I am new to running Ad-Aware SE and just downloaded it so must have latest version. Each time I run it it detects 98 new critical objects. I select them to delete them and it says they are deleted. The pop-up and spyware problem recurs and I run the Ad-Aware again and the same critical problems appear. It does not seem to be deleting them. Anyone who can help?

Here is my log file:



Ad-Aware SE Build 1.05
Logfile Created on:Monday, 8 May 2006 1:21:30 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R106 02.05.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.Admess(TAC index:5):12 total references
Alexa(TAC index:5):29 total references
CoolWebSearch(TAC index:10):3 total references
DailyToolbar(TAC index:5):26 total references
MRU List(TAC index:0):13 total references
Tracking Cookie(TAC index:3):1 total references
Transponder(TAC index:10):2 total references
WinFavorites(TAC index:6):14 total references
VX2(TAC index:10):11 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


8-05-2006 1:21:30 PM - Scan started. (Smart mode)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 1060
ThreadCreationTime : 7-05-2006 9:37:14 PM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 1108
ThreadCreationTime : 7-05-2006 9:37:18 PM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 1132
ThreadCreationTime : 7-05-2006 9:37:19 PM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1176
ThreadCreationTime : 7-05-2006 9:37:20 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1188
ThreadCreationTime : 7-05-2006 9:37:20 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1376
ThreadCreationTime : 7-05-2006 9:37:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1420
ThreadCreationTime : 7-05-2006 9:37:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [msmpeng.exe]
FilePath : C:\Program Files\Windows Defender\
ProcessID : 1508
ThreadCreationTime : 7-05-2006 9:37:22 PM
BasePriority : Normal
FileVersion : 1.1.1347.0
ProductVersion : 1.1.1347.0
ProductName : Windows Defender
CompanyName : Microsoft Corporation
FileDescription : Service Executable
InternalName : MsMpEng.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : MsMpEng.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1580
ThreadCreationTime : 7-05-2006 9:37:24 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1676
ThreadCreationTime : 7-05-2006 9:37:24 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1824
ThreadCreationTime : 7-05-2006 9:37:25 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:12 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1904
ThreadCreationTime : 7-05-2006 9:37:25 PM
BasePriority : Normal
FileVersion : 2.1.10.2
ProductVersion : 2.1.10.2
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:13 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1920
ThreadCreationTime : 7-05-2006 9:37:25 PM
BasePriority : Normal
FileVersion : 5.5.1.6
ProductVersion : 5.5
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:14 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1952
ThreadCreationTime : 7-05-2006 9:37:26 PM
BasePriority : Normal
FileVersion : 2.1.10.2
ProductVersion : 2.1.10.2
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:15 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 348
ThreadCreationTime : 7-05-2006 9:37:27 PM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:16 [aluschedulersvc.exe]
FilePath : C:\Program Files\Symantec\LiveUpdate\
ProcessID : 604
ThreadCreationTime : 7-05-2006 9:37:33 PM
BasePriority : Normal
FileVersion : 3.0.0.160
ProductVersion : 3.0.0.160
ProductName : LiveUpdate
CompanyName : Symantec Corporation
FileDescription : Automatic LiveUpdate Scheduler Service
InternalName : Automatic LiveUpdate Scheduler Service
LegalCopyright : Copyright © 1996-2005 Symantec Corporation
OriginalFilename : ALUSchedulerSvc.exe

#:17 [ccproxy.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 628
ThreadCreationTime : 7-05-2006 9:37:33 PM
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Network Proxy Service
InternalName : ccProxy
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccProxy.exe

#:18 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\
ProcessID : 680
ThreadCreationTime : 7-05-2006 9:37:33 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:19 [navapsvc.exe]
FilePath : C:\Program Files\Norton Internet Security\Norton AntiVirus\
ProcessID : 720
ThreadCreationTime : 7-05-2006 9:37:33 PM
BasePriority : Normal
FileVersion : 10.00.2
ProductVersion : 10.00.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright © 2003 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:20 [savscan.exe]
FilePath : C:\Program Files\Norton Internet Security\Norton AntiVirus\
ProcessID : 776
ThreadCreationTime : 7-05-2006 9:37:33 PM
BasePriority : Normal

ProductVersion : 9.2
ProductName : Symantec AntiVirus AutoProtect
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus Scanner
InternalName : SAVSCAN
LegalCopyright : Copyright © 2004 Symantec Corporation
OriginalFilename : SAVSCAN.EXE

#:21 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 920
ThreadCreationTime : 7-05-2006 9:37:33 PM
BasePriority : Normal
FileVersion : 1, 8, 52, 9
ProductVersion : 1, 8, 52, 9
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe

#:22 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1096
ThreadCreationTime : 7-05-2006 9:37:34 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:23 [wanmpsvc.exe]
FilePath : C:\WINDOWS\
ProcessID : 1672
ThreadCreationTime : 7-05-2006 9:37:37 PM
BasePriority : Normal
FileVersion : 7, 0, 0, 2
ProductVersion : 7, 0, 0, 2
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : Wan Miniport (ATW) Service
InternalName : WanMPSvc
LegalCopyright : Copyright © 2001 America Online, Inc.
OriginalFilename : WanMPSvc.exe

