adware spyware not detected by microsoft

S

spobozny

Ad-Aware SE Build 1.05
Logfile Created on:Friday, February 18, 2005 7:56:28 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R27 05.02.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):15 total references
Tracking Cookie(TAC index:3):11 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user
only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates
critical objects


2-18-2005 7:56:28 AM - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 168
ThreadCreationTime : 2-18-2005 12:57:56 PM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 192
ThreadCreationTime : 2-18-2005 12:58:04 PM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 212
ThreadCreationTime : 2-18-2005 12:58:07 PM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINNT\system32\
ProcessID : 240
ThreadCreationTime : 2-18-2005 12:58:08 PM
BasePriority : Normal
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINNT\system32\
ProcessID : 252
ThreadCreationTime : 2-18-2005 12:58:08 PM
BasePriority : Normal
FileVersion : 5.00.2195.6902
ProductVersion : 5.00.2195.6902
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Executable and Server DLL
(Export Version)
InternalName : lsasrv.dll and lsass.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : lsasrv.dll and lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 440
ThreadCreationTime : 2-18-2005 12:58:13 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe

#:7 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ProcessID : 468
ThreadCreationTime : 2-18-2005 12:58:16 PM
BasePriority : Normal
FileVersion : 5.00.2195.6659
ProductVersion : 5.00.2195.6659
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : spoolss.exe

#:8 [ati2evxx.exe]
FilePath : C:\WINNT\System32\
ProcessID : 540
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal


#:9 [cdac11ba.exe]
FilePath : C:\WINNT\System32\drivers\
ProcessID : 552
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 4.16.050
ProductVersion : 4.16.050 Windows NT 2002/04/24
ProductName : SafeCast Windows NT
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
LegalCopyright : Copyright (c) 1998-2002
Macrovision Corp.
OriginalFilename : CDANTSRV.EXE
Comments : StringFileInfo: U.S. English

#:10 [defwatch.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ProcessID : 572
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 8.1.0.825
ProductVersion : 8.1.0.825
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Virus Definition Daemon
InternalName : DefWatch
LegalCopyright : Copyright © 1998 Symantec
Corporation
OriginalFilename : DefWatch.exe

#:11 [svchost.exe]
FilePath : C:\WINNT\System32\
ProcessID : 592
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe

#:12 [frameworkservice.exe]
FilePath : C:\ePOAgent\
ProcessID : 616
ThreadCreationTime : 2-18-2005 12:58:24 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Framework Service
InternalName : Framework
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : Framework.exe

#:13 [mdm.exe]
FilePath : C:\Program Files\Common
Files\Microsoft Shared\VS7Debug\
ProcessID : 716
ThreadCreationTime : 2-18-2005 12:58:29 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All
rights reserved.
OriginalFilename : mdm.exe

#:14 [regsvc.exe]
FilePath : C:\WINNT\system32\
ProcessID : 788
ThreadCreationTime : 2-18-2005 12:58:31 PM
BasePriority : Normal
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : REGSVC.EXE

#:15 [mstask.exe]
FilePath : C:\WINNT\system32\
ProcessID : 812
ThreadCreationTime : 2-18-2005 12:58:32 PM
BasePriority : Normal
FileVersion : 4.71.2195.6920
ProductVersion : 4.71.2195.6920
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright (C) Microsoft Corp. 1997
OriginalFilename : mstask.exe

#:16 [tcpsvcs.exe]
FilePath : C:\WINNT\system32\
ProcessID : 856
ThreadCreationTime : 2-18-2005 12:58:33 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : TCP/IP Services Application
InternalName : TCPSVCS.EXE
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : TCPSVCS.EXE

#:17 [mspmspsv.exe]
FilePath : C:\WINNT\System32\
ProcessID : 900
ThreadCreationTime : 2-18-2005 12:58:34 PM
BasePriority : Normal
FileVersion : 7.01.00.3055
ProductVersion : 7.01.00.3055
ProductName : Microsoft (R) DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright (C) Microsoft Corp.
1981-2000
OriginalFilename : MSPMSPSV.EXE

#:18 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 920
ThreadCreationTime : 2-18-2005 12:58:34 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe

#:19 [naprdmgr.exe]
FilePath : C:\ePOAgent\
ProcessID : 964
ThreadCreationTime : 2-18-2005 12:58:40 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : NAI Product Manager
InternalName : Product Manager
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : naPrdMgr.exe

#:20 [explorer.exe]
FilePath : C:\WINNT\
ProcessID : 1236
ThreadCreationTime : 2-18-2005 12:59:23 PM
BasePriority : Normal
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : EXPLORER.EXE

#:21 [atiptaxx.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1328
ThreadCreationTime : 2-18-2005 12:59:32 PM
BasePriority : Normal
FileVersion : 4.12.2470
ProductVersion : 4.12.2470
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Task Icon
InternalName : ATIPDSXX
LegalCopyright : Copyright (C) 1998-2000 ATI
Technologies Inc.
OriginalFilename : ATIPTAXX.DLL

#:22 [dadapp.exe]
FilePath : C:\Program
Files\DELL\AccessDirect\
ProcessID : 1332
ThreadCreationTime : 2-18-2005 12:59:33 PM
BasePriority : Normal


