Ad-Aware SE Build 1.05
Logfile Created on:Friday, February 18, 2005 7:56:28 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R27 05.02.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):15 total references
Tracking Cookie(TAC index:3):11 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user
only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates
critical objects


2-18-2005 7:56:28 AM - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 168
ThreadCreationTime : 2-18-2005 12:57:56 PM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 192
ThreadCreationTime : 2-18-2005 12:58:04 PM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 212
ThreadCreationTime : 2-18-2005 12:58:07 PM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINNT\system32\
ProcessID : 240
ThreadCreationTime : 2-18-2005 12:58:08 PM
BasePriority : Normal
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINNT\system32\
ProcessID : 252
ThreadCreationTime : 2-18-2005 12:58:08 PM
BasePriority : Normal
FileVersion : 5.00.2195.6902
ProductVersion : 5.00.2195.6902
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Executable and Server DLL
(Export Version)
InternalName : lsasrv.dll and lsass.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : lsasrv.dll and lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 440
ThreadCreationTime : 2-18-2005 12:58:13 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe

#:7 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ProcessID : 468
ThreadCreationTime : 2-18-2005 12:58:16 PM
BasePriority : Normal
FileVersion : 5.00.2195.6659
ProductVersion : 5.00.2195.6659
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : spoolss.exe

#:8 [ati2evxx.exe]
FilePath : C:\WINNT\System32\
ProcessID : 540
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal


#:9 [cdac11ba.exe]
FilePath : C:\WINNT\System32\drivers\
ProcessID : 552
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 4.16.050
ProductVersion : 4.16.050 Windows NT 2002/04/24
ProductName : SafeCast Windows NT
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
LegalCopyright : Copyright (c) 1998-2002
Macrovision Corp.
OriginalFilename : CDANTSRV.EXE
Comments : StringFileInfo: U.S. English

#:10 [defwatch.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ProcessID : 572
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 8.1.0.825
ProductVersion : 8.1.0.825
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Virus Definition Daemon
InternalName : DefWatch
LegalCopyright : Copyright © 1998 Symantec
Corporation
OriginalFilename : DefWatch.exe

#:11 [svchost.exe]
FilePath : C:\WINNT\System32\
ProcessID : 592
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe

#:12 [frameworkservice.exe]
FilePath : C:\ePOAgent\
ProcessID : 616
ThreadCreationTime : 2-18-2005 12:58:24 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Framework Service
InternalName : Framework
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : Framework.exe

#:13 [mdm.exe]
FilePath : C:\Program Files\Common
Files\Microsoft Shared\VS7Debug\
ProcessID : 716
ThreadCreationTime : 2-18-2005 12:58:29 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All
rights reserved.
OriginalFilename : mdm.exe

#:14 [regsvc.exe]
FilePath : C:\WINNT\system32\
ProcessID : 788
ThreadCreationTime : 2-18-2005 12:58:31 PM
BasePriority : Normal
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : REGSVC.EXE

#:15 [mstask.exe]
FilePath : C:\WINNT\system32\
ProcessID : 812
ThreadCreationTime : 2-18-2005 12:58:32 PM
BasePriority : Normal
FileVersion : 4.71.2195.6920
ProductVersion : 4.71.2195.6920
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright (C) Microsoft Corp. 1997
OriginalFilename : mstask.exe

#:16 [tcpsvcs.exe]
FilePath : C:\WINNT\system32\
ProcessID : 856
ThreadCreationTime : 2-18-2005 12:58:33 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : TCP/IP Services Application
InternalName : TCPSVCS.EXE
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : TCPSVCS.EXE

#:17 [mspmspsv.exe]
FilePath : C:\WINNT\System32\
ProcessID : 900
ThreadCreationTime : 2-18-2005 12:58:34 PM
BasePriority : Normal
FileVersion : 7.01.00.3055
ProductVersion : 7.01.00.3055
ProductName : Microsoft (R) DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright (C) Microsoft Corp.
1981-2000
OriginalFilename : MSPMSPSV.EXE

#:18 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 920
ThreadCreationTime : 2-18-2005 12:58:34 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe

#:19 [naprdmgr.exe]
FilePath : C:\ePOAgent\
ProcessID : 964
ThreadCreationTime : 2-18-2005 12:58:40 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : NAI Product Manager
InternalName : Product Manager
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : naPrdMgr.exe

#:20 [explorer.exe]
FilePath : C:\WINNT\
ProcessID : 1236
ThreadCreationTime : 2-18-2005 12:59:23 PM
BasePriority : Normal
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : EXPLORER.EXE

#:21 [atiptaxx.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1328
ThreadCreationTime : 2-18-2005 12:59:32 PM
BasePriority : Normal
FileVersion : 4.12.2470
ProductVersion : 4.12.2470
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Task Icon
InternalName : ATIPDSXX
LegalCopyright : Copyright (C) 1998-2000 ATI
Technologies Inc.
OriginalFilename : ATIPTAXX.DLL

#:22 [dadapp.exe]
FilePath : C:\Program
Files\DELL\AccessDirect\
ProcessID : 1332
ThreadCreationTime : 2-18-2005 12:59:33 PM
BasePriority : Normal


#:23 [tppaldr.exe]
FilePath : C:\WINNT\
ProcessID : 1312
ThreadCreationTime : 2-18-2005 12:59:33 PM
BasePriority : Normal
FileVersion : 5.04.1150.0
ProductVersion : 5.04.1150.0
ProductName : TPP Storage Adapter
CompanyName : In-System Design, Inc.
FileDescription : TPP Auto Loader Application
InternalName : TPPALDR.EXE
LegalCopyright : Copyright (C) 1998-2001 In-System
Design, Inc.
OriginalFilename : TPPALDR.EXE

#:24 [hpoopm07.exe]
FilePath : C:\WINNT\system32
\spool\DRIVERS\W32X86\
ProcessID : 872
ThreadCreationTime : 2-18-2005 12:59:34 PM
BasePriority : Normal


#:25 [createcd50.exe]
FilePath : C:\Program Files\Common
Files\Adaptec Shared\CreateCD\
ProcessID : 1384
ThreadCreationTime : 2-18-2005 12:59:36 PM
BasePriority : Normal
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
ProductName : Easy CD Creator
CompanyName : Roxio
FileDescription : Roxio Create CD
InternalName : createcd.exe
LegalCopyright : Copyright (c) 1999-2002 Roxio,
Inc.
OriginalFilename : createcd.exe

#:26 [directcd.exe]
FilePath : C:\Program Files\Roxio\Easy CD
Creator 5\DirectCD\
ProcessID : 1392
ThreadCreationTime : 2-18-2005 12:59:36 PM
BasePriority : Normal
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
ProductName : DirectCD
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright (c) 2001,2002, Roxio,
Inc.
OriginalFilename : Directcd.exe

#:27 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1400
ThreadCreationTime : 2-18-2005 12:59:37 PM
BasePriority : Normal
FileVersion : 7.2.12 17Mar03
ProductVersion : 7.2.12 17Mar03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright (C) Synaptics, Inc.
1996-2003
OriginalFilename : SynTPLpr.exe

#:28 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1408
ThreadCreationTime : 2-18-2005 12:59:37 PM
BasePriority : Normal
FileVersion : 7.2.12 17Mar03
ProductVersion : 7.2.12 17Mar03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright (C) Synaptics, Inc.
1996-2003
OriginalFilename : SynTPEnh.exe