#:24 [symwsc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\Security Center\
ProcessID : 1880
ThreadCreationTime : 7-05-2006 9:37:37 PM
BasePriority : Normal
FileVersion : 2005.1.2.20
ProductVersion : 2005.1
ProductName : Norton Security Center
CompanyName : Symantec Corporation
FileDescription : Norton Security Center Service
InternalName : SymWSC.exe
LegalCopyright : Copyright © 1997-2004 Symantec Corporation
OriginalFilename : SymWSC.exe

#:25 [smax4pnp.exe]
FilePath : C:\Program Files\Analog Devices\Core\
ProcessID : 2396
ThreadCreationTime : 7-05-2006 9:37:40 PM
BasePriority : Normal
FileVersion : 5, 2, 0, 5
ProductVersion : 5, 2, 0, 5
ProductName : SMax4PNP Application
CompanyName : Analog Devices, Inc.
FileDescription : SMax4PNP MFC Application
InternalName : SMax4PNP
LegalCopyright : Copyright © 2002-2004 Analog Devices
OriginalFilename : SMax4PNP.EXE

#:26 [jusched.exe]
FilePath : C:\Program Files\Java\j2re1.4.2_03\bin\
ProcessID : 2452
ThreadCreationTime : 7-05-2006 9:37:41 PM
BasePriority : Normal


#:27 [pcmservice.exe]
FilePath : C:\Program Files\Dell\Media Experience\
ProcessID : 2520
ThreadCreationTime : 7-05-2006 9:37:41 PM
BasePriority : Normal
FileVersion : 1.0.1611
ProductVersion : 1.0.1611
ProductName : PCM2Launcher Application
CompanyName : CyberLink Corp.
FileDescription : PowerCinema Resident Program for Dell
InternalName : PowerCinema Resident Program for Dell
LegalCopyright : Copyright c 2003 CyberLink Corp.
OriginalFilename : PCM2Launcher.EXE

#:28 [intelmem.exe]
FilePath : C:\Program Files\Intel\Modem Event Monitor\
ProcessID : 2528
ThreadCreationTime : 7-05-2006 9:37:41 PM
BasePriority : Normal
FileVersion : 0, 1, 0, 10
ProductVersion : 0, 1, 0, 10
ProductName : Intel Modem Event Monitor Application
CompanyName : Intel Corporation
FileDescription : Modem Event Monitor Application
InternalName : Modem Event Monitor
LegalCopyright : Copyright © 2003
OriginalFilename : IntelMEM.exe

#:29 [dvdlauncher.exe]
FilePath : C:\Program Files\CyberLink\PowerDVD\
ProcessID : 2620
ThreadCreationTime : 7-05-2006 9:37:41 PM
BasePriority : Normal
FileVersion : 3.00.0000
ProductVersion : 3.00.0000
ProductName : Cyberlink PowerCinema 3.0
CompanyName : CyberLink Corp.
FileDescription : CyberLink PowerCinema Resident Program
InternalName : CyberLink PowerCinema Resident Program
LegalCopyright : Copyright © 2003 CyberLink Corp.
OriginalFilename : DVDLauncher.EXE

#:30 [realplay.exe]
FilePath : C:\Program Files\Real\RealPlayer\
ProcessID : 2688
ThreadCreationTime : 7-05-2006 9:37:41 PM
BasePriority : Normal
FileVersion : 6.0.9.584
ProductVersion : 6.0.9.584
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealPlayer
InternalName : REALPLAY
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2000
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : REALPLAY.EXE

#:31 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 2748
ThreadCreationTime : 7-05-2006 9:37:42 PM
BasePriority : Normal
FileVersion : 2.1.10.2
ProductVersion : 2.1.10.2
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:32 [tfswctrl.exe]
FilePath : C:\WINDOWS\system32\dla\
ProcessID : 2852
ThreadCreationTime : 7-05-2006 9:37:42 PM
BasePriority : Normal
FileVersion : 1.04.08a
CompanyName : Sonic Solutions
FileDescription : Drive Letter Access Component
LegalCopyright : Copyright © 2004 Sonic Solutions

#:33 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2860
ThreadCreationTime : 7-05-2006 9:37:42 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:34 [hkcmd.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2924
ThreadCreationTime : 7-05-2006 9:37:42 PM
BasePriority : Normal
FileVersion : 3.0.0.4396
ProductVersion : 7.0.0.4396
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : HKCMD.EXE

#:35 [igfxpers.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2948
ThreadCreationTime : 7-05-2006 9:37:42 PM
BasePriority : Normal
FileVersion : 3.0.0.4396
ProductVersion : 7.0.0.4396
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : persistence Module
InternalName : PERSISTENCE
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : IGFXPERS.EXE