#:23 [tppaldr.exe]
FilePath : C:\WINNT\
ProcessID : 1312
ThreadCreationTime : 2-18-2005 12:59:33 PM
BasePriority : Normal
FileVersion : 5.04.1150.0
ProductVersion : 5.04.1150.0
ProductName : TPP Storage Adapter
CompanyName : In-System Design, Inc.
FileDescription : TPP Auto Loader Application
InternalName : TPPALDR.EXE
LegalCopyright : Copyright (C) 1998-2001 In-System
Design, Inc.
OriginalFilename : TPPALDR.EXE

#:24 [hpoopm07.exe]
FilePath : C:\WINNT\system32
\spool\DRIVERS\W32X86\
ProcessID : 872
ThreadCreationTime : 2-18-2005 12:59:34 PM
BasePriority : Normal


#:25 [createcd50.exe]
FilePath : C:\Program Files\Common
Files\Adaptec Shared\CreateCD\
ProcessID : 1384
ThreadCreationTime : 2-18-2005 12:59:36 PM
BasePriority : Normal
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
ProductName : Easy CD Creator
CompanyName : Roxio
FileDescription : Roxio Create CD
InternalName : createcd.exe
LegalCopyright : Copyright (c) 1999-2002 Roxio,
Inc.
OriginalFilename : createcd.exe

#:26 [directcd.exe]
FilePath : C:\Program Files\Roxio\Easy CD
Creator 5\DirectCD\
ProcessID : 1392
ThreadCreationTime : 2-18-2005 12:59:36 PM
BasePriority : Normal
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
ProductName : DirectCD
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright (c) 2001,2002, Roxio,
Inc.
OriginalFilename : Directcd.exe

#:27 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1400
ThreadCreationTime : 2-18-2005 12:59:37 PM
BasePriority : Normal
FileVersion : 7.2.12 17Mar03
ProductVersion : 7.2.12 17Mar03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright (C) Synaptics, Inc.
1996-2003
OriginalFilename : SynTPLpr.exe

#:28 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1408
ThreadCreationTime : 2-18-2005 12:59:37 PM
BasePriority : Normal
FileVersion : 7.2.12 17Mar03
ProductVersion : 7.2.12 17Mar03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright (C) Synaptics, Inc.
1996-2003
OriginalFilename : SynTPEnh.exe

#:29 [updaterui.exe]
FilePath : C:\ePOAgent\
ProcessID : 1420
ThreadCreationTime : 2-18-2005 12:59:38 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Common User Interface
InternalName : UpdaterUI
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : UpdaterUI.exe

#:30 [statusclient.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Toolbox2.0\Apache Tomcat 4.0
\webapps\Toolbox\StatusClient\
ProcessID : 1476
ThreadCreationTime : 2-18-2005 12:59:40 PM
BasePriority : Normal
FileVersion : 00.00.13
ProductVersion : 00.00.13
ProductName : Hewlett-Packard T-TR Status Client
CompanyName : Hewlett-Packard
FileDescription : Hewlett-Packard T-TR Status Client
InternalName : StatusClient.exe
LegalCopyright : Copyright © 2002 Hewlett-Packard
Company
LegalTrademarks : All Rights Reserved.
OriginalFilename : StatusClient.exe

#:31 [vptray.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ProcessID : 1516
ThreadCreationTime : 2-18-2005 12:59:42 PM
BasePriority : Normal
FileVersion : 8.1.0.825
ProductVersion : 8.1.0.825
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright (C) Symantec
Corporation 1991-2003

#:32 [gcasserv.exe]
FilePath : C:\Program Files\Microsoft
AntiSpyware\
ProcessID : 1536
ThreadCreationTime : 2-18-2005 12:59:42 PM
BasePriority : Idle
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Service
InternalName : gcasServ
LegalCopyright : Copyright © 2004-2005 Microsoft
Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are
registered trademarks of Microsoft Corporation. SpyNet(tm)
is a trademark of Microsoft Corporation.
OriginalFilename : gcasServ.exe

#:33 [ctfmon.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1232
ThreadCreationTime : 2-18-2005 12:59:43 PM
BasePriority : Normal
FileVersion : 1.00.2409.7 built by: Lab06_N
ProductVersion : 1.00.2409.7
ProductName : Microsoft(R) Windows NT(R)
Operating System
CompanyName : Microsoft Corporation
FileDescription : Cicero Loader
InternalName : CICLOAD
LegalCopyright : Copyright (C) Microsoft
Corporation. 1981-2001
OriginalFilename : CICLOAD.EXE

#:34 [javaw.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\
ProcessID : 1632
ThreadCreationTime : 2-18-2005 12:59:48 PM
BasePriority : Normal


#:35 [gcasdtserv.exe]
FilePath : C:\Program Files\Microsoft
AntiSpyware\
ProcessID : 1648
ThreadCreationTime : 2-18-2005 12:59:49 PM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft
Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are
registered trademarks of Microsoft Corporation. SpyNet(tm)
is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe

#:36 [hpzipm12.exe]
FilePath : C:\WINNT\system32\
ProcessID : 316
ThreadCreationTime : 2-18-2005 1:01:42 PM
BasePriority : Normal
FileVersion : 5, 0, 5, 3
ProductVersion : 5, 0, 5, 3
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-
Packard Company
OriginalFilename : PmlDrv.exe