#:29 [updaterui.exe]
FilePath : C:\ePOAgent\
ProcessID : 1420
ThreadCreationTime : 2-18-2005 12:59:38 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Common User Interface
InternalName : UpdaterUI
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : UpdaterUI.exe

#:30 [statusclient.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Toolbox2.0\Apache Tomcat 4.0
\webapps\Toolbox\StatusClient\
ProcessID : 1476
ThreadCreationTime : 2-18-2005 12:59:40 PM
BasePriority : Normal
FileVersion : 00.00.13
ProductVersion : 00.00.13
ProductName : Hewlett-Packard T-TR Status Client
CompanyName : Hewlett-Packard
FileDescription : Hewlett-Packard T-TR Status Client
InternalName : StatusClient.exe
LegalCopyright : Copyright © 2002 Hewlett-Packard
Company
LegalTrademarks : All Rights Reserved.
OriginalFilename : StatusClient.exe

#:31 [vptray.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ProcessID : 1516
ThreadCreationTime : 2-18-2005 12:59:42 PM
BasePriority : Normal
FileVersion : 8.1.0.825
ProductVersion : 8.1.0.825
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright (C) Symantec
Corporation 1991-2003

#:32 [gcasserv.exe]
FilePath : C:\Program Files\Microsoft
AntiSpyware\
ProcessID : 1536
ThreadCreationTime : 2-18-2005 12:59:42 PM
BasePriority : Idle
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Service
InternalName : gcasServ
LegalCopyright : Copyright © 2004-2005 Microsoft
Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are
registered trademarks of Microsoft Corporation. SpyNet(tm)
is a trademark of Microsoft Corporation.
OriginalFilename : gcasServ.exe

#:33 [ctfmon.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1232
ThreadCreationTime : 2-18-2005 12:59:43 PM
BasePriority : Normal
FileVersion : 1.00.2409.7 built by: Lab06_N
ProductVersion : 1.00.2409.7
ProductName : Microsoft(R) Windows NT(R)
Operating System
CompanyName : Microsoft Corporation
FileDescription : Cicero Loader
InternalName : CICLOAD
LegalCopyright : Copyright (C) Microsoft
Corporation. 1981-2001
OriginalFilename : CICLOAD.EXE

#:34 [javaw.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\
ProcessID : 1632
ThreadCreationTime : 2-18-2005 12:59:48 PM
BasePriority : Normal


#:35 [gcasdtserv.exe]
FilePath : C:\Program Files\Microsoft
AntiSpyware\
ProcessID : 1648
ThreadCreationTime : 2-18-2005 12:59:49 PM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft
Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are
registered trademarks of Microsoft Corporation. SpyNet(tm)
is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe

#:36 [hpzipm12.exe]
FilePath : C:\WINNT\system32\
ProcessID : 316
ThreadCreationTime : 2-18-2005 1:01:42 PM
BasePriority : Normal
FileVersion : 5, 0, 5, 3
ProductVersion : 5, 0, 5, 3
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-
Packard Company
OriginalFilename : PmlDrv.exe

#:37 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-
Aware SE Personal\
ProcessID : 940
ThreadCreationTime : 2-18-2005 1:56:18 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (E-Mail Removed)person
[1].txt
Category : Data Miner
Comment : Hits:5
Value :
Cookie:(E-Mail Removed)/
Expires : 2-16-2006 1:27:16 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
fssep111@dcsgcxwngpifwznfzlmv83o6w_5w4m[1].txt
Category : Data Miner
Comment : Hits:4
Value :
Cookie:(E-Mail Removed)/dcsgcxwngpifwznfzl
mv83o6w_5w4m
Expires : 2-14-2015 6:33:26 AM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@S111319[1].txt
Category : Data Miner
Comment : Hits:6
Value :
Cookie:(E-Mail Removed)/S111319
Expires : 12-31-2020 2:00:00 AM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@bluestreak[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:(E-Mail Removed)/
Expires : 2-15-2015 4:47:38 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@qksrv[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:(E-Mail Removed)/
Expires : 2-15-2010 9:56:22 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@apmebf[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:(E-Mail Removed)/
Expires : 2-15-2010 9:56:22 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@statcounter[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:(E-Mail Removed)/
Expires : 2-15-2010 12:23:28 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (E-Mail Removed)[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:(E-Mail Removed)/
Expires : 3-18-2005 2:55:58 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@mediaplex[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:(E-Mail Removed)/
Expires : 6-21-2009 6:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@2o7[2].txt
Category : Data Miner
Comment : Hits:13
Value : Cookie:(E-Mail Removed)/
Expires : 2-16-2010 7:47:04 AM
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@zedo[2].txt
Category : Data Miner
Comment : Hits:11
Value : Cookie:(E-Mail Removed)/
Expires : 2-15-2015 10:46:54 AM
LastSync : Hits:11
UseCount : 0
Hits : 11

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 11
Objects found so far: 11



Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\WINNT
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11

Disk Scan Result for C:\WINNT\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11

Disk Scan Result for C:\DOCUME~1\fssep111\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11


Scanning Hosts file......
Hosts file location:"C:\WINNT\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 11



MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\nico mak
computing\winzip\filemenu
Description : winzip recently used archives


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\comdlg3
2\opensavemru
Description : list of recently saved files,
stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\comdlg3
2\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\recentd
ocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\office\10.0
\common\open find\microsoft word\settings\save as\file
name mru
Description : list of recent documents saved by
microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\office\10.0
\excel\recent files
Description : list of recent files used by
microsoft excel


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in
microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\internet explorer
Description : last download directory used in
microsoft internet explorer


MRU List Object Recognized!
Location: :
software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use
microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\internet
explorer\typedurls
Description : list of recently entered
addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in
microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft
windows media player


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\windows
media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : C:\Documents and Settings\fssep111
\Application Data\microsoft\office\recent
Description : list of recently opened documents
using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\fssep111
\recent
Description : list of recently opened documents



Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 26

7:57:36 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:01:08.388
Objects scanned:43768
Objects identified:11
Objects ignored:0
New critical objects:11

Have you tried running the scan at least two times in Safe mode using MSAS?
Open up the application | click spyware scan | click scan options | under
run scan now, click "Full system scan" | Then click "Scan driver/folders" |
to the right of that is a folder with blue "dots" next to it, click those
dots. This will open a map of your connected hard drives, select which
drives you want scanned, click "Ok", then run the scan.

--

Andre
http://spaces.msn.com/members/adacosta
FAQ for MS AntiSpy http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm

"(E-Mail Removed)" <(E-Mail Removed)> wrote in message
news:145501c515c2$66833240$(E-Mail Removed)...