#:36 [msascui.exe]
FilePath : C:\Program Files\Windows Defender\
ProcessID : 3120
ThreadCreationTime : 7-05-2006 9:37:43 PM
BasePriority : Normal
FileVersion : 1.1.1347.0
ProductVersion : 1.1.1347.0
ProductName : Windows Defender
CompanyName : Microsoft Corporation
FileDescription : Windows Defender User Interface
InternalName : MSASCUI
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : MSASCUI.exe

#:37 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3264
ThreadCreationTime : 7-05-2006 9:37:44 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:38 [wcescomm.exe]
FilePath : C:\Program Files\Microsoft ActiveSync\
ProcessID : 3300
ThreadCreationTime : 7-05-2006 9:37:44 PM
BasePriority : Normal
FileVersion : 3.8.0.5004
ProductVersion : 3.8.5004
ProductName : Microsoft ActiveSync
CompanyName : Microsoft Corporation
FileDescription : ActiveSync Connection Manager
InternalName : wcescomm
LegalCopyright : Copyright © 1995-2004 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.
OriginalFilename : WCESCOMM.EXE

#:39 [osa.exe]
FilePath : C:\Program Files\Microsoft Office\Office\
ProcessID : 3588
ThreadCreationTime : 7-05-2006 9:37:47 PM
BasePriority : Normal


#:40 [wywo32.exe]
FilePath : \\RECEPTION8135\Workdata\wywo\
ProcessID : 3856
ThreadCreationTime : 7-05-2006 9:37:48 PM
BasePriority : Normal


#:41 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 852
ThreadCreationTime : 7-05-2006 9:37:50 PM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:42 [outlook.exe]
FilePath : C:\Program Files\Microsoft Office\OFFICE11\
ProcessID : 2600
ThreadCreationTime : 7-05-2006 9:40:17 PM
BasePriority : Normal


#:43 [winword.exe]
FilePath : C:\Program Files\Microsoft Office\OFFICE11\
ProcessID : 1776
ThreadCreationTime : 7-05-2006 9:40:25 PM
BasePriority : Normal


#:44 [winsrv32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3340
ThreadCreationTime : 7-05-2006 9:41:05 PM
BasePriority : Normal
FileVersion : 1.00
ProductVersion : 1.00
ProductName : Windows Security Center
CompanyName : Microsoft
InternalName : main
LegalCopyright : © Microsoft 2006
OriginalFilename : main.dat
Comments : Protect Your computer against adware

#:45 [wcesmgr.exe]
FilePath : C:\Program Files\Microsoft ActiveSync\
ProcessID : 2828
ThreadCreationTime : 7-05-2006 10:29:20 PM
BasePriority : Normal
FileVersion : 3.8.0.5004
ProductVersion : 3.8.5004
ProductName : Microsoft ActiveSync
CompanyName : Microsoft Corporation
FileDescription : ActiveSync Application
InternalName : wcesmgr
LegalCopyright : Copyright © 1995-2004 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.
OriginalFilename : WCESMGR.EXE

#:46 [wmplayer.exe]
FilePath : C:\Program Files\Windows Media Player\
ProcessID : 3756
ThreadCreationTime : 8-05-2006 1:18:20 AM
BasePriority : Normal
FileVersion : 9.00.00.3250
ProductVersion : 9.00.00.3250
ProductName : Microsoft® Windows Media Player
CompanyName : Microsoft Corporation
FileDescription : Windows Media Player
InternalName : WMPLAYER.EXE
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WMPLAYER.EXE

#:47 [hh.exe]
FilePath : C:\WINDOWS\
ProcessID : 3552
ThreadCreationTime : 8-05-2006 1:30:48 AM
BasePriority : Normal
FileVersion : 5.2.3790.2453 (srv03_sp1_gdr.050525-1542)
ProductVersion : 5.2.3790.2453
ProductName : HTML Help
CompanyName : Microsoft Corporation
FileDescription : Microsoft® HTML Help Executable
InternalName : HH 1.41
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : HH.exe

#:48 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 2136
ThreadCreationTime : 8-05-2006 2:30:58 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:49 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3724
ThreadCreationTime : 8-05-2006 3:21:24 AM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adware.Admess Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{f6bdb4e5-d6aa-4d1f-8b67-bcb0f2246e21}

Adware.Admess Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{f6bdb4e5-d6aa-4d1f-8b67-bcb0f2246e21}
Value :

Adware.Admess Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\wstart.dll

Adware.Admess Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\wstart.dll
Value : WStart

Adware.Admess Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{9896231a-c487-43a5-8369-6ec9b0a96cc0}

Adware.Admess Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{9896231a-c487-43a5-8369-6ec9b0a96cc0}
Value :

Adware.Admess Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wstart.whttphelper

Adware.Admess Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wstart.whttphelper
Value :

Adware.Admess Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wstart.whttphelper.1

Adware.Admess Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wstart.whttphelper.1
Value :

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : alxtb.bho

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : alxtb.bho
Value :

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{f1fabe79-25fc-46de-8c5a-2c6db9d64333}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{f1fabe79-25fc-46de-8c5a-2c6db9d64333}
Value :