#:37 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-
Aware SE Personal\
ProcessID : 940
ThreadCreationTime : 2-18-2005 1:56:18 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (e-mail address removed)
[1].txt
Category : Data Miner
Comment : Hits:5
Value :
Cookie:[email protected]/
Expires : 2-16-2006 1:27:16 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
fssep111@dcsgcxwngpifwznfzlmv83o6w_5w4m[1].txt
Category : Data Miner
Comment : Hits:4
Value :
Cookie:[email protected]/dcsgcxwngpifwznfzl
mv83o6w_5w4m
Expires : 2-14-2015 6:33:26 AM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@S111319[1].txt
Category : Data Miner
Comment : Hits:6
Value :
Cookie:[email protected]/S111319
Expires : 12-31-2020 2:00:00 AM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@bluestreak[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 2-15-2015 4:47:38 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@qksrv[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 2-15-2010 9:56:22 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@apmebf[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 2-15-2010 9:56:22 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@statcounter[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:[email protected]/
Expires : 2-15-2010 12:23:28 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (e-mail address removed)[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/
Expires : 3-18-2005 2:55:58 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@mediaplex[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 6-21-2009 6:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@2o7[2].txt
Category : Data Miner
Comment : Hits:13
Value : Cookie:[email protected]/
Expires : 2-16-2010 7:47:04 AM
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@zedo[2].txt
Category : Data Miner
Comment : Hits:11
Value : Cookie:[email protected]/
Expires : 2-15-2015 10:46:54 AM
LastSync : Hits:11
UseCount : 0
Hits : 11

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 11
Objects found so far: 11



Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\WINNT
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11

Disk Scan Result for C:\WINNT\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11

Disk Scan Result for C:\DOCUME~1\fssep111\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11


Scanning Hosts file......
Hosts file location:"C:\WINNT\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 11



MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\nico mak
computing\winzip\filemenu
Description : winzip recently used archives


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\comdlg3
2\opensavemru
Description : list of recently saved files,
stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\comdlg3
2\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\recentd
ocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\office\10.0
\common\open find\microsoft word\settings\save as\file
name mru
Description : list of recent documents saved by
microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\office\10.0
\excel\recent files
Description : list of recent files used by
microsoft excel


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in
microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\internet explorer
Description : last download directory used in
microsoft internet explorer


MRU List Object Recognized!
Location: :
software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use
microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\internet
explorer\typedurls
Description : list of recently entered
addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in
microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft
windows media player


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\windows
media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : C:\Documents and Settings\fssep111
\Application Data\microsoft\office\recent
Description : list of recently opened documents
using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\fssep111
\recent
Description : list of recently opened documents



Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 26

7:57:36 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:01:08.388
Objects scanned:43768
Objects identified:11
Objects ignored:0
New critical objects:11
 
A

Andre Da Costa

Have you tried running the scan at least two times in Safe mode using MSAS?
Open up the application | click spyware scan | click scan options | under
run scan now, click "Full system scan" | Then click "Scan driver/folders" |
to the right of that is a folder with blue "dots" next to it, click those
dots. This will open a map of your connected hard drives, select which
drives you want scanned, click "Ok", then run the scan.

--

Andre
http://spaces.msn.com/members/adacosta
FAQ for MS AntiSpy http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm


Ad-Aware SE Build 1.05
Logfile Created on:Friday, February 18, 2005 7:56:28 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R27 05.02.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):15 total references
Tracking Cookie(TAC index:3):11 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user
only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates
critical objects


2-18-2005 7:56:28 AM - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 168
ThreadCreationTime : 2-18-2005 12:57:56 PM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 192
ThreadCreationTime : 2-18-2005 12:58:04 PM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 212
ThreadCreationTime : 2-18-2005 12:58:07 PM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINNT\system32\
ProcessID : 240
ThreadCreationTime : 2-18-2005 12:58:08 PM
BasePriority : Normal
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINNT\system32\
ProcessID : 252
ThreadCreationTime : 2-18-2005 12:58:08 PM
BasePriority : Normal
FileVersion : 5.00.2195.6902
ProductVersion : 5.00.2195.6902
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Executable and Server DLL
(Export Version)
InternalName : lsasrv.dll and lsass.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : lsasrv.dll and lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 440
ThreadCreationTime : 2-18-2005 12:58:13 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe

#:7 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ProcessID : 468
ThreadCreationTime : 2-18-2005 12:58:16 PM
BasePriority : Normal
FileVersion : 5.00.2195.6659
ProductVersion : 5.00.2195.6659
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : spoolss.exe

#:8 [ati2evxx.exe]
FilePath : C:\WINNT\System32\
ProcessID : 540
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal


#:9 [cdac11ba.exe]
FilePath : C:\WINNT\System32\drivers\
ProcessID : 552
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 4.16.050
ProductVersion : 4.16.050 Windows NT 2002/04/24
ProductName : SafeCast Windows NT
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
LegalCopyright : Copyright (c) 1998-2002
Macrovision Corp.
OriginalFilename : CDANTSRV.EXE
Comments : StringFileInfo: U.S. English

#:10 [defwatch.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ProcessID : 572
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 8.1.0.825
ProductVersion : 8.1.0.825
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Virus Definition Daemon
InternalName : DefWatch
LegalCopyright : Copyright © 1998 Symantec
Corporation
OriginalFilename : DefWatch.exe

#:11 [svchost.exe]
FilePath : C:\WINNT\System32\
ProcessID : 592
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe

#:12 [frameworkservice.exe]
FilePath : C:\ePOAgent\
ProcessID : 616
ThreadCreationTime : 2-18-2005 12:58:24 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Framework Service
InternalName : Framework
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : Framework.exe

