i also have for you a log of ad aware if u would like to look
Ad-Aware SE Build 1.06r1
Logfile Created on:Friday, June 24, 2005 3:02:55 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R51 21.06.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
CoolWebSearch(TAC index:10):7 total references
MRU List(TAC index:0):15 total references
Tracking Cookie(TAC index:3):23 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
6-24-2005 3:02:56 PM - Scan started. (Smart mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 416
ThreadCreationTime : 6-24-2005 3:51:41 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 464
ThreadCreationTime : 6-24-2005 3:51:42 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 492
ThreadCreationTime : 6-24-2005 3:51:43 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 536
ThreadCreationTime : 6-24-2005 3:51:44 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 548
ThreadCreationTime : 6-24-2005 3:51:44 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [ati2evxx.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 732
ThreadCreationTime : 6-24-2005 3:51:44 PM
BasePriority : Normal
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 768
ThreadCreationTime : 6-24-2005 3:51:44 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 828
ThreadCreationTime : 6-24-2005 3:51:44 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 956
ThreadCreationTime : 6-24-2005 3:51:44 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 984
ThreadCreationTime : 6-24-2005 3:51:44 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1032
ThreadCreationTime : 6-24-2005 3:51:45 PM
BasePriority : Normal
FileVersion : 2.1.0.610
ProductVersion : 2.1.0.610
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe
#:12 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1132
ThreadCreationTime : 6-24-2005 3:51:45 PM
BasePriority : Normal
FileVersion : 2.1.0.610
ProductVersion : 2.1.0.610
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright (c) 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:13 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1300
ThreadCreationTime : 6-24-2005 3:51:45 PM
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:14 [acsd.exe]
FilePath : C:\PROGRA~1\COMMON~1\AOL\ACS\
ProcessID : 1420
ThreadCreationTime : 6-24-2005 3:51:53 PM
BasePriority : Normal
#:15 [ctsvccda.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1460
ThreadCreationTime : 6-24-2005 3:51:53 PM
BasePriority : Normal
FileVersion : 1.0.1.0
ProductVersion : 1.0.0.0
ProductName : Creative Service for CDROM Access
CompanyName : Creative Technology Ltd
FileDescription : Creative Service for CDROM Access
InternalName : CTsvcCDAEXE
LegalCopyright : Copyright (c) Creative Technology Ltd., 1999. All rights reserved.
OriginalFilename : CTsvcCDA.EXE
#:16 [ewidoctrl.exe]
FilePath : C:\Program Files\ewido\security suite\
ProcessID : 1484
ThreadCreationTime : 6-24-2005 3:51:53 PM
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : ewido control
CompanyName : ewido networks
FileDescription : ewido control
InternalName : ewido control
LegalCopyright : Copyright © 2004
OriginalFilename : ewidoctrl.exe
#:17 [ewidoguard.exe]
FilePath : C:\Program Files\ewido\security suite\
ProcessID : 1500
ThreadCreationTime : 6-24-2005 3:51:53 PM
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : guard
CompanyName : ewido networks
FileDescription : guard
InternalName : guard
LegalCopyright : Copyright © 2004
OriginalFilename : guard.exe
#:18 [iaantmon.exe]
FilePath : C:\Program Files\Intel\Intel Application Accelerator\
ProcessID : 1544
ThreadCreationTime : 6-24-2005 3:51:53 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 2568
ProductVersion : 1, 0, 0, 2568
ProductName : Intel IAANTmon
CompanyName : Intel
FileDescription : Intel Application Accelerator RAID Monitor
InternalName : IAANTmon
LegalCopyright : Copyright © 2003
OriginalFilename : IAANTmon.exe
#:19 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\
ProcessID : 1564
ThreadCreationTime : 6-24-2005 3:51:53 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe
#:20 [sqlservr.exe]
FilePath : C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\
ProcessID : 1596
ThreadCreationTime : 6-24-2005 3:51:53 PM
BasePriority : Normal
FileVersion : 2000.080.0818.00
ProductVersion : 8.00.818
ProductName : Microsoft SQL Server
CompanyName : Microsoft Corporation
FileDescription : SQL Server Windows NT
InternalName : SQLSERVR
LegalCopyright : © 1988-2003 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation. Windows(TM) is a trademark of Microsoft Corporation
OriginalFilename : SQLSERVR.EXE
Comments : NT INTEL X86
#:21 [nprotect.exe]
FilePath : C:\Program Files\Norton AntiVirus\AdvTools\
ProcessID : 1684
ThreadCreationTime : 6-24-2005 3:51:56 PM
BasePriority : Normal
FileVersion : 16.00.0.22
ProductVersion : 16.00.0.22
ProductName : Norton Utilities
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