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{0bbb0424-e98e-4405-9a94-481854765c80}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{0bbb0424-e98e-4405-9a94-481854765c80}
Value :

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{0f3332b5-bc98-48af-9fac-05fec94ebe73}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{0f3332b5-bc98-48af-9fac-05fec94ebe73}
Value :

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{3e60160f-0ed6-4dcc-b6b6-850cde4fd217}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{3e60160f-0ed6-4dcc-b6b6-850cde4fd217}
Value :

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a69107cc-bec8-4a34-b474-211b0f46a764}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a69107cc-bec8-4a34-b474-211b0f46a764}
Value :

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{b7b84995-8b92-46bf-94aa-fa2f3dd23b84}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{b7b84995-8b92-46bf-94aa-fa2f3dd23b84}
Value :

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{fa77ad79-09cf-41fb-b171-cc856f9e737f}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{fa77ad79-09cf-41fb-b171-cc856f9e737f}
Value :

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : popmenu.menu

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : popmenu.menu
Value : PopMenu

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : popup.popupkiller

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : popup.popupkiller
Value : PopupKiller

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{547ab549-4dd8-4ea0-b070-f6ea062148ff}

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{547ab549-4dd8-4ea0-b070-f6ea062148ff}
Value :

DailyToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\dailytoolbar.dll

DailyToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\dailytoolbar.dll
Value : DailyToolbar

DailyToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{951b3138-ae8e-4676-a05a-250a5f111631}

DailyToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{951b3138-ae8e-4676-a05a-250a5f111631}
Value :

DailyToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{58f9b276-e1cc-458e-8159-21cbc021874b}

DailyToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{58f9b276-e1cc-458e-8159-21cbc021874b}
Value :

DailyToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{8333c319-0669-4893-a418-f56d9249fca6}

DailyToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{8333c319-0669-4893-a418-f56d9249fca6}
Value :

DailyToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dailytoolbar.ieband

DailyToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dailytoolbar.ieband
Value : DailyToolbar

DailyToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dailytoolbar.sysmgr

DailyToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dailytoolbar.sysmgr
Value : DailyToolbar

DailyToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ietoolbar.affiliatectl

DailyToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ietoolbar.affiliatectl
Value : IEToolbar

DailyToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{10195311-e434-47a9-adba-48839e3f7e4e}

DailyToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{10195311-e434-47a9-adba-48839e3f7e4e}
Value :

DailyToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{abafa0b4-f78d-42e5-8c31-1a441d01c1df}

DailyToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{abafa0b4-f78d-42e5-8c31-1a441d01c1df}
Value :

WinFavorites Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : bridge.brdg

WinFavorites Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : bridge.brdg
Value : Bridge

WinFavorites Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{80bb7465-a638-43b5-9827-8e8fe38dfcc1}

WinFavorites Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{80bb7465-a638-43b5-9827-8e8fe38dfcc1}
Value :

WinFavorites Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : jao.jao

WinFavorites Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : jao.jao
Value : jao

WinFavorites Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{c094876d-1b0e-46fa-b6a6-7ffc0f970c27}

WinFavorites Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{c094876d-1b0e-46fa-b6a6-7ffc0f970c27}
Value :

Adware.Admess Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\wsoft

Adware.Admess Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\wsoft
Value : WSoft

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\alexa internet

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\alexa internet
Value : Alexa Internet

CoolWebSearch Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{7b55bb05-0b4d-44fd-81a6-b136188f5deb}

CoolWebSearch Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{7b55bb05-0b4d-44fd-81a6-b136188f5deb}
Value :

DailyToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\dailytoolbar

DailyToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\dailytoolbar
Value : DailyToolbar

DailyToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\nix solutions\dailytoolbar

DailyToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\nix solutions\dailytoolbar
Value : DailyToolbar

Transponder Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\transponder

Transponder Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\transponder
Value : Adware.Srv32

VX2 Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\respondmiter

VX2 Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\respondmiter
Value : Adware.Srv32

VX2 Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{ffd2825e-0785-40c5-9a41-518f53a8261f}

VX2 Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{ffd2825e-0785-40c5-9a41-518f53a8261f}
Value :

VX2 Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-f09c-02b4-6ec2-ad0300000000}

VX2 Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-f09c-02b4-6ec2-ad0300000000}
Value :

VX2 Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-c1ec-0345-6ec2-4d0300000000}

VX2 Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-c1ec-0345-6ec2-4d0300000000}
Value :

VX2 Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-59d4-4008-9058-080011001200}

VX2 Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{00000000-59d4-4008-9058-080011001200}
Value :

And the balance of my log file:

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 80
Objects found so far: 80


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

DailyToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8333c319-0669-4893-a418-f56d9249fca6}

DailyToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8333c319-0669-4893-a418-f56d9249fca6}
Value :

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 82


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : daniel@cgi-bin[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:daniel@imrworldwide.com/cgi-bin
Expires : 5-05-2016 12:31:02 PM
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 83



Deep scanning and examining files...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 83

Disk Scan Result for C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 83

Disk Scan Result for C:\DOCUME~1\Daniel\LOCALS~1\Temp\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 83