Ad-Aware SE Build 1.05
Logfile Created on:Friday, February 18, 2005 7:56:28 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R27 05.02.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):15 total references
Tracking Cookie(TAC index:3):11 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user
only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates
critical objects


2-18-2005 7:56:28 AM - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 168
ThreadCreationTime : 2-18-2005 12:57:56 PM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 192
ThreadCreationTime : 2-18-2005 12:58:04 PM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 212
ThreadCreationTime : 2-18-2005 12:58:07 PM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINNT\system32\
ProcessID : 240
ThreadCreationTime : 2-18-2005 12:58:08 PM
BasePriority : Normal
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINNT\system32\
ProcessID : 252
ThreadCreationTime : 2-18-2005 12:58:08 PM
BasePriority : Normal
FileVersion : 5.00.2195.6902
ProductVersion : 5.00.2195.6902
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Executable and Server DLL
(Export Version)
InternalName : lsasrv.dll and lsass.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : lsasrv.dll and lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 440
ThreadCreationTime : 2-18-2005 12:58:13 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe

#:7 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ProcessID : 468
ThreadCreationTime : 2-18-2005 12:58:16 PM
BasePriority : Normal
FileVersion : 5.00.2195.6659
ProductVersion : 5.00.2195.6659
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : spoolss.exe

#:8 [ati2evxx.exe]
FilePath : C:\WINNT\System32\
ProcessID : 540
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal


#:9 [cdac11ba.exe]
FilePath : C:\WINNT\System32\drivers\
ProcessID : 552
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 4.16.050
ProductVersion : 4.16.050 Windows NT 2002/04/24
ProductName : SafeCast Windows NT
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
LegalCopyright : Copyright (c) 1998-2002
Macrovision Corp.
OriginalFilename : CDANTSRV.EXE
Comments : StringFileInfo: U.S. English

#:10 [defwatch.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ProcessID : 572
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 8.1.0.825
ProductVersion : 8.1.0.825
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Virus Definition Daemon
InternalName : DefWatch
LegalCopyright : Copyright © 1998 Symantec
Corporation
OriginalFilename : DefWatch.exe

#:11 [svchost.exe]
FilePath : C:\WINNT\System32\
ProcessID : 592
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe

#:12 [frameworkservice.exe]
FilePath : C:\ePOAgent\
ProcessID : 616
ThreadCreationTime : 2-18-2005 12:58:24 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Framework Service
InternalName : Framework
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : Framework.exe

#:13 [mdm.exe]
FilePath : C:\Program Files\Common
Files\Microsoft Shared\VS7Debug\
ProcessID : 716
ThreadCreationTime : 2-18-2005 12:58:29 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All
rights reserved.
OriginalFilename : mdm.exe

#:14 [regsvc.exe]
FilePath : C:\WINNT\system32\
ProcessID : 788
ThreadCreationTime : 2-18-2005 12:58:31 PM
BasePriority : Normal
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : REGSVC.EXE

#:15 [mstask.exe]
FilePath : C:\WINNT\system32\
ProcessID : 812
ThreadCreationTime : 2-18-2005 12:58:32 PM
BasePriority : Normal
FileVersion : 4.71.2195.6920
ProductVersion : 4.71.2195.6920
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright (C) Microsoft Corp. 1997
OriginalFilename : mstask.exe

#:16 [tcpsvcs.exe]
FilePath : C:\WINNT\system32\
ProcessID : 856
ThreadCreationTime : 2-18-2005 12:58:33 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : TCP/IP Services Application
InternalName : TCPSVCS.EXE
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : TCPSVCS.EXE

#:17 [mspmspsv.exe]
FilePath : C:\WINNT\System32\
ProcessID : 900
ThreadCreationTime : 2-18-2005 12:58:34 PM
BasePriority : Normal
FileVersion : 7.01.00.3055
ProductVersion : 7.01.00.3055
ProductName : Microsoft (R) DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright (C) Microsoft Corp.
1981-2000
OriginalFilename : MSPMSPSV.EXE

#:18 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 920
ThreadCreationTime : 2-18-2005 12:58:34 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe

#:19 [naprdmgr.exe]
FilePath : C:\ePOAgent\
ProcessID : 964
ThreadCreationTime : 2-18-2005 12:58:40 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : NAI Product Manager
InternalName : Product Manager
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : naPrdMgr.exe

#:20 [explorer.exe]
FilePath : C:\WINNT\
ProcessID : 1236
ThreadCreationTime : 2-18-2005 12:59:23 PM
BasePriority : Normal
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : EXPLORER.EXE

#:21 [atiptaxx.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1328
ThreadCreationTime : 2-18-2005 12:59:32 PM
BasePriority : Normal
FileVersion : 4.12.2470
ProductVersion : 4.12.2470
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Task Icon
InternalName : ATIPDSXX
LegalCopyright : Copyright (C) 1998-2000 ATI
Technologies Inc.
OriginalFilename : ATIPTAXX.DLL

#:22 [dadapp.exe]
FilePath : C:\Program
Files\DELL\AccessDirect\
ProcessID : 1332
ThreadCreationTime : 2-18-2005 12:59:33 PM
BasePriority : Normal


#:23 [tppaldr.exe]
FilePath : C:\WINNT\
ProcessID : 1312
ThreadCreationTime : 2-18-2005 12:59:33 PM
BasePriority : Normal
FileVersion : 5.04.1150.0
ProductVersion : 5.04.1150.0
ProductName : TPP Storage Adapter
CompanyName : In-System Design, Inc.
FileDescription : TPP Auto Loader Application
InternalName : TPPALDR.EXE
LegalCopyright : Copyright (C) 1998-2001 In-System
Design, Inc.
OriginalFilename : TPPALDR.EXE

#:24 [hpoopm07.exe]
FilePath : C:\WINNT\system32
\spool\DRIVERS\W32X86\
ProcessID : 872
ThreadCreationTime : 2-18-2005 12:59:34 PM
BasePriority : Normal


#:25 [createcd50.exe]
FilePath : C:\Program Files\Common
Files\Adaptec Shared\CreateCD\
ProcessID : 1384
ThreadCreationTime : 2-18-2005 12:59:36 PM
BasePriority : Normal
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
ProductName : Easy CD Creator
CompanyName : Roxio
FileDescription : Roxio Create CD
InternalName : createcd.exe
LegalCopyright : Copyright (c) 1999-2002 Roxio,
Inc.
OriginalFilename : createcd.exe

#:26 [directcd.exe]
FilePath : C:\Program Files\Roxio\Easy CD
Creator 5\DirectCD\
ProcessID : 1392
ThreadCreationTime : 2-18-2005 12:59:36 PM
BasePriority : Normal
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
ProductName : DirectCD
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright (c) 2001,2002, Roxio,
Inc.
OriginalFilename : Directcd.exe

#:27 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1400
ThreadCreationTime : 2-18-2005 12:59:37 PM
BasePriority : Normal
FileVersion : 7.2.12 17Mar03
ProductVersion : 7.2.12 17Mar03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright (C) Synaptics, Inc.
1996-2003
OriginalFilename : SynTPLpr.exe

#:28 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1408
ThreadCreationTime : 2-18-2005 12:59:37 PM
BasePriority : Normal
FileVersion : 7.2.12 17Mar03
ProductVersion : 7.2.12 17Mar03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright (C) Synaptics, Inc.
1996-2003
OriginalFilename : SynTPEnh.exe

#:29 [updaterui.exe]
FilePath : C:\ePOAgent\
ProcessID : 1420
ThreadCreationTime : 2-18-2005 12:59:38 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Common User Interface
InternalName : UpdaterUI
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : UpdaterUI.exe

#:30 [statusclient.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Toolbox2.0\Apache Tomcat 4.0
\webapps\Toolbox\StatusClient\
ProcessID : 1476
ThreadCreationTime : 2-18-2005 12:59:40 PM
BasePriority : Normal
FileVersion : 00.00.13
ProductVersion : 00.00.13
ProductName : Hewlett-Packard T-TR Status Client
CompanyName : Hewlett-Packard
FileDescription : Hewlett-Packard T-TR Status Client
InternalName : StatusClient.exe
LegalCopyright : Copyright © 2002 Hewlett-Packard
Company
LegalTrademarks : All Rights Reserved.
OriginalFilename : StatusClient.exe