LegalCopyright : Copyright (C) 2003 Symantec Corporation
LegalTrademarks : Norton Utilities
OriginalFilename : NPROTECT.EXE
#:22 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 1736
ThreadCreationTime : 6-24-2005 3:51:56 PM
BasePriority : Normal
FileVersion : 1, 8, 48, 79
ProductVersion : 1, 8, 48, 79
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright (C) 2003
OriginalFilename : symlcsvc.exe
#:23 [wanmpsvc.exe]
FilePath : C:\WINDOWS\
ProcessID : 1760
ThreadCreationTime : 6-24-2005 3:51:56 PM
BasePriority : Normal
FileVersion : 7, 0, 0, 2
ProductVersion : 7, 0, 0, 2
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : Wan Miniport (ATW) Service
InternalName : WanMPSvc
LegalCopyright : Copyright © 2001 America Online, Inc.
OriginalFilename : WanMPSvc.exe
#:24 [mspmspsv.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1872
ThreadCreationTime : 6-24-2005 3:51:57 PM
BasePriority : Normal
FileVersion : 7.00.00.1954
ProductVersion : 7.00.00.1954
ProductName : Microsoft (R) DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
OriginalFilename : MSPMSPSV.EXE
#:25 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 576
ThreadCreationTime : 6-24-2005 6:44:49 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:26 [mm_tray.exe]
FilePath : C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 3640
ThreadCreationTime : 6-24-2005 6:44:50 PM
BasePriority : Normal
FileVersion : 8.10.1006
ProductVersion : 8.10.1006
ProductName : MUSICMATCH JUKEBOX
CompanyName : MUSICMATCH, Inc.
FileDescription : mm_tray
InternalName : mm_tray
LegalCopyright : Copyright © MUSICMATCH 1998-2003
LegalTrademarks :
OriginalFilename : mm_tray.exe
#:27 [wkufind.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\Works Shared\
ProcessID : 3072
ThreadCreationTime : 6-24-2005 6:44:50 PM
BasePriority : Normal
FileVersion : 7.00.0716.0
ProductVersion : 7.00.0716.0
ProductName : Update Detection Module
CompanyName : Microsoft® Corporation
FileDescription : Microsoft® Works Update Detection
InternalName : WkUFind
LegalCopyright : Copyright © 1987-2002 Microsoft Corporation.
OriginalFilename : WkUFind.exe
#:28 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 4004
ThreadCreationTime : 6-24-2005 6:44:50 PM
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe
#:29 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2916
ThreadCreationTime : 6-24-2005 6:44:51 PM
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:30 [wuauclt.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3672
ThreadCreationTime : 6-24-2005 6:44:51 PM
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe
#:31 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 2620
ThreadCreationTime : 6-24-2005 6:45:31 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
#:32 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
ProcessID : 2944
ThreadCreationTime : 6-24-2005 7:02:26 PM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
CoolWebSearch Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wer1306.wer1306
CoolWebSearch Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wer1306.wer1306.1
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 2
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@qksrv[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:joe
maione@qksrv.net/
Expires : 6-22-2010 9:23:56 PM
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:joe
maione@realmedia.com/
Expires : 6-23-2006 9:23:56 PM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@doubleclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:13
Value : Cookie:joe
maione@doubleclick.net/
Expires : 6-22-2008 8:30:06 PM
LastSync : Hits:13
UseCount : 0
Hits : 13
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe
maione@z1.adserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:joe
maione@z1.adserver.com/
Expires : 6-23-2006 10:35:54 PM
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:18
Value : Cookie:joe
maione@hitbox.com/
Expires : 6-22-2006 9:52:50 PM
LastSync : Hits:18
UseCount : 0
Hits : 18
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe
maione@servedby.advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:274
Value : Cookie:joe
maione@servedby.advertising.com/
Expires : 7-24-2005 2:51:32 PM
LastSync : Hits:274
UseCount : 0
Hits : 274
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:26
Value : Cookie:joe
maione@2o7.net/
Expires : 6-23-2010 12:47:26 AM
LastSync : Hits:26
UseCount : 0
Hits : 26
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:11
Value : Cookie:joe
maione@atdmt.com/
Expires : 6-21-2010 8:00:00 PM
LastSync : Hits:11
UseCount : 0
Hits : 11
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@tickle[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:joe
maione@tickle.com/
Expires : 6-23-2007 11:16:24 PM
LastSync : Hits:9
UseCount : 0
Hits : 9
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@cgi-bin[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:13
Value : Cookie:joe