#:13 [mdm.exe]
FilePath : C:\Program Files\Common
Files\Microsoft Shared\VS7Debug\
ProcessID : 716
ThreadCreationTime : 2-18-2005 12:58:29 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All
rights reserved.
OriginalFilename : mdm.exe

#:14 [regsvc.exe]
FilePath : C:\WINNT\system32\
ProcessID : 788
ThreadCreationTime : 2-18-2005 12:58:31 PM
BasePriority : Normal
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : REGSVC.EXE

#:15 [mstask.exe]
FilePath : C:\WINNT\system32\
ProcessID : 812
ThreadCreationTime : 2-18-2005 12:58:32 PM
BasePriority : Normal
FileVersion : 4.71.2195.6920
ProductVersion : 4.71.2195.6920
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright (C) Microsoft Corp. 1997
OriginalFilename : mstask.exe

#:16 [tcpsvcs.exe]
FilePath : C:\WINNT\system32\
ProcessID : 856
ThreadCreationTime : 2-18-2005 12:58:33 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : TCP/IP Services Application
InternalName : TCPSVCS.EXE
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : TCPSVCS.EXE

#:17 [mspmspsv.exe]
FilePath : C:\WINNT\System32\
ProcessID : 900
ThreadCreationTime : 2-18-2005 12:58:34 PM
BasePriority : Normal
FileVersion : 7.01.00.3055
ProductVersion : 7.01.00.3055
ProductName : Microsoft (R) DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright (C) Microsoft Corp.
1981-2000
OriginalFilename : MSPMSPSV.EXE

#:18 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 920
ThreadCreationTime : 2-18-2005 12:58:34 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe

#:19 [naprdmgr.exe]
FilePath : C:\ePOAgent\
ProcessID : 964
ThreadCreationTime : 2-18-2005 12:58:40 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : NAI Product Manager
InternalName : Product Manager
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : naPrdMgr.exe

#:20 [explorer.exe]
FilePath : C:\WINNT\
ProcessID : 1236
ThreadCreationTime : 2-18-2005 12:59:23 PM
BasePriority : Normal
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : EXPLORER.EXE

#:21 [atiptaxx.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1328
ThreadCreationTime : 2-18-2005 12:59:32 PM
BasePriority : Normal
FileVersion : 4.12.2470
ProductVersion : 4.12.2470
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Task Icon
InternalName : ATIPDSXX
LegalCopyright : Copyright (C) 1998-2000 ATI
Technologies Inc.
OriginalFilename : ATIPTAXX.DLL

#:22 [dadapp.exe]
FilePath : C:\Program
Files\DELL\AccessDirect\
ProcessID : 1332
ThreadCreationTime : 2-18-2005 12:59:33 PM
BasePriority : Normal


#:23 [tppaldr.exe]
FilePath : C:\WINNT\
ProcessID : 1312
ThreadCreationTime : 2-18-2005 12:59:33 PM
BasePriority : Normal
FileVersion : 5.04.1150.0
ProductVersion : 5.04.1150.0
ProductName : TPP Storage Adapter
CompanyName : In-System Design, Inc.
FileDescription : TPP Auto Loader Application
InternalName : TPPALDR.EXE
LegalCopyright : Copyright (C) 1998-2001 In-System
Design, Inc.
OriginalFilename : TPPALDR.EXE

#:24 [hpoopm07.exe]
FilePath : C:\WINNT\system32
\spool\DRIVERS\W32X86\
ProcessID : 872
ThreadCreationTime : 2-18-2005 12:59:34 PM
BasePriority : Normal


#:25 [createcd50.exe]
FilePath : C:\Program Files\Common
Files\Adaptec Shared\CreateCD\
ProcessID : 1384
ThreadCreationTime : 2-18-2005 12:59:36 PM
BasePriority : Normal
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
ProductName : Easy CD Creator
CompanyName : Roxio
FileDescription : Roxio Create CD
InternalName : createcd.exe
LegalCopyright : Copyright (c) 1999-2002 Roxio,
Inc.
OriginalFilename : createcd.exe

#:26 [directcd.exe]
FilePath : C:\Program Files\Roxio\Easy CD
Creator 5\DirectCD\
ProcessID : 1392
ThreadCreationTime : 2-18-2005 12:59:36 PM
BasePriority : Normal
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
ProductName : DirectCD
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright (c) 2001,2002, Roxio,
Inc.
OriginalFilename : Directcd.exe

#:27 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1400
ThreadCreationTime : 2-18-2005 12:59:37 PM
BasePriority : Normal
FileVersion : 7.2.12 17Mar03
ProductVersion : 7.2.12 17Mar03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright (C) Synaptics, Inc.
1996-2003
OriginalFilename : SynTPLpr.exe

#:28 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1408
ThreadCreationTime : 2-18-2005 12:59:37 PM
BasePriority : Normal
FileVersion : 7.2.12 17Mar03
ProductVersion : 7.2.12 17Mar03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright (C) Synaptics, Inc.
1996-2003
OriginalFilename : SynTPEnh.exe

#:29 [updaterui.exe]
FilePath : C:\ePOAgent\
ProcessID : 1420
ThreadCreationTime : 2-18-2005 12:59:38 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Common User Interface
InternalName : UpdaterUI
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : UpdaterUI.exe