#:31 [vptray.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ProcessID : 1516
ThreadCreationTime : 2-18-2005 12:59:42 PM
BasePriority : Normal
FileVersion : 8.1.0.825
ProductVersion : 8.1.0.825
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright (C) Symantec
Corporation 1991-2003

#:32 [gcasserv.exe]
FilePath : C:\Program Files\Microsoft
AntiSpyware\
ProcessID : 1536
ThreadCreationTime : 2-18-2005 12:59:42 PM
BasePriority : Idle
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Service
InternalName : gcasServ
LegalCopyright : Copyright © 2004-2005 Microsoft
Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are
registered trademarks of Microsoft Corporation. SpyNet(tm)
is a trademark of Microsoft Corporation.
OriginalFilename : gcasServ.exe

#:33 [ctfmon.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1232
ThreadCreationTime : 2-18-2005 12:59:43 PM
BasePriority : Normal
FileVersion : 1.00.2409.7 built by: Lab06_N
ProductVersion : 1.00.2409.7
ProductName : Microsoft(R) Windows NT(R)
Operating System
CompanyName : Microsoft Corporation
FileDescription : Cicero Loader
InternalName : CICLOAD
LegalCopyright : Copyright (C) Microsoft
Corporation. 1981-2001
OriginalFilename : CICLOAD.EXE

#:34 [javaw.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\
ProcessID : 1632
ThreadCreationTime : 2-18-2005 12:59:48 PM
BasePriority : Normal


#:35 [gcasdtserv.exe]
FilePath : C:\Program Files\Microsoft
AntiSpyware\
ProcessID : 1648
ThreadCreationTime : 2-18-2005 12:59:49 PM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft
Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are
registered trademarks of Microsoft Corporation. SpyNet(tm)
is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe

#:36 [hpzipm12.exe]
FilePath : C:\WINNT\system32\
ProcessID : 316
ThreadCreationTime : 2-18-2005 1:01:42 PM
BasePriority : Normal
FileVersion : 5, 0, 5, 3
ProductVersion : 5, 0, 5, 3
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-
Packard Company
OriginalFilename : PmlDrv.exe

#:37 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-
Aware SE Personal\
ProcessID : 940
ThreadCreationTime : 2-18-2005 1:56:18 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (E-Mail Removed)person
[1].txt
Category : Data Miner
Comment : Hits:5
Value :
Cookie:(E-Mail Removed)/
Expires : 2-16-2006 1:27:16 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
fssep111@dcsgcxwngpifwznfzlmv83o6w_5w4m[1].txt
Category : Data Miner
Comment : Hits:4
Value :
Cookie:(E-Mail Removed)/dcsgcxwngpifwznfzl
mv83o6w_5w4m
Expires : 2-14-2015 6:33:26 AM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@S111319[1].txt
Category : Data Miner
Comment : Hits:6
Value :
Cookie:(E-Mail Removed)/S111319
Expires : 12-31-2020 2:00:00 AM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@bluestreak[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:(E-Mail Removed)/
Expires : 2-15-2015 4:47:38 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@qksrv[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:(E-Mail Removed)/
Expires : 2-15-2010 9:56:22 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@apmebf[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:(E-Mail Removed)/
Expires : 2-15-2010 9:56:22 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@statcounter[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:(E-Mail Removed)/
Expires : 2-15-2010 12:23:28 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (E-Mail Removed)[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:(E-Mail Removed)/
Expires : 3-18-2005 2:55:58 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@mediaplex[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:(E-Mail Removed)/
Expires : 6-21-2009 6:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@2o7[2].txt
Category : Data Miner
Comment : Hits:13
Value : Cookie:(E-Mail Removed)/
Expires : 2-16-2010 7:47:04 AM
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@zedo[2].txt
Category : Data Miner
Comment : Hits:11
Value : Cookie:(E-Mail Removed)/
Expires : 2-15-2015 10:46:54 AM
LastSync : Hits:11
UseCount : 0
Hits : 11

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 11
Objects found so far: 11



Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\WINNT
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11

Disk Scan Result for C:\WINNT\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11

Disk Scan Result for C:\DOCUME~1\fssep111\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11


Scanning Hosts file......
Hosts file location:"C:\WINNT\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 11



MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\nico mak
computing\winzip\filemenu
Description : winzip recently used archives


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\comdlg3
2\opensavemru
Description : list of recently saved files,
stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\comdlg3
2\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\recentd
ocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\office\10.0
\common\open find\microsoft word\settings\save as\file
name mru
Description : list of recent documents saved by
microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\office\10.0
\excel\recent files
Description : list of recent files used by
microsoft excel


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in
microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\internet explorer
Description : last download directory used in
microsoft internet explorer


MRU List Object Recognized!
Location: :
software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use
microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\internet
explorer\typedurls
Description : list of recently entered
addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in
microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft
windows media player


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\windows
media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : C:\Documents and Settings\fssep111
\Application Data\microsoft\office\recent
Description : list of recently opened documents
using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\fssep111
\recent
Description : list of recently opened documents



Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 26

7:57:36 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:01:08.388
Objects scanned:43768
Objects identified:11
Objects ignored:0
New critical objects:11