maione@imrworldwide.com/cgi-bin
Expires : 6-22-2015 2:49:40 PM
LastSync : Hits:13
UseCount : 0
Hits : 13
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@valueclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:joe
maione@valueclick.com/
Expires : 6-16-2030 10:59:42 PM
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:joe
maione@mediaplex.com/
Expires : 6-21-2009 8:00:00 PM
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@247realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:joe
maione@247realmedia.com/
Expires : 12-31-2010 8:00:00 PM
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@trafficmp[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:84
Value : Cookie:joe
maione@trafficmp.com/
Expires : 6-22-2006 9:35:30 PM
LastSync : Hits:84
UseCount : 0
Hits : 84
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@tribalfusion[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:joe
maione@tribalfusion.com/
Expires : 12-31-2037 8:00:00 PM
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe
maione@ehg.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:22
Value : Cookie:joe
maione@ehg.hitbox.com/
Expires : 6-22-2006 9:52:50 PM
LastSync : Hits:22
UseCount : 0
Hits : 22
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@zedo[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:joe
maione@zedo.com/
Expires : 6-20-2015 9:54:56 PM
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@fastclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:31
Value : Cookie:joe
maione@fastclick.net/
Expires : 6-24-2007 2:49:38 PM
LastSync : Hits:31
UseCount : 0
Hits : 31
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@apmebf[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:joe
maione@apmebf.com/
Expires : 6-22-2010 9:23:56 PM
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@casalemedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:joe
maione@casalemedia.com/
Expires : 6-13-2006 7:09:24 PM
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:122
Value : Cookie:joe
maione@advertising.com/
Expires : 6-23-2010 2:51:32 PM
LastSync : Hits:122
UseCount : 0
Hits : 122
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@bravenet[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:joe
maione@bravenet.com/
Expires : 6-21-2015 9:40:38 PM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe maione@hotlog[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:joe
maione@hotlog.ru/
Expires : 6-23-2006 8:04:50 PM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 23
Objects found so far: 25
Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 25
Disk Scan Result for C:\WINDOWS\System32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 25
Disk Scan Result for C:\DOCUME~1\JOEMAI~1\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 25
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 25
MRU List Object Recognized!
Location: : C:\Documents and Settings\Joe Maione\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\Joe Maione\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1188313175-1602497335-3796541068-1012\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1188313175-1602497335-3796541068-1012\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1188313175-1602497335-3796541068-1012\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1188313175-1602497335-3796541068-1012\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-1188313175-1602497335-3796541068-1012\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1188313175-1602497335-3796541068-1012\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1188313175-1602497335-3796541068-1012\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-1188313175-1602497335-3796541068-1012\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run
MRU List Object Recognized!
Location: : software\musicmatch\musicmatch jukebox\4.0\mmradio
Description : information on the last station listened to using musicmatch radio
MRU List Object Recognized!
Location: : S-1-5-21-1188313175-1602497335-3796541068-1012\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
CoolWebSearch Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\urlsearchhooks
CoolWebSearch Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main
Value : Search Bar
CoolWebSearch Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\internet settings\user agent\post platform
Value : iebar
CoolWebSearch Object Recognized!
Type : RegData
Data : no
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main
Value : Use Search Asst
Data : no
CoolWebSearch Object Recognized!
Type : File
Data : wbemess.log
TAC Rating : 10
Category : Malware
Comment :
Object : C:\WINDOWS\System32\wbem\logs\
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 5
Objects found so far: 45
3:03:57 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:01:01.312
Objects scanned:67932
Objects identified:30
Objects ignored:0
New critical objects:30