#:30 [statusclient.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Toolbox2.0\Apache Tomcat 4.0
\webapps\Toolbox\StatusClient\
ProcessID : 1476
ThreadCreationTime : 2-18-2005 12:59:40 PM
BasePriority : Normal
FileVersion : 00.00.13
ProductVersion : 00.00.13
ProductName : Hewlett-Packard T-TR Status Client
CompanyName : Hewlett-Packard
FileDescription : Hewlett-Packard T-TR Status Client
InternalName : StatusClient.exe
LegalCopyright : Copyright © 2002 Hewlett-Packard
Company
LegalTrademarks : All Rights Reserved.
OriginalFilename : StatusClient.exe

#:31 [vptray.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ProcessID : 1516
ThreadCreationTime : 2-18-2005 12:59:42 PM
BasePriority : Normal
FileVersion : 8.1.0.825
ProductVersion : 8.1.0.825
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright (C) Symantec
Corporation 1991-2003

#:32 [gcasserv.exe]
FilePath : C:\Program Files\Microsoft
AntiSpyware\
ProcessID : 1536
ThreadCreationTime : 2-18-2005 12:59:42 PM
BasePriority : Idle
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Service
InternalName : gcasServ
LegalCopyright : Copyright © 2004-2005 Microsoft
Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are
registered trademarks of Microsoft Corporation. SpyNet(tm)
is a trademark of Microsoft Corporation.
OriginalFilename : gcasServ.exe

#:33 [ctfmon.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1232
ThreadCreationTime : 2-18-2005 12:59:43 PM
BasePriority : Normal
FileVersion : 1.00.2409.7 built by: Lab06_N
ProductVersion : 1.00.2409.7
ProductName : Microsoft(R) Windows NT(R)
Operating System
CompanyName : Microsoft Corporation
FileDescription : Cicero Loader
InternalName : CICLOAD
LegalCopyright : Copyright (C) Microsoft
Corporation. 1981-2001
OriginalFilename : CICLOAD.EXE

#:34 [javaw.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\
ProcessID : 1632
ThreadCreationTime : 2-18-2005 12:59:48 PM
BasePriority : Normal


#:35 [gcasdtserv.exe]
FilePath : C:\Program Files\Microsoft
AntiSpyware\
ProcessID : 1648
ThreadCreationTime : 2-18-2005 12:59:49 PM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft
Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are
registered trademarks of Microsoft Corporation. SpyNet(tm)
is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe

#:36 [hpzipm12.exe]
FilePath : C:\WINNT\system32\
ProcessID : 316
ThreadCreationTime : 2-18-2005 1:01:42 PM
BasePriority : Normal
FileVersion : 5, 0, 5, 3
ProductVersion : 5, 0, 5, 3
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-
Packard Company
OriginalFilename : PmlDrv.exe

#:37 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-
Aware SE Personal\
ProcessID : 940
ThreadCreationTime : 2-18-2005 1:56:18 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (e-mail address removed)
[1].txt
Category : Data Miner
Comment : Hits:5
Value :
Cookie:[email protected]/
Expires : 2-16-2006 1:27:16 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
fssep111@dcsgcxwngpifwznfzlmv83o6w_5w4m[1].txt
Category : Data Miner
Comment : Hits:4
Value :
Cookie:[email protected]/dcsgcxwngpifwznfzl
mv83o6w_5w4m
Expires : 2-14-2015 6:33:26 AM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@S111319[1].txt
Category : Data Miner
Comment : Hits:6
Value :
Cookie:[email protected]/S111319
Expires : 12-31-2020 2:00:00 AM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@bluestreak[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 2-15-2015 4:47:38 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@qksrv[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 2-15-2010 9:56:22 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@apmebf[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 2-15-2010 9:56:22 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@statcounter[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:[email protected]/
Expires : 2-15-2010 12:23:28 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (e-mail address removed)[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/
Expires : 3-18-2005 2:55:58 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@mediaplex[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 6-21-2009 6:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@2o7[2].txt
Category : Data Miner
Comment : Hits:13
Value : Cookie:[email protected]/
Expires : 2-16-2010 7:47:04 AM
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@zedo[2].txt
Category : Data Miner
Comment : Hits:11
Value : Cookie:[email protected]/
Expires : 2-15-2015 10:46:54 AM
LastSync : Hits:11
UseCount : 0
Hits : 11

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 11
Objects found so far: 11



Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\WINNT
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11

Disk Scan Result for C:\WINNT\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11

Disk Scan Result for C:\DOCUME~1\fssep111\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11


Scanning Hosts file......
Hosts file location:"C:\WINNT\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 11



MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\nico mak
computing\winzip\filemenu
Description : winzip recently used archives


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\comdlg3
2\opensavemru
Description : list of recently saved files,
stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\comdlg3
2\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\recentd
ocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\office\10.0
\common\open find\microsoft word\settings\save as\file
name mru
Description : list of recent documents saved by
microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\office\10.0
\excel\recent files
Description : list of recent files used by
microsoft excel


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in
microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\internet explorer
Description : last download directory used in
microsoft internet explorer


MRU List Object Recognized!
Location: :
software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use
microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\internet
explorer\typedurls
Description : list of recently entered
addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in
microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft
windows media player


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\windows
media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : C:\Documents and Settings\fssep111
\Application Data\microsoft\office\recent
Description : list of recently opened documents
using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\fssep111
\recent
Description : list of recently opened documents



Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 26

7:57:36 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:01:08.388
Objects scanned:43768
Objects identified:11
Objects ignored:0
New critical objects:11
 
J

JRosenfeld

This beta version of MS antispyware does not scan for
tracking cookies, which is what your Adaware log shows it
found.
-----Original Message-----
Have you tried running the scan at least two times in Safe mode using MSAS?
Open up the application | click spyware scan | click scan options | under
run scan now, click "Full system scan" | Then click "Scan driver/folders" |
to the right of that is a folder with blue "dots" next to it, click those
dots. This will open a map of your connected hard drives, select which
drives you want scanned, click "Ok", then run the scan.