This beta version of MS antispyware does not scan for
tracking cookies, which is what your Adaware log shows it
found.
>-----Original Message-----
>Have you tried running the scan at least two times in
Safe mode using MSAS?
>Open up the application | click spyware scan | click scan
options | under
>run scan now, click "Full system scan" | Then click "Scan
driver/folders" |
>to the right of that is a folder with blue "dots" next
to it, click those
>dots. This will open a map of your connected hard drives,
select which
>drives you want scanned, click "Ok", then run the scan.
>
>--
>
>Andre
>http://spaces.msn.com/members/adacosta
>FAQ for MS AntiSpy
http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm
>
>"(E-Mail Removed)"
<(E-Mail Removed)> wrote in message
>news:145501c515c2$66833240$(E-Mail Removed)...
>
>Ad-Aware SE Build 1.05
>Logfile Created on:Friday, February 18, 2005 7:56:28 AM
>Created with Ad-Aware SE Personal, free for private use.
>Using definitions file:SE1R27 05.02.2005
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>
>References detected during the scan:
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>MRU List(TAC index:0):15 total references
>Tracking Cookie(TAC index:3):11 total references
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>
>Ad-Aware SE Settings
>===========================
>Set : Search for negligible risk entries
>Set : Safe mode (always request confirmation)
>Set : Scan active processes
>Set : Scan registry
>Set : Deep-scan registry
>Set : Scan my IE Favorites for banned URLs
>Set : Scan my Hosts file
>
>Extended Ad-Aware SE Settings
>===========================
>Set : Unload recognized processes & modules during scan
>Set : Scan registry for all users instead of current user
>only
>Set : Always try to unload modules before deletion
>Set : During removal, unload Explorer and IE if necessary
>Set : Let Windows remove files in use at next reboot
>Set : Delete quarantined objects after restoring
>Set : Include basic Ad-Aware settings in log file
>Set : Include additional Ad-Aware settings in log file
>Set : Include reference summary in log file
>Set : Include alternate data stream details in log file
>Set : Play sound at scan completion if scan locates
>critical objects
>
>
>2-18-2005 7:56:28 AM - Scan started. (Smart mode)
>
>Listing running processes
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>
>#:1 [smss.exe]
> FilePath : \SystemRoot\System32\
> ProcessID : 168
> ThreadCreationTime : 2-18-2005 12:57:56 PM
> BasePriority : Normal
>
>
>#:2 [csrss.exe]
> FilePath : \??\C:\WINNT\system32\
> ProcessID : 192
> ThreadCreationTime : 2-18-2005 12:58:04 PM
> BasePriority : Normal
>
>
>#:3 [winlogon.exe]
> FilePath : \??\C:\WINNT\system32\
> ProcessID : 212
> ThreadCreationTime : 2-18-2005 12:58:07 PM
> BasePriority : High
>
>
>#:4 [services.exe]
> FilePath : C:\WINNT\system32\
> ProcessID : 240
> ThreadCreationTime : 2-18-2005 12:58:08 PM
> BasePriority : Normal
> FileVersion : 5.00.2195.6700
> ProductVersion : 5.00.2195.6700
> ProductName : Microsoft(R) Windows (R) 2000
>Operating System
> CompanyName : Microsoft Corporation
> FileDescription : Services and Controller app
> InternalName : services.exe
> LegalCopyright : Copyright (C) Microsoft Corp.
>1981-1999
> OriginalFilename : services.exe
>
>#:5 [lsass.exe]
> FilePath : C:\WINNT\system32\
> ProcessID : 252
> ThreadCreationTime : 2-18-2005 12:58:08 PM
> BasePriority : Normal
> FileVersion : 5.00.2195.6902
> ProductVersion : 5.00.2195.6902
> ProductName : Microsoft(R) Windows (R) 2000
>Operating System
> CompanyName : Microsoft Corporation
> FileDescription : LSA Executable and Server DLL
>(Export Version)
> InternalName : lsasrv.dll and lsass.exe
> LegalCopyright : Copyright (C) Microsoft Corp.
>1981-1999
> OriginalFilename : lsasrv.dll and lsass.exe
>
>#:6 [svchost.exe]
> FilePath : C:\WINNT\system32\
> ProcessID : 440
> ThreadCreationTime : 2-18-2005 12:58:13 PM
> BasePriority : Normal
> FileVersion : 5.00.2134.1
> ProductVersion : 5.00.2134.1
> ProductName : Microsoft(R) Windows (R) 2000
>Operating System
> CompanyName : Microsoft Corporation
> FileDescription : Generic Host Process for Win32
>Services
> InternalName : svchost.exe
> LegalCopyright : Copyright (C) Microsoft Corp.
>1981-1999
> OriginalFilename : svchost.exe
>
>#:7 [spoolsv.exe]
> FilePath : C:\WINNT\system32\
> ProcessID : 468
> ThreadCreationTime : 2-18-2005 12:58:16 PM
> BasePriority : Normal
> FileVersion : 5.00.2195.6659
> ProductVersion : 5.00.2195.6659
> ProductName : Microsoft(R) Windows (R) 2000
>Operating System
> CompanyName : Microsoft Corporation
> FileDescription : Spooler SubSystem App
> InternalName : spoolss.exe
> LegalCopyright : Copyright (C) Microsoft Corp.
>1981-1999
> OriginalFilename : spoolss.exe
>
>#:8 [ati2evxx.exe]
> FilePath : C:\WINNT\System32\
> ProcessID : 540
> ThreadCreationTime : 2-18-2005 12:58:23 PM
> BasePriority : Normal
>
>
>#:9 [cdac11ba.exe]
> FilePath : C:\WINNT\System32\drivers\
> ProcessID : 552
> ThreadCreationTime : 2-18-2005 12:58:23 PM
> BasePriority : Normal
> FileVersion : 4.16.050
> ProductVersion : 4.16.050 Windows NT 2002/04/24
> ProductName : SafeCast Windows NT
> CompanyName : Macrovision
> FileDescription : Macrovision RTS Service
> InternalName : CDANTSRV
> LegalCopyright : Copyright (c) 1998-2002
>Macrovision Corp.
> OriginalFilename : CDANTSRV.EXE
> Comments : StringFileInfo: U.S. English
>
>#:10 [defwatch.exe]
> FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
> ProcessID : 572
> ThreadCreationTime : 2-18-2005 12:58:23 PM
> BasePriority : Normal
> FileVersion : 8.1.0.825
> ProductVersion : 8.1.0.825
> ProductName : Norton AntiVirus
> CompanyName : Symantec Corporation
> FileDescription : Virus Definition Daemon
> InternalName : DefWatch
> LegalCopyright : Copyright © 1998 Symantec
>Corporation
> OriginalFilename : DefWatch.exe
>
>#:11 [svchost.exe]
> FilePath : C:\WINNT\System32\
> ProcessID : 592
> ThreadCreationTime : 2-18-2005 12:58:23 PM
> BasePriority : Normal
> FileVersion : 5.00.2134.1
> ProductVersion : 5.00.2134.1
> ProductName : Microsoft(R) Windows (R) 2000
>Operating System
> CompanyName : Microsoft Corporation
> FileDescription : Generic Host Process for Win32
>Services
> InternalName : svchost.exe
> LegalCopyright : Copyright (C) Microsoft Corp.
>1981-1999
> OriginalFilename : svchost.exe
>
>#:12 [frameworkservice.exe]
> FilePath : C:\ePOAgent\
> ProcessID : 616
> ThreadCreationTime : 2-18-2005 12:58:24 PM