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 83



MRU List Object Recognized!
Location: : C:\Documents and Settings\Daniel\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\Daniel\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\office\11.0\common\open find\microsoft office word\settings\open\file name mru
Description : list of recent documents opened by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\office\11.0\common\open find\microsoft office word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\alexa toolbar

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\alexa toolbar
Value : \Alexa Toolbar

Alexa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\alexa toolbar

Alexa Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\alexa toolbar
Value :

Alexa Object Recognized!
Type : File
Data : alxres.dll
Category : Data Miner
Comment :
Object : C:\WINDOWS\system32\



DailyToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\nix solutions

DailyToolbar Object Recognized!
Type : File
Data : dailytoolbar.dll
Category : Misc
Comment :
Object : C:\WINDOWS\system32\



WinFavorites Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{4fdbdbad-fefe-4c4c-9cc1-1181052afb12}

WinFavorites Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{4fdbdbad-fefe-4c4c-9cc1-1181052afb12}
Value :

WinFavorites Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\bridge

WinFavorites Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\bridge
Value :

WinFavorites Object Recognized!
Type : File
Data : a.exe
Category : Malware
Comment :
Object : C:\WINDOWS\system32\



WinFavorites Object Recognized!
Type : File
Data : bridge.dll
Category : Malware
Comment :
Object : C:\WINDOWS\system32\



CoolWebSearch Object Recognized!
Type : RegData
Data : about:blank
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main
Value : Start Page
Data : about:blank

VX2 Object Recognized!
Type : File
Data : ZServ.dll
Category : Malware
Comment :
Object : C:\WINDOWS\



Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 15
Objects found so far: 111

1:23:51 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:02:20.641
Objects scanned:81292
Objects identified:98
Objects ignored:0
New critical objects:98

DC39,

Where did you download your copy of
as it is an old version.
Please can you make sure that you are using
Ad-aware SE Build 106
[if not Uninstall your old Ad-aware first then install SE]
Then use the WebUpDate
to get the latest Definition file
(SE1R106 02.05.2006)
To do this Open Ad-aware
Click the WebUpDate
button at the top right hand side of the Ad-aware screen (The world globe).
Click "Connect"
Ad-aware will then download the latest Definition file for you.
To make sure it is updated , look at the main
Ad-aware screen, and look under "Initialization Status"
It should say the Latest Definition file.
then scan doing a "Full Scan" and then post your logfile here by using the Add-Reply Feature .
As Logs are stored in :
C:\Documents and Settings\USERNAME\Application Data\Lavasoft\Ad-aware\Logs\.
An easy way to get there is to
click Start,
click Run
And type in and press ENTER: %appdata%
then click Lavasoft
then Ad-Aware
and then Logs.
scroll down to find the latest one that you have
(by date & time)
and open it right Click select all
copy and then paste the contents of it here.
(Make sure that all of your Logfile has been posted, sometimes it will require two post's to get it all)
I recommend that you use the WebUpDate just before you scan that way you will always be up to date.

(note The Application Data is a hidden folder, so you will need to show hidden files and folders
and for Windows 98/ME users your logs are stored in
C:\WINDOWS\All Users\Application Data\ ) by default

GRAFX

GRAFX, here is my latest logfil after following your instrucitons:

Ad-Aware SE Build 1.06r1
Logfile Created on:Tuesday, 9 May 2006 8:23:38 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R106 02.05.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.Admess(TAC index:5):6 total references
Alexa(TAC index:5):16 total references
CoolWebSearch(TAC index:10):3 total references
DailyToolbar(TAC index:5):14 total references
MRU List(TAC index:0):14 total references
Tracking Cookie(TAC index:3):5 total references
Transponder(TAC index:10):1 total references
WinFavorites(TAC index:6):9 total references
VX2(TAC index:10):6 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


9-05-2006 8:23:38 PM - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\Daniel\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office