--

Andre
http://spaces.msn.com/members/adacosta
FAQ for MS AntiSpy http://www.geocities.com/marfer_mvp/FAQ_MSantispy.htm

"(e-mail address removed)"
Click to expand...
Ad-Aware SE Build 1.05
Logfile Created on:Friday, February 18, 2005 7:56:28 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R27 05.02.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):15 total references
Tracking Cookie(TAC index:3):11 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user
only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates
critical objects


2-18-2005 7:56:28 AM - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 168
ThreadCreationTime : 2-18-2005 12:57:56 PM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 192
ThreadCreationTime : 2-18-2005 12:58:04 PM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINNT\system32\
ProcessID : 212
ThreadCreationTime : 2-18-2005 12:58:07 PM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINNT\system32\
ProcessID : 240
ThreadCreationTime : 2-18-2005 12:58:08 PM
BasePriority : Normal
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINNT\system32\
ProcessID : 252
ThreadCreationTime : 2-18-2005 12:58:08 PM
BasePriority : Normal
FileVersion : 5.00.2195.6902
ProductVersion : 5.00.2195.6902
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Executable and Server DLL
(Export Version)
InternalName : lsasrv.dll and lsass.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : lsasrv.dll and lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 440
ThreadCreationTime : 2-18-2005 12:58:13 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe

#:7 [spoolsv.exe]
FilePath : C:\WINNT\system32\
ProcessID : 468
ThreadCreationTime : 2-18-2005 12:58:16 PM
BasePriority : Normal
FileVersion : 5.00.2195.6659
ProductVersion : 5.00.2195.6659
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : spoolss.exe

#:8 [ati2evxx.exe]
FilePath : C:\WINNT\System32\
ProcessID : 540
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal


#:9 [cdac11ba.exe]
FilePath : C:\WINNT\System32\drivers\
ProcessID : 552
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 4.16.050
ProductVersion : 4.16.050 Windows NT 2002/04/24
ProductName : SafeCast Windows NT
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
LegalCopyright : Copyright (c) 1998-2002
Macrovision Corp.
OriginalFilename : CDANTSRV.EXE
Comments : StringFileInfo: U.S. English

#:10 [defwatch.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ProcessID : 572
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 8.1.0.825
ProductVersion : 8.1.0.825
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Virus Definition Daemon
InternalName : DefWatch
LegalCopyright : Copyright © 1998 Symantec
Corporation
OriginalFilename : DefWatch.exe

#:11 [svchost.exe]
FilePath : C:\WINNT\System32\
ProcessID : 592
ThreadCreationTime : 2-18-2005 12:58:23 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe

#:12 [frameworkservice.exe]
FilePath : C:\ePOAgent\
ProcessID : 616
ThreadCreationTime : 2-18-2005 12:58:24 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Framework Service
InternalName : Framework
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : Framework.exe

#:13 [mdm.exe]
FilePath : C:\Program Files\Common
Files\Microsoft Shared\VS7Debug\
ProcessID : 716
ThreadCreationTime : 2-18-2005 12:58:29 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All
rights reserved.
OriginalFilename : mdm.exe

#:14 [regsvc.exe]
FilePath : C:\WINNT\system32\
ProcessID : 788
ThreadCreationTime : 2-18-2005 12:58:31 PM
BasePriority : Normal
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : REGSVC.EXE

#:15 [mstask.exe]
FilePath : C:\WINNT\system32\
ProcessID : 812
ThreadCreationTime : 2-18-2005 12:58:32 PM
BasePriority : Normal
FileVersion : 4.71.2195.6920
ProductVersion : 4.71.2195.6920
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright (C) Microsoft Corp. 1997
OriginalFilename : mstask.exe

#:16 [tcpsvcs.exe]
FilePath : C:\WINNT\system32\
ProcessID : 856
ThreadCreationTime : 2-18-2005 12:58:33 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : TCP/IP Services Application
InternalName : TCPSVCS.EXE
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : TCPSVCS.EXE

#:17 [mspmspsv.exe]
FilePath : C:\WINNT\System32\
ProcessID : 900
ThreadCreationTime : 2-18-2005 12:58:34 PM
BasePriority : Normal
FileVersion : 7.01.00.3055
ProductVersion : 7.01.00.3055
ProductName : Microsoft (R) DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright (C) Microsoft Corp.
1981-2000
OriginalFilename : MSPMSPSV.EXE

#:18 [svchost.exe]
FilePath : C:\WINNT\system32\
ProcessID : 920
ThreadCreationTime : 2-18-2005 12:58:34 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32
Services
InternalName : svchost.exe
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : svchost.exe

#:19 [naprdmgr.exe]
FilePath : C:\ePOAgent\
ProcessID : 964
ThreadCreationTime : 2-18-2005 12:58:40 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : NAI Product Manager
InternalName : Product Manager
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : naPrdMgr.exe

