[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 2-15-2010 9:56:22 AM
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@statcounter[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:[email protected]/
Expires : 2-15-2010 12:23:28 PM
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (e-mail address removed)[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/
Expires : 3-18-2005 2:55:58 PM
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@mediaplex[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 6-21-2009 6:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@2o7[2].txt
Category : Data Miner
Comment : Hits:13
Value : Cookie:[email protected]/
Expires : 2-16-2010 7:47:04 AM
LastSync : Hits:13
UseCount : 0
Hits : 13
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@zedo[2].txt
Category : Data Miner
Comment : Hits:11
Value : Cookie:[email protected]/
Expires : 2-15-2015 10:46:54 AM
LastSync : Hits:11
UseCount : 0
Hits : 11
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 11
Objects found so far: 11
Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\WINNT
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Disk Scan Result for C:\WINNT\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Disk Scan Result for C:\DOCUME~1\fssep111\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Scanning Hosts file......
Hosts file location:"C:\WINNT\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 11
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\nico mak
computing\winzip\filemenu
Description : winzip recently used archives
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\comdlg3
2\opensavemru
Description : list of recently saved files,
stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\comdlg3
2\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\recentd
ocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\office\10.0
\common\open find\microsoft word\settings\save as\file
name mru
Description : list of recent documents saved by
microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\office\10.0
\excel\recent files
Description : list of recent files used by
microsoft excel
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in
microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\internet explorer
Description : last download directory used in
microsoft internet explorer
MRU List Object Recognized!
Location: :
software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use
microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\internet
explorer\typedurls
Description : list of recently entered
addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in
microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft
windows media player
MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\windows
media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : C:\Documents and Settings\fssep111
\Application Data\microsoft\office\recent
Description : list of recently opened documents
using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\fssep111
\recent
Description : list of recently opened documents
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 26
7:57:36 AM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:01:08.388
Objects scanned:43768
Objects identified:11
Objects ignored:0
New critical objects:11