MRU List Object Recognized!
Location: : C:\Documents and Settings\Daniel\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\office\11.0\common\open find\microsoft office word\settings\open\file name mru
Description : list of recent documents opened by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\office\11.0\common\open find\microsoft office word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-1681049455-2992009333-3971619959-1007\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 1060
ThreadCreationTime : 8-05-2006 9:10:22 PM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 1108
ThreadCreationTime : 8-05-2006 9:10:25 PM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 1132
ThreadCreationTime : 8-05-2006 9:10:26 PM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1176
ThreadCreationTime : 8-05-2006 9:10:27 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1188
ThreadCreationTime : 8-05-2006 9:10:27 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1380
ThreadCreationTime : 8-05-2006 9:10:29 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1428
ThreadCreationTime : 8-05-2006 9:10:29 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [msmpeng.exe]
FilePath : C:\Program Files\Windows Defender\
ProcessID : 1516
ThreadCreationTime : 8-05-2006 9:10:30 PM
BasePriority : Normal
FileVersion : 1.1.1347.0
ProductVersion : 1.1.1347.0
ProductName : Windows Defender
CompanyName : Microsoft Corporation
FileDescription : Service Executable
InternalName : MsMpEng.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : MsMpEng.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1556
ThreadCreationTime : 8-05-2006 9:10:30 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1632
ThreadCreationTime : 8-05-2006 9:10:30 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1716
ThreadCreationTime : 8-05-2006 9:10:30 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:12 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1788
ThreadCreationTime : 8-05-2006 9:10:31 PM
BasePriority : Normal
FileVersion : 2.1.10.2
ProductVersion : 2.1.10.2
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:13 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1812
ThreadCreationTime : 8-05-2006 9:10:31 PM
BasePriority : Normal
FileVersion : 5.5.1.6
ProductVersion : 5.5
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:14 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1944
ThreadCreationTime : 8-05-2006 9:10:31 PM
BasePriority : Normal
FileVersion : 2.1.10.2
ProductVersion : 2.1.10.2
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:15 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 344
ThreadCreationTime : 8-05-2006 9:10:33 PM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:16 [aluschedulersvc.exe]
FilePath : C:\Program Files\Symantec\LiveUpdate\
ProcessID : 600
ThreadCreationTime : 8-05-2006 9:10:39 PM
BasePriority : Normal
FileVersion : 3.0.0.160
ProductVersion : 3.0.0.160
ProductName : LiveUpdate
CompanyName : Symantec Corporation
FileDescription : Automatic LiveUpdate Scheduler Service
InternalName : Automatic LiveUpdate Scheduler Service
LegalCopyright : Copyright © 1996-2005 Symantec Corporation
OriginalFilename : ALUSchedulerSvc.exe

#:17 [ccproxy.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 624
ThreadCreationTime : 8-05-2006 9:10:39 PM
BasePriority : Normal
FileVersion : 2.1.6.3
ProductVersion : 2.1.6.3
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client Network Proxy Service
InternalName : ccProxy
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccProxy.exe

#:18 [mdm.exe]
FilePath : C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\
ProcessID : 676
ThreadCreationTime : 8-05-2006 9:10:40 PM
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:19 [navapsvc.exe]
FilePath : C:\Program Files\Norton Internet Security\Norton AntiVirus\
ProcessID : 716
ThreadCreationTime : 8-05-2006 9:10:40 PM
BasePriority : Normal
FileVersion : 10.00.2
ProductVersion : 10.00.2
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2004 for Windows 98/ME/2000/XP Copyright © 2003 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:20 [savscan.exe]
FilePath : C:\Program Files\Norton Internet Security\Norton AntiVirus\
ProcessID : 768
ThreadCreationTime : 8-05-2006 9:10:40 PM
BasePriority : Normal

ProductVersion : 9.2
ProductName : Symantec AntiVirus AutoProtect
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus Scanner
InternalName : SAVSCAN
LegalCopyright : Copyright © 2004 Symantec Corporation
OriginalFilename : SAVSCAN.EXE

#:21 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 916
ThreadCreationTime : 8-05-2006 9:10:40 PM
BasePriority : Normal
FileVersion : 1, 8, 52, 9
ProductVersion : 1, 8, 52, 9
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe

#:22 [wanmpsvc.exe]
FilePath : C:\WINDOWS\
ProcessID : 956
ThreadCreationTime : 8-05-2006 9:10:41 PM
BasePriority : Normal
FileVersion : 7, 0, 0, 2
ProductVersion : 7, 0, 0, 2
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : Wan Miniport (ATW) Service
InternalName : WanMPSvc
LegalCopyright : Copyright © 2001 America Online, Inc.
OriginalFilename : WanMPSvc.exe

#:23 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1344
ThreadCreationTime : 8-05-2006 9:10:42 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:24 [symwsc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\Security Center\
ProcessID : 1860
ThreadCreationTime : 8-05-2006 9:10:44 PM
BasePriority : Normal
FileVersion : 2005.1.2.20
ProductVersion : 2005.1
ProductName : Norton Security Center
CompanyName : Symantec Corporation
FileDescription : Norton Security Center Service
InternalName : SymWSC.exe
LegalCopyright : Copyright © 1997-2004 Symantec Corporation
OriginalFilename : SymWSC.exe

#:25 [smax4pnp.exe]
FilePath : C:\Program Files\Analog Devices\Core\
ProcessID : 2420
ThreadCreationTime : 8-05-2006 9:10:47 PM
BasePriority : Normal
FileVersion : 5, 2, 0, 5
ProductVersion : 5, 2, 0, 5
ProductName : SMax4PNP Application
CompanyName : Analog Devices, Inc.
FileDescription : SMax4PNP MFC Application
InternalName : SMax4PNP
LegalCopyright : Copyright © 2002-2004 Analog Devices
OriginalFilename : SMax4PNP.EXE

#:26 [jusched.exe]
FilePath : C:\Program Files\Java\j2re1.4.2_03\bin\
ProcessID : 2444
ThreadCreationTime : 8-05-2006 9:10:47 PM
BasePriority : Normal