#:20 [explorer.exe]
FilePath : C:\WINNT\
ProcessID : 1236
ThreadCreationTime : 2-18-2005 12:59:23 PM
BasePriority : Normal
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
ProductName : Microsoft(R) Windows (R) 2000
Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright (C) Microsoft Corp.
1981-1999
OriginalFilename : EXPLORER.EXE

#:21 [atiptaxx.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1328
ThreadCreationTime : 2-18-2005 12:59:32 PM
BasePriority : Normal
FileVersion : 4.12.2470
ProductVersion : 4.12.2470
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Task Icon
InternalName : ATIPDSXX
LegalCopyright : Copyright (C) 1998-2000 ATI
Technologies Inc.
OriginalFilename : ATIPTAXX.DLL

#:22 [dadapp.exe]
FilePath : C:\Program
Files\DELL\AccessDirect\
ProcessID : 1332
ThreadCreationTime : 2-18-2005 12:59:33 PM
BasePriority : Normal


#:23 [tppaldr.exe]
FilePath : C:\WINNT\
ProcessID : 1312
ThreadCreationTime : 2-18-2005 12:59:33 PM
BasePriority : Normal
FileVersion : 5.04.1150.0
ProductVersion : 5.04.1150.0
ProductName : TPP Storage Adapter
CompanyName : In-System Design, Inc.
FileDescription : TPP Auto Loader Application
InternalName : TPPALDR.EXE
LegalCopyright : Copyright (C) 1998-2001 In-System
Design, Inc.
OriginalFilename : TPPALDR.EXE

#:24 [hpoopm07.exe]
FilePath : C:\WINNT\system32
\spool\DRIVERS\W32X86\
ProcessID : 872
ThreadCreationTime : 2-18-2005 12:59:34 PM
BasePriority : Normal


#:25 [createcd50.exe]
FilePath : C:\Program Files\Common
Files\Adaptec Shared\CreateCD\
ProcessID : 1384
ThreadCreationTime : 2-18-2005 12:59:36 PM
BasePriority : Normal
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
ProductName : Easy CD Creator
CompanyName : Roxio
FileDescription : Roxio Create CD
InternalName : createcd.exe
LegalCopyright : Copyright (c) 1999-2002 Roxio,
Inc.
OriginalFilename : createcd.exe

#:26 [directcd.exe]
FilePath : C:\Program Files\Roxio\Easy CD
Creator 5\DirectCD\
ProcessID : 1392
ThreadCreationTime : 2-18-2005 12:59:36 PM
BasePriority : Normal
FileVersion : 5.3.4.21
ProductVersion : 5.3.4.21
ProductName : DirectCD
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright (c) 2001,2002, Roxio,
Inc.
OriginalFilename : Directcd.exe

#:27 [syntplpr.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1400
ThreadCreationTime : 2-18-2005 12:59:37 PM
BasePriority : Normal
FileVersion : 7.2.12 17Mar03
ProductVersion : 7.2.12 17Mar03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright (C) Synaptics, Inc.
1996-2003
OriginalFilename : SynTPLpr.exe

#:28 [syntpenh.exe]
FilePath : C:\Program Files\Synaptics\SynTP\
ProcessID : 1408
ThreadCreationTime : 2-18-2005 12:59:37 PM
BasePriority : Normal
FileVersion : 7.2.12 17Mar03
ProductVersion : 7.2.12 17Mar03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright (C) Synaptics, Inc.
1996-2003
OriginalFilename : SynTPEnh.exe

#:29 [updaterui.exe]
FilePath : C:\ePOAgent\
ProcessID : 1420
ThreadCreationTime : 2-18-2005 12:59:38 PM
BasePriority : Normal
FileVersion : 3.5.0.412
ProductName : McAfee Common Framework
CompanyName : Network Associates, Inc.
FileDescription : Common User Interface
InternalName : UpdaterUI
LegalCopyright : Copyright© 2000-2004 Networks
Associates Technology, Inc. All Rights Reserved.
OriginalFilename : UpdaterUI.exe

#:30 [statusclient.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Toolbox2.0\Apache Tomcat 4.0
\webapps\Toolbox\StatusClient\
ProcessID : 1476
ThreadCreationTime : 2-18-2005 12:59:40 PM
BasePriority : Normal
FileVersion : 00.00.13
ProductVersion : 00.00.13
ProductName : Hewlett-Packard T-TR Status Client
CompanyName : Hewlett-Packard
FileDescription : Hewlett-Packard T-TR Status Client
InternalName : StatusClient.exe
LegalCopyright : Copyright © 2002 Hewlett-Packard
Company
LegalTrademarks : All Rights Reserved.
OriginalFilename : StatusClient.exe

#:31 [vptray.exe]
FilePath : C:\PROGRA~1\SYMANT~1\SYMANT~1\
ProcessID : 1516
ThreadCreationTime : 2-18-2005 12:59:42 PM
BasePriority : Normal
FileVersion : 8.1.0.825
ProductVersion : 8.1.0.825
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright (C) Symantec
Corporation 1991-2003

#:32 [gcasserv.exe]
FilePath : C:\Program Files\Microsoft
AntiSpyware\
ProcessID : 1536
ThreadCreationTime : 2-18-2005 12:59:42 PM
BasePriority : Idle
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Service
InternalName : gcasServ
LegalCopyright : Copyright © 2004-2005 Microsoft
Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are
registered trademarks of Microsoft Corporation. SpyNet(tm)
is a trademark of Microsoft Corporation.
OriginalFilename : gcasServ.exe