> BasePriority : Normal
> FileVersion : 3.5.0.412
> ProductName : McAfee Common Framework
> CompanyName : Network Associates, Inc.
> FileDescription : Framework Service
> InternalName : Framework
> LegalCopyright : Copyright© 2000-2004 Networks
>Associates Technology, Inc. All Rights Reserved.
> OriginalFilename : Framework.exe
>
>#:13 [mdm.exe]
> FilePath : C:\Program Files\Common
>Files\Microsoft Shared\VS7Debug\
> ProcessID : 716
> ThreadCreationTime : 2-18-2005 12:58:29 PM
> BasePriority : Normal
> FileVersion : 7.00.9466
> ProductVersion : 7.00.9466
> ProductName : Microsoft® Visual Studio .NET
> CompanyName : Microsoft Corporation
> FileDescription : Machine Debug Manager
> InternalName : mdm.exe
> LegalCopyright : © Microsoft Corporation. All
>rights reserved.
> OriginalFilename : mdm.exe
>
>#:14 [regsvc.exe]
> FilePath : C:\WINNT\system32\
> ProcessID : 788
> ThreadCreationTime : 2-18-2005 12:58:31 PM
> BasePriority : Normal
> FileVersion : 5.00.2195.6701
> ProductVersion : 5.00.2195.6701
> ProductName : Microsoft(R) Windows (R) 2000
>Operating System
> CompanyName : Microsoft Corporation
> FileDescription : Remote Registry Service
> InternalName : regsvc
> LegalCopyright : Copyright (C) Microsoft Corp.
>1981-1999
> OriginalFilename : REGSVC.EXE
>
>#:15 [mstask.exe]
> FilePath : C:\WINNT\system32\
> ProcessID : 812
> ThreadCreationTime : 2-18-2005 12:58:32 PM
> BasePriority : Normal
> FileVersion : 4.71.2195.6920
> ProductVersion : 4.71.2195.6920
> ProductName : Microsoft® Windows® Task
Scheduler
> CompanyName : Microsoft Corporation
> FileDescription : Task Scheduler Engine
> InternalName : TaskScheduler
> LegalCopyright : Copyright (C) Microsoft Corp.
1997
> OriginalFilename : mstask.exe
>
>#:16 [tcpsvcs.exe]
> FilePath : C:\WINNT\system32\
> ProcessID : 856
> ThreadCreationTime : 2-18-2005 12:58:33 PM
> BasePriority : Normal
> FileVersion : 5.00.2134.1
> ProductVersion : 5.00.2134.1
> ProductName : Microsoft(R) Windows (R) 2000
>Operating System
> CompanyName : Microsoft Corporation
> FileDescription : TCP/IP Services Application
> InternalName : TCPSVCS.EXE
> LegalCopyright : Copyright (C) Microsoft Corp.
>1981-1999
> OriginalFilename : TCPSVCS.EXE
>
>#:17 [mspmspsv.exe]
> FilePath : C:\WINNT\System32\
> ProcessID : 900
> ThreadCreationTime : 2-18-2005 12:58:34 PM
> BasePriority : Normal
> FileVersion : 7.01.00.3055
> ProductVersion : 7.01.00.3055
> ProductName : Microsoft (R) DRM
> CompanyName : Microsoft Corporation
> FileDescription : WMDM PMSP Service
> InternalName : MSPMSPSV.EXE
> LegalCopyright : Copyright (C) Microsoft Corp.
>1981-2000
> OriginalFilename : MSPMSPSV.EXE
>
>#:18 [svchost.exe]
> FilePath : C:\WINNT\system32\
> ProcessID : 920
> ThreadCreationTime : 2-18-2005 12:58:34 PM
> BasePriority : Normal
> FileVersion : 5.00.2134.1
> ProductVersion : 5.00.2134.1
> ProductName : Microsoft(R) Windows (R) 2000
>Operating System
> CompanyName : Microsoft Corporation
> FileDescription : Generic Host Process for Win32
>Services
> InternalName : svchost.exe
> LegalCopyright : Copyright (C) Microsoft Corp.
>1981-1999
> OriginalFilename : svchost.exe
>
>#:19 [naprdmgr.exe]
> FilePath : C:\ePOAgent\
> ProcessID : 964
> ThreadCreationTime : 2-18-2005 12:58:40 PM
> BasePriority : Normal
> FileVersion : 3.5.0.412
> ProductName : McAfee Common Framework
> CompanyName : Network Associates, Inc.
> FileDescription : NAI Product Manager
> InternalName : Product Manager
> LegalCopyright : Copyright© 2000-2004 Networks
>Associates Technology, Inc. All Rights Reserved.
> OriginalFilename : naPrdMgr.exe
>
>#:20 [explorer.exe]
> FilePath : C:\WINNT\
> ProcessID : 1236
> ThreadCreationTime : 2-18-2005 12:59:23 PM
> BasePriority : Normal
> FileVersion : 5.00.3700.6690
> ProductVersion : 5.00.3700.6690
> ProductName : Microsoft(R) Windows (R) 2000
>Operating System
> CompanyName : Microsoft Corporation
> FileDescription : Windows Explorer
> InternalName : explorer
> LegalCopyright : Copyright (C) Microsoft Corp.
>1981-1999
> OriginalFilename : EXPLORER.EXE
>
>#:21 [atiptaxx.exe]
> FilePath : C:\WINNT\system32\
> ProcessID : 1328
> ThreadCreationTime : 2-18-2005 12:59:32 PM
> BasePriority : Normal
> FileVersion : 4.12.2470
> ProductVersion : 4.12.2470
> ProductName : ATI Desktop Component
> CompanyName : ATI Technologies, Inc.
> FileDescription : ATI Task Icon
> InternalName : ATIPDSXX
> LegalCopyright : Copyright (C) 1998-2000 ATI
>Technologies Inc.
> OriginalFilename : ATIPTAXX.DLL
>
>#:22 [dadapp.exe]
> FilePath : C:\Program
>Files\DELL\AccessDirect\
> ProcessID : 1332
> ThreadCreationTime : 2-18-2005 12:59:33 PM
> BasePriority : Normal
>
>
>#:23 [tppaldr.exe]
> FilePath : C:\WINNT\
> ProcessID : 1312
> ThreadCreationTime : 2-18-2005 12:59:33 PM
> BasePriority : Normal
> FileVersion : 5.04.1150.0
> ProductVersion : 5.04.1150.0
> ProductName : TPP Storage Adapter
> CompanyName : In-System Design, Inc.
> FileDescription : TPP Auto Loader Application
> InternalName : TPPALDR.EXE
> LegalCopyright : Copyright (C) 1998-2001 In-System
>Design, Inc.
> OriginalFilename : TPPALDR.EXE
>
>#:24 [hpoopm07.exe]
> FilePath : C:\WINNT\system32
>\spool\DRIVERS\W32X86\
> ProcessID : 872
> ThreadCreationTime : 2-18-2005 12:59:34 PM
> BasePriority : Normal
>
>
>#:25 [createcd50.exe]
> FilePath : C:\Program Files\Common
>Files\Adaptec Shared\CreateCD\
> ProcessID : 1384
> ThreadCreationTime : 2-18-2005 12:59:36 PM
> BasePriority : Normal
> FileVersion : 5.3.4.21
> ProductVersion : 5.3.4.21
> ProductName : Easy CD Creator
> CompanyName : Roxio
> FileDescription : Roxio Create CD
> InternalName : createcd.exe
> LegalCopyright : Copyright (c) 1999-2002 Roxio,
>Inc.
> OriginalFilename : createcd.exe
>
>#:26 [directcd.exe]
> FilePath : C:\Program Files\Roxio\Easy CD
>Creator 5\DirectCD\
> ProcessID : 1392
> ThreadCreationTime : 2-18-2005 12:59:36 PM
> BasePriority : Normal
> FileVersion : 5.3.4.21
> ProductVersion : 5.3.4.21
> ProductName : DirectCD
> CompanyName : Roxio
> FileDescription : DirectCD Application
> InternalName : DirectCD
> LegalCopyright : Copyright (c) 2001,2002, Roxio,
>Inc.
> OriginalFilename : Directcd.exe
>
>#:27 [syntplpr.exe]
> FilePath : C:\Program Files\Synaptics\SynTP\
> ProcessID : 1400
> ThreadCreationTime : 2-18-2005 12:59:37 PM
> BasePriority : Normal
> FileVersion : 7.2.12 17Mar03
> ProductVersion : 7.2.12 17Mar03
> ProductName : Progressive Touch
> CompanyName : Synaptics, Inc.
> FileDescription : TouchPad Driver Helper
Application
> InternalName : SynTPLpr