#:27 [pcmservice.exe]
FilePath : C:\Program Files\Dell\Media Experience\
ProcessID : 2452
ThreadCreationTime : 8-05-2006 9:10:47 PM
BasePriority : Normal
FileVersion : 1.0.1611
ProductVersion : 1.0.1611
ProductName : PCM2Launcher Application
CompanyName : CyberLink Corp.
FileDescription : PowerCinema Resident Program for Dell
InternalName : PowerCinema Resident Program for Dell
LegalCopyright : Copyright c 2003 CyberLink Corp.
OriginalFilename : PCM2Launcher.EXE

#:28 [intelmem.exe]
FilePath : C:\Program Files\Intel\Modem Event Monitor\
ProcessID : 2460
ThreadCreationTime : 8-05-2006 9:10:47 PM
BasePriority : Normal
FileVersion : 0, 1, 0, 10
ProductVersion : 0, 1, 0, 10
ProductName : Intel Modem Event Monitor Application
CompanyName : Intel Corporation
FileDescription : Modem Event Monitor Application
InternalName : Modem Event Monitor
LegalCopyright : Copyright © 2003
OriginalFilename : IntelMEM.exe

#:29 [dvdlauncher.exe]
FilePath : C:\Program Files\CyberLink\PowerDVD\
ProcessID : 2524
ThreadCreationTime : 8-05-2006 9:10:48 PM
BasePriority : Normal
FileVersion : 3.00.0000
ProductVersion : 3.00.0000
ProductName : Cyberlink PowerCinema 3.0
CompanyName : CyberLink Corp.
FileDescription : CyberLink PowerCinema Resident Program
InternalName : CyberLink PowerCinema Resident Program
LegalCopyright : Copyright © 2003 CyberLink Corp.
OriginalFilename : DVDLauncher.EXE

#:30 [realplay.exe]
FilePath : C:\Program Files\Real\RealPlayer\
ProcessID : 2592
ThreadCreationTime : 8-05-2006 9:10:48 PM
BasePriority : Normal
FileVersion : 6.0.9.584
ProductVersion : 6.0.9.584
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealPlayer
InternalName : REALPLAY
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2000
LegalTrademarks : RealAudio™ is a trademark of RealNetworks, Inc.
OriginalFilename : REALPLAY.EXE

#:31 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 2600
ThreadCreationTime : 8-05-2006 9:10:48 PM
BasePriority : Normal
FileVersion : 2.1.10.2
ProductVersion : 2.1.10.2
ProductName : Common Client
CompanyName : Symantec Corporation
FileDescription : Common Client User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2003 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:32 [tfswctrl.exe]
FilePath : C:\WINDOWS\system32\dla\
ProcessID : 2808
ThreadCreationTime : 8-05-2006 9:10:48 PM
BasePriority : Normal
FileVersion : 1.04.08a
CompanyName : Sonic Solutions
FileDescription : Drive Letter Access Component
LegalCopyright : Copyright © 2004 Sonic Solutions

#:33 [hkcmd.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2920
ThreadCreationTime : 8-05-2006 9:10:49 PM
BasePriority : Normal
FileVersion : 3.0.0.4396
ProductVersion : 7.0.0.4396
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : HKCMD.EXE

#:34 [igfxpers.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2928
ThreadCreationTime : 8-05-2006 9:10:49 PM
BasePriority : Normal
FileVersion : 3.0.0.4396
ProductVersion : 7.0.0.4396
ProductName : Intel® Common User Interface
CompanyName : Intel Corporation
FileDescription : persistence Module
InternalName : PERSISTENCE
LegalCopyright : Copyright 1999-2004, Intel Corporation
OriginalFilename : IGFXPERS.EXE

#:35 [msascui.exe]
FilePath : C:\Program Files\Windows Defender\
ProcessID : 2956
ThreadCreationTime : 8-05-2006 9:10:49 PM
BasePriority : Normal
FileVersion : 1.1.1347.0
ProductVersion : 1.1.1347.0
ProductName : Windows Defender
CompanyName : Microsoft Corporation
FileDescription : Windows Defender User Interface
InternalName : MSASCUI
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : MSASCUI.exe

#:36 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3112
ThreadCreationTime : 8-05-2006 9:10:50 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:37 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 3180
ThreadCreationTime : 8-05-2006 9:10:51 PM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe

#:38 [wcescomm.exe]
FilePath : C:\Program Files\Microsoft ActiveSync\
ProcessID : 3224
ThreadCreationTime : 8-05-2006 9:10:51 PM
BasePriority : Normal
FileVersion : 3.8.0.5004
ProductVersion : 3.8.5004
ProductName : Microsoft ActiveSync
CompanyName : Microsoft Corporation
FileDescription : ActiveSync Connection Manager
InternalName : wcescomm
LegalCopyright : Copyright © 1995-2004 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.
OriginalFilename : WCESCOMM.EXE

#:39 [osa.exe]
FilePath : C:\Program Files\Microsoft Office\Office\
ProcessID : 3428
ThreadCreationTime : 8-05-2006 9:10:54 PM
BasePriority : Normal