#:33 [ctfmon.exe]
FilePath : C:\WINNT\system32\
ProcessID : 1232
ThreadCreationTime : 2-18-2005 12:59:43 PM
BasePriority : Normal
FileVersion : 1.00.2409.7 built by: Lab06_N
ProductVersion : 1.00.2409.7
ProductName : Microsoft(R) Windows NT(R)
Operating System
CompanyName : Microsoft Corporation
FileDescription : Cicero Loader
InternalName : CICLOAD
LegalCopyright : Copyright (C) Microsoft
Corporation. 1981-2001
OriginalFilename : CICLOAD.EXE

#:34 [javaw.exe]
FilePath : C:\Program Files\Hewlett-
Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\
ProcessID : 1632
ThreadCreationTime : 2-18-2005 12:59:48 PM
BasePriority : Normal


#:35 [gcasdtserv.exe]
FilePath : C:\Program Files\Microsoft
AntiSpyware\
ProcessID : 1648
ThreadCreationTime : 2-18-2005 12:59:49 PM
BasePriority : Normal
FileVersion : 1.00.0509
ProductVersion : 1.00.0509
ProductName : Microsoft AntiSpyware (Beta 1)
CompanyName : Microsoft Corporation
FileDescription : Microsoft AntiSpyware Data Service
InternalName : gcasDtServ
LegalCopyright : Copyright © 2004-2005 Microsoft
Corporation. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are
registered trademarks of Microsoft Corporation. SpyNet(tm)
is a trademark of Microsoft Corporation.
OriginalFilename : gcasDtServ.exe

#:36 [hpzipm12.exe]
FilePath : C:\WINNT\system32\
ProcessID : 316
ThreadCreationTime : 2-18-2005 1:01:42 PM
BasePriority : Normal
FileVersion : 5, 0, 5, 3
ProductVersion : 5, 0, 5, 3
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-
Packard Company
OriginalFilename : PmlDrv.exe

#:37 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-
Aware SE Personal\
ProcessID : 940
ThreadCreationTime : 2-18-2005 1:56:18 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (e-mail address removed)
[1].txt
Category : Data Miner
Comment : Hits:5
Value :
Cookie:[email protected]/
Expires : 2-16-2006 1:27:16 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
fssep111@dcsgcxwngpifwznfzlmv83o6w_5w4m[1].txt
Category : Data Miner
Comment : Hits:4
Value :
Cookie:[email protected]/dcsgcxwngpifwznfz l
mv83o6w_5w4m
Expires : 2-14-2015 6:33:26 AM
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@S111319[1].txt
Category : Data Miner
Comment : Hits:6
Value :
Cookie:[email protected]/S111319
Expires : 12-31-2020 2:00:00 AM
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@bluestreak[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 2-15-2015 4:47:38 AM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@qksrv[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 2-15-2010 9:56:22 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@apmebf[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 2-15-2010 9:56:22 AM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@statcounter[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:[email protected]/
Expires : 2-15-2010 12:23:28 PM
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : (e-mail address removed)[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:[email protected]/
Expires : 3-18-2005 2:55:58 PM
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@mediaplex[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 6-21-2009 6:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@2o7[2].txt
Category : Data Miner
Comment : Hits:13
Value : Cookie:[email protected]/
Expires : 2-16-2010 7:47:04 AM
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : fssep111@zedo[2].txt
Category : Data Miner
Comment : Hits:11
Value : Cookie:[email protected]/
Expires : 2-15-2015 10:46:54 AM
LastSync : Hits:11
UseCount : 0
Hits : 11

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 11
Objects found so far: 11



Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\WINNT
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11

Disk Scan Result for C:\WINNT\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11

Disk Scan Result for C:\DOCUME~1\fssep111\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11


Scanning Hosts file......
Hosts file location:"C:\WINNT\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» »
»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 11



MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\nico mak
computing\winzip\filemenu
Description : winzip recently used archives


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\comdlg 3
2\opensavemru
Description : list of recently saved files,
stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\comdlg 3
2\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\windows\currentversion\explorer\recent d
ocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\office\10.0
\common\open find\microsoft word\settings\save as\file
name mru
Description : list of recent documents saved by
microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\office\10.0
\excel\recent files
Description : list of recent files used by
microsoft excel


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292
\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in
microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\internet explorer
Description : last download directory used in
microsoft internet explorer


MRU List Object Recognized!
Location: :
software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use
microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\internet
explorer\typedurls
Description : list of recently entered
addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292 \software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in
microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292 \software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft
windows media player


MRU List Object Recognized!
Location: : S-1-5-21-790525478-1708537768-
1801674531-18292\software\microsoft\windows
media\wmsdk\general
Description : windows media sdk


MRU List Object Recognized!
Location: : C:\Documents and Settings\fssep111
\Application Data\microsoft\office\recent
Description : list of recently opened documents
using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\fssep111
\recent
Description : list of recently opened documents



Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 26

7:57:36 AM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:01:08.388
Objects scanned:43768
Objects identified:11
Objects ignored:0
New critical objects:11



.
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Adware found this 6
1 Spyware Detected - - WRONG!! 2
DVD's will not play correctly. 2
Hijacking browser 8
[jf595.exe] in Windows Processes 1
"jf595.exe" in the Windows Processes 1
Alexa hidden hijacker 3
XP SP1 System Restore Fails with script error 1

Top