> LegalCopyright : Copyright (C) Synaptics, Inc.
>1996-2003
> OriginalFilename : SynTPLpr.exe
>
>#:28 [syntpenh.exe]
> FilePath : C:\Program Files\Synaptics\SynTP\
> ProcessID : 1408
> ThreadCreationTime : 2-18-2005 12:59:37 PM
> BasePriority : Normal
> FileVersion : 7.2.12 17Mar03
> ProductVersion : 7.2.12 17Mar03
> ProductName : Progressive Touch
> CompanyName : Synaptics, Inc.
> FileDescription : Synaptics TouchPad Enhancements
> InternalName : Scrolleroo
> LegalCopyright : Copyright (C) Synaptics, Inc.
>1996-2003
> OriginalFilename : SynTPEnh.exe
>
>#:29 [updaterui.exe]
> FilePath : C:\ePOAgent\
> ProcessID : 1420
> ThreadCreationTime : 2-18-2005 12:59:38 PM
> BasePriority : Normal
> FileVersion : 3.5.0.412
> ProductName : McAfee Common Framework
> CompanyName : Network Associates, Inc.
> FileDescription : Common User Interface
> InternalName : UpdaterUI
> LegalCopyright : Copyright© 2000-2004 Networks
>Associates Technology, Inc. All Rights Reserved.
> OriginalFilename : UpdaterUI.exe
>
>#:30 [statusclient.exe]
> FilePath : C:\Program Files\Hewlett-
>Packard\Toolbox2.0\Apache Tomcat 4.0
>\webapps\Toolbox\StatusClient\
> ProcessID : 1476
> ThreadCreationTime : 2-18-2005 12:59:40 PM
> BasePriority : Normal
> FileVersion : 00.00.13
> ProductVersion : 00.00.13
> ProductName : Hewlett-Packard T-TR Status
Client
> CompanyName : Hewlett-Packard
> FileDescription : Hewlett-Packard T-TR Status
Client
> InternalName : StatusClient.exe
> LegalCopyright : Copyright © 2002 Hewlett-Packard
>Company
> LegalTrademarks : All Rights Reserved.
> OriginalFilename : StatusClient.exe
>
>#:31 [vptray.exe]
> FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
> ProcessID : 1516
> ThreadCreationTime : 2-18-2005 12:59:42 PM
> BasePriority : Normal
> FileVersion : 8.1.0.825
> ProductVersion : 8.1.0.825
> ProductName : Symantec AntiVirus
> CompanyName : Symantec Corporation
> FileDescription : Symantec AntiVirus
> LegalCopyright : Copyright (C) Symantec
>Corporation 1991-2003
>
>#:32 [gcasserv.exe]
> FilePath : C:\Program Files\Microsoft
>AntiSpyware\
> ProcessID : 1536
> ThreadCreationTime : 2-18-2005 12:59:42 PM
> BasePriority : Idle
> FileVersion : 1.00.0509
> ProductVersion : 1.00.0509
> ProductName : Microsoft AntiSpyware (Beta 1)
> CompanyName : Microsoft Corporation
> FileDescription : Microsoft AntiSpyware Service
> InternalName : gcasServ
> LegalCopyright : Copyright © 2004-2005 Microsoft
>Corporation. All rights reserved.
> LegalTrademarks : Microsoft® and Windows® are
>registered trademarks of Microsoft Corporation. SpyNet(tm)
>is a trademark of Microsoft Corporation.
> OriginalFilename : gcasServ.exe
>
>#:33 [ctfmon.exe]
> FilePath : C:\WINNT\system32\
> ProcessID : 1232
> ThreadCreationTime : 2-18-2005 12:59:43 PM
> BasePriority : Normal
> FileVersion : 1.00.2409.7 built by: Lab06_N
> ProductVersion : 1.00.2409.7
> ProductName : Microsoft(R) Windows NT(R)
>Operating System
> CompanyName : Microsoft Corporation
> FileDescription : Cicero Loader
> InternalName : CICLOAD
> LegalCopyright : Copyright (C) Microsoft
>Corporation. 1981-2001
> OriginalFilename : CICLOAD.EXE
>
>#:34 [javaw.exe]
> FilePath : C:\Program Files\Hewlett-
>Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\
> ProcessID : 1632
> ThreadCreationTime : 2-18-2005 12:59:48 PM
> BasePriority : Normal
>
>
>#:35 [gcasdtserv.exe]
> FilePath : C:\Program Files\Microsoft
>AntiSpyware\
> ProcessID : 1648
> ThreadCreationTime : 2-18-2005 12:59:49 PM
> BasePriority : Normal
> FileVersion : 1.00.0509
> ProductVersion : 1.00.0509
> ProductName : Microsoft AntiSpyware (Beta 1)
> CompanyName : Microsoft Corporation
> FileDescription : Microsoft AntiSpyware Data
Service
> InternalName : gcasDtServ
> LegalCopyright : Copyright © 2004-2005 Microsoft
>Corporation. All rights reserved.
> LegalTrademarks : Microsoft® and Windows® are
>registered trademarks of Microsoft Corporation. SpyNet(tm)
>is a trademark of Microsoft Corporation.
> OriginalFilename : gcasDtServ.exe
>
>#:36 [hpzipm12.exe]
> FilePath : C:\WINNT\system32\
> ProcessID : 316
> ThreadCreationTime : 2-18-2005 1:01:42 PM
> BasePriority : Normal
> FileVersion : 5, 0, 5, 3
> ProductVersion : 5, 0, 5, 3
> ProductName : HP PML
> CompanyName : HP
> FileDescription : PML Driver
> InternalName : PmlDrv
> LegalCopyright : Copyright © 1998, 1999 Hewlett-
>Packard Company
> OriginalFilename : PmlDrv.exe
>
>#:37 [ad-aware.exe]
> FilePath : C:\Program Files\Lavasoft\Ad-
>Aware SE Personal\
> ProcessID : 940
> ThreadCreationTime : 2-18-2005 1:56:18 PM
> BasePriority : Normal
> FileVersion : 6.2.0.206
> ProductVersion : VI.Second Edition
> ProductName : Lavasoft Ad-Aware SE
> CompanyName : Lavasoft Sweden
> FileDescription : Ad-Aware SE Core application
> InternalName : Ad-Aware.exe
> LegalCopyright : Copyright © Lavasoft Sweden
> OriginalFilename : Ad-Aware.exe
> Comments : All Rights Reserved
>
>Memory scan result:
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>New critical objects: 0
>Objects found so far: 0
>
>
>Started registry scan
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>
>Registry Scan result:
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>New critical objects: 0
>Objects found so far: 0
>
>
>Started deep registry scan
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>
>Deep registry scan result:
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>New critical objects: 0
>Objects found so far: 0
>
>
>Started Tracking Cookie scan
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>
>
> Tracking Cookie Object Recognized!
> Type : IECache Entry
> Data : (E-Mail Removed)person
>[1].txt
> Category : Data Miner
> Comment : Hits:5
> Value :
>Cookie:(E-Mail Removed)/
> Expires : 2-16-2006 1:27:16 PM
> LastSync : Hits:5
> UseCount : 0
> Hits : 5
>
> Tracking Cookie Object Recognized!
> Type : IECache Entry
> Data :
>fssep111@dcsgcxwngpifwznfzlmv83o6w_5w4m[1].txt
> Category : Data Miner
> Comment : Hits:4
> Value :
>Cookie:(E-Mail Removed)/dcsgcxwngpifwznfz
l
>mv83o6w_5w4m
> Expires : 2-14-2015 6:33:26 AM
> LastSync : Hits:4
> UseCount : 0
> Hits : 4
>
> Tracking Cookie Object Recognized!
> Type : IECache Entry
> Data : fssep111@S111319[1].txt
> Category : Data Miner
> Comment : Hits:6
> Value :
>Cookie:(E-Mail Removed)/S111319
> Expires : 12-31-2020 2:00:00 AM
> LastSync : Hits:6
> UseCount : 0
> Hits : 6
>
> Tracking Cookie Object Recognized!
> Type : IECache Entry
> Data : fssep111@bluestreak[1].txt
> Category : Data Miner
> Comment : Hits:1