#:40 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3608
ThreadCreationTime : 8-05-2006 9:10:54 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:41 [winsrv32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3652
ThreadCreationTime : 8-05-2006 9:18:40 PM
BasePriority : Normal
FileVersion : 1.00
ProductVersion : 1.00
ProductName : Windows Security Center
CompanyName : Microsoft
InternalName : main
LegalCopyright : © Microsoft 2006
OriginalFilename : main.dat
Comments : Protect Your computer against adware

#:42 [wcesmgr.exe]
FilePath : C:\Program Files\Microsoft ActiveSync\
ProcessID : 1400
ThreadCreationTime : 8-05-2006 9:41:17 PM
BasePriority : Normal
FileVersion : 3.8.0.5004
ProductVersion : 3.8.5004
ProductName : Microsoft ActiveSync
CompanyName : Microsoft Corporation
FileDescription : ActiveSync Application
InternalName : wcesmgr
LegalCopyright : Copyright © 1995-2004 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.
OriginalFilename : WCESMGR.EXE

#:43 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 1256
ThreadCreationTime : 9-05-2006 10:23:16 AM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 14


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adware.Admess Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{f6bdb4e5-d6aa-4d1f-8b67-bcb0f2246e21}

Adware.Admess Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\wstart.dll

Adware.Admess Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{9896231a-c487-43a5-8369-6ec9b0a96cc0}

Adware.Admess Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wstart.whttphelper

Adware.Admess Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : wstart.whttphelper.1

Alexa Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : alxtb.bho

Alexa Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{f1fabe79-25fc-46de-8c5a-2c6db9d64333}

Alexa Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{0bbb0424-e98e-4405-9a94-481854765c80}

Alexa Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{0f3332b5-bc98-48af-9fac-05fec94ebe73}

Alexa Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{3e60160f-0ed6-4dcc-b6b6-850cde4fd217}

Alexa Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a69107cc-bec8-4a34-b474-211b0f46a764}

Alexa Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{b7b84995-8b92-46bf-94aa-fa2f3dd23b84}

Alexa Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{fa77ad79-09cf-41fb-b171-cc856f9e737f}

Alexa Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : popmenu.menu

Alexa Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : popup.popupkiller

Alexa Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{547ab549-4dd8-4ea0-b070-f6ea062148ff}

DailyToolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\dailytoolbar.dll

DailyToolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{951b3138-ae8e-4676-a05a-250a5f111631}

DailyToolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{58f9b276-e1cc-458e-8159-21cbc021874b}

DailyToolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{8333c319-0669-4893-a418-f56d9249fca6}

DailyToolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dailytoolbar.ieband

DailyToolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : dailytoolbar.sysmgr

DailyToolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : ietoolbar.affiliatectl

DailyToolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{10195311-e434-47a9-adba-48839e3f7e4e}

DailyToolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 5
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{abafa0b4-f78d-42e5-8c31-1a441d01c1df}

WinFavorites Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : bridge.brdg

WinFavorites Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{80bb7465-a638-43b5-9827-8e8fe38dfcc1}

WinFavorites Object Recognized!
Type : Regkey
Data :
TAC Rating : 6
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : jao.jao

DC39,
Now this is going to take a few scan please follow these instructions carefully, and in the order given
Can you please go and download a plug-in (i.e.: vx2cleaner.exe) that will assist you in the cleanup of your PC. (if you have not already have done so)
After you have downloaded and installed the VX2 Plug-in as described there,
DO NOT RUN IT YET
please can you clear out your cache folder ie: temporary internet folder.
There are some free programs that you can use that will do that for you if needed like
CCleaner
(Note in CCleaner: go to >options > advanced > Uncheck "Only delete files in Windows Temp folders older than 48 hours"). but see CCleaner Set up
Then open Ad-Aware SE use the WebUpDate to ensure that you have the latest Definitions File then close Ad-Aware SE.
Now please save and close any open programs and disconnect from the internet.
(For broadband/cable users, it is recommended that you disconnect the cable connection)
Then
Please Reboot (i.e.: Re-start your PC)
Then open Ad-Aware SE but nothing else.

Please can you un-tick this option if you have it ticked
"Include negligible objects information".

To do this Open Ad-aware SE
Click “settings� (the Gear)
then Click “Tweaks“,
then click Scanning engine,
then un-tick "Include negligible objects information".
And then click the proceed button.
Now please scan doing a "Full Scan".
When the scan has finished select Next. In the Scanning Results window select the "Scan Summary" tab. tick the box next to a "target family’" you wish to remove. Click next, Click OK.
then rescan and do the same thing till you have removed all the "target family's"
Then please run the VX2 cleaner by Selecting the VX2 Cleaner plug-in and click “Run Plug-in� Select “Clean System�
Then please Reboot (i.e.: Re-start your PC)
Then after your PC has restarted please open Ad-Aware SE, but nothing else and
scan doing a "Full Scan". then and once the scan has finished mark and remove items then Reboot (i.e.: Re-start your PC)
Then re-scan doing a "Full Scan" and then post your log file here by using the Add-Reply Feature.

GRAFX