> Value : Cookie:(E-Mail Removed)/
> Expires : 2-15-2015 4:47:38 AM
> LastSync : Hits:1
> UseCount : 0
> Hits : 1
>
> Tracking Cookie Object Recognized!
> Type : IECache Entry
> Data : fssep111@qksrv[2].txt
> Category : Data Miner
> Comment : Hits:2
> Value : Cookie:(E-Mail Removed)/
> Expires : 2-15-2010 9:56:22 AM
> LastSync : Hits:2
> UseCount : 0
> Hits : 2
>
> Tracking Cookie Object Recognized!
> Type : IECache Entry
> Data : fssep111@apmebf[2].txt
> Category : Data Miner
> Comment : Hits:2
> Value : Cookie:(E-Mail Removed)/
> Expires : 2-15-2010 9:56:22 AM
> LastSync : Hits:2
> UseCount : 0
> Hits : 2
>
> Tracking Cookie Object Recognized!
> Type : IECache Entry
> Data : fssep111@statcounter[1].txt
> Category : Data Miner
> Comment : Hits:5
> Value : Cookie:(E-Mail Removed)/
> Expires : 2-15-2010 12:23:28 PM
> LastSync : Hits:5
> UseCount : 0
> Hits : 5
>
> Tracking Cookie Object Recognized!
> Type : IECache Entry
> Data : (E-Mail Removed)[1].txt
> Category : Data Miner
> Comment : Hits:3
> Value : Cookie:(E-Mail Removed)/
> Expires : 3-18-2005 2:55:58 PM
> LastSync : Hits:3
> UseCount : 0
> Hits : 3
>
> Tracking Cookie Object Recognized!
> Type : IECache Entry
> Data : fssep111@mediaplex[1].txt
> Category : Data Miner
> Comment : Hits:1
> Value : Cookie:(E-Mail Removed)/
> Expires : 6-21-2009 6:00:00 PM
> LastSync : Hits:1
> UseCount : 0
> Hits : 1
>
> Tracking Cookie Object Recognized!
> Type : IECache Entry
> Data : fssep111@2o7[2].txt
> Category : Data Miner
> Comment : Hits:13
> Value : Cookie:(E-Mail Removed)/
> Expires : 2-16-2010 7:47:04 AM
> LastSync : Hits:13
> UseCount : 0
> Hits : 13
>
> Tracking Cookie Object Recognized!
> Type : IECache Entry
> Data : fssep111@zedo[2].txt
> Category : Data Miner
> Comment : Hits:11
> Value : Cookie:(E-Mail Removed)/
> Expires : 2-15-2015 10:46:54 AM
> LastSync : Hits:11
> UseCount : 0
> Hits : 11
>
>Tracking cookie scan result:
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>New critical objects: 11
>Objects found so far: 11
>
>
>
>Deep scanning and examining files...
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>
>Disk Scan Result for C:\WINNT
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>New critical objects: 0
>Objects found so far: 11
>
>Disk Scan Result for C:\WINNT\system32
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>New critical objects: 0
>Objects found so far: 11
>
>Disk Scan Result for C:\DOCUME~1\fssep111\LOCALS~1\Temp\
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>New critical objects: 0
>Objects found so far: 11
>
>
>Scanning Hosts file......
>Hosts file location:"C:\WINNT\system32\drivers\etc\hosts".
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»
>»»»»»»»»»»»»»»»»»
>
>Hosts file scan result:
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>1 entries scanned.
>New critical objects:0
>Objects found so far: 11
>
>
>
> MRU List Object Recognized!
> Location: : S-1-5-21-790525478-1708537768-
>1801674531-18292\software\nico mak
>computing\winzip\filemenu
> Description : winzip recently used archives
>
>
> MRU List Object Recognized!
> Location: : S-1-5-21-790525478-1708537768-
>1801674531-18292
>\software\microsoft\windows\currentversion\explorer\comdlg
3
>2\opensavemru
> Description : list of recently saved files,
>stored according to file extension
>
>
> MRU List Object Recognized!
> Location: : S-1-5-21-790525478-1708537768-
>1801674531-18292
>\software\microsoft\windows\currentversion\explorer\comdlg
3
>2\lastvisitedmru
> Description : list of recent programs opened
>
>
> MRU List Object Recognized!
> Location: : S-1-5-21-790525478-1708537768-
>1801674531-18292
>\software\microsoft\windows\currentversion\explorer\recent
d
>ocs
> Description : list of recent documents opened
>
>
> MRU List Object Recognized!
> Location: : S-1-5-21-790525478-1708537768-
>1801674531-18292\software\microsoft\office\10.0
>\common\open find\microsoft word\settings\save as\file
>name mru
> Description : list of recent documents saved by
>microsoft word
>
>
> MRU List Object Recognized!
> Location: : S-1-5-21-790525478-1708537768-
>1801674531-18292\software\microsoft\office\10.0
>\excel\recent files
> Description : list of recent files used by
>microsoft excel
>
>
> MRU List Object Recognized!
> Location: : S-1-5-21-790525478-1708537768-
>1801674531-18292
>\software\microsoft\mediaplayer\player\recentfilelist
> Description : list of recently used files in
>microsoft windows media player
>
>
> MRU List Object Recognized!
> Location: : S-1-5-21-790525478-1708537768-
>1801674531-18292\software\microsoft\internet explorer
> Description : last download directory used in
>microsoft internet explorer
>
>
> MRU List Object Recognized!
> Location: :
>software\microsoft\directdraw\mostrecentapplication
> Description : most recent application to use
>microsoft directdraw
>
>
> MRU List Object Recognized!
> Location: : S-1-5-21-790525478-1708537768-
>1801674531-18292\software\microsoft\internet
>explorer\typedurls
> Description : list of recently entered
>addresses in microsoft internet explorer
>
>
> MRU List Object Recognized!
> Location: : S-1-5-21-790525478-1708537768-
>1801674531-18292
\software\microsoft\mediaplayer\preferences
> Description : last playlist index loaded in
>microsoft windows media player
>
>
> MRU List Object Recognized!
> Location: : S-1-5-21-790525478-1708537768-
>1801674531-18292
\software\microsoft\mediaplayer\preferences
> Description : last playlist loaded in microsoft
>windows media player
>
>
> MRU List Object Recognized!
> Location: : S-1-5-21-790525478-1708537768-
>1801674531-18292\software\microsoft\windows
>media\wmsdk\general
> Description : windows media sdk
>
>
> MRU List Object Recognized!
> Location: : C:\Documents and
Settings\fssep111
>\Application Data\microsoft\office\recent
> Description : list of recently opened documents
>using microsoft office
>
>
> MRU List Object Recognized!
> Location: : C:\Documents and
Settings\fssep111
>\recent
> Description : list of recently opened documents
>
>
>
>Performing conditional scans...
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>
>Conditional scan result:
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>New critical objects: 0
>Objects found so far: 26
>
>7:57:36 AM Scan Complete
>
>Summary Of This Scan
>»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
>Total scanning time:00:01:08.388
>Objects scanned:43768
>Objects identified:11
>Objects ignored:0
>New critical objects:11
>
>
>
>.
>