Ad-Aware SE Build 1.06r1
Logfile Created on:Wednesday, September 06, 2006 10:50:17 PM
Using definitions file:SE1R121 28.08.2006
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ

References detected during the scan:
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ
Adware.Pop(TAC index:3):2 total references
MRU List(TAC index:0):27 total references
Win32.Spyware.Acoona(TAC index:7):5 total references
Win32.TrojanDownloader.Small(TAC index:7):2 total references
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Ignore spanned files when scanning cab archives
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Block pop-ups aggressively
Set : Automatically select problematic objects in results lists
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Backup current definitions file before updating
Set : Play sound at scan completion if scan locates critical objects


9-6-2006 10:50:17 PM - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\Mike\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\mediaplayer\preferences
Description : last cd record path used in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\nico mak computing\winzip\filemenu
Description : winzip recently used archives


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\nvidia corporation\global\nview\windowmanagement
Description : nvidia nview cached application window positions


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer


MRU List Object Recognized!
Location: : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\windows media\wmsdk\general
Description : windows media sdk 


Listing running processes
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 536
ThreadCreationTime : 9-7-2006 2:36:19 AM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 608
ThreadCreationTime : 9-7-2006 2:36:28 AM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 648
ThreadCreationTime : 9-7-2006 2:36:37 AM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 700
ThreadCreationTime : 9-7-2006 2:36:38 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftЎ WindowsЎ Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : Љ Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 712
ThreadCreationTime : 9-7-2006 2:36:38 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftЎ WindowsЎ Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : Љ Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 872
ThreadCreationTime : 9-7-2006 2:36:41 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftЎ WindowsЎ Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Љ Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 920
ThreadCreationTime : 9-7-2006 2:36:41 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftЎ WindowsЎ Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Љ Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 988
ThreadCreationTime : 9-7-2006 2:36:42 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftЎ WindowsЎ Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Љ Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1044
ThreadCreationTime : 9-7-2006 2:36:42 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftЎ WindowsЎ Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Љ Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1184
ThreadCreationTime : 9-7-2006 2:36:43 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftЎ WindowsЎ Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Љ Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [sdmcp.exe]
FilePath : C:\Program Files\Common Files\Stardock\
ProcessID : 1280
ThreadCreationTime : 9-7-2006 2:36:45 AM
BasePriority : Normal
FileVersion : 0, 0, 5, 11
ProductVersion : 0, 0, 5, 11
ProductName : Stardock MCP Core Services (System Extensions and Hooks)
CompanyName : Stardock
FileDescription : MCPServer
InternalName : MCP
LegalCopyright : Copyright Љ 2005
OriginalFilename : SDMCP.exe

#:12 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1340
ThreadCreationTime : 9-7-2006 2:36:45 AM
BasePriority : Normal
FileVersion : 104.0.1.17
ProductVersion : 104.0.1.17
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright Љ 2000-2005 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe

#:13 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1480
ThreadCreationTime : 9-7-2006 2:36:46 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : MicrosoftЎ WindowsЎ Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Љ Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:14 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1500
ThreadCreationTime : 9-7-2006 2:36:47 AM
BasePriority : Normal
FileVersion : 104.0.1.17
ProductVersion : 104.0.1.17
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright Љ 2000-2005 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe

#:15 [ccproxy.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1852
ThreadCreationTime : 9-7-2006 2:36:49 AM
BasePriority : Normal
FileVersion : 104.0.9.2
ProductVersion : 104.0.9.2
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Network Proxy Service
InternalName : ccProxy
LegalCopyright : Copyright Љ 2000-2005 Symantec Corporation. All rights reserved.
OriginalFilename : ccProxy.exe

#:16 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1872
ThreadCreationTime : 9-7-2006 2:36:49 AM
BasePriority : Normal
FileVersion : 6.0.3.303
ProductVersion : 6.0
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002 - 2006 Symantec Corporation
OriginalFilename : SndSrvc.exe

#:17 [spbbcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\
ProcessID : 1924
ThreadCreationTime : 9-7-2006 2:36:49 AM
BasePriority : Normal
FileVersion : 2.1.0.4
ProductVersion : 2.1.0.4
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright Љ 2004, 2005 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe

#:18 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 1960
ThreadCreationTime : 9-7-2006 2:36:49 AM
BasePriority : Normal
FileVersion : 1.9.1.762
ProductVersion : 1.9.1.762
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright Љ 2003
OriginalFilename : symlcsvc.exe

#:19 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 372
ThreadCreationTime : 9-7-2006 2:36:54 AM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : MicrosoftЎ WindowsЎ Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : Љ Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:20 [aluschedulersvc.exe]
FilePath : C:\Program Files\Symantec\LiveUpdate\
ProcessID : 120
ThreadCreationTime : 9-7-2006 2:37:00 AM
BasePriority : Normal
FileVersion : 3.0.0.166
ProductVersion : 3.0.0.166
ProductName : LiveUpdate
CompanyName : Symantec Corporation
FileDescription : Automatic LiveUpdate Scheduler Service
InternalName : Automatic LiveUpdate Scheduler Service
LegalCopyright : Copyright Љ 1996-2005 Symantec Corporation
OriginalFilename : ALUSchedulerSvc.exe

#:21 [ctsvccda.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 812
ThreadCreationTime : 9-7-2006 2:37:01 AM
BasePriority : Normal
FileVersion : 1.0.1.0
ProductVersion : 1.0.0.0
ProductName : Creative Service for CDROM Access
CompanyName : Creative Technology Ltd
FileDescription : Creative Service for CDROM Access
InternalName : CTsvcCDAEXE
LegalCopyright : Copyright Љ Creative Technology Ltd., 1999. All rights reserved.
OriginalFilename : CTsvcCDA.EXE

#:22 [gbpoll.exe]
FilePath : C:\Program Files\Norton SystemWorks\Norton GoBack\
ProcessID : 904
ThreadCreationTime : 9-7-2006 2:37:01 AM
BasePriority : Normal


#:23 [navapsvc.exe]
FilePath : C:\Program Files\Norton SystemWorks\Norton AntiVirus\
ProcessID : 980
ThreadCreationTime : 9-7-2006 2:37:01 AM
BasePriority : Normal
FileVersion : 12.2.0.13
ProductVersion : 12.2.0
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2006 for Windows 2000/XP Copyright Љ 2005 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE

#:24 [npfmntor.exe]
FilePath : C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\
ProcessID : 1300
ThreadCreationTime : 9-7-2006 2:37:04 AM
BasePriority : Normal
FileVersion : 12.2.0.13
ProductVersion : 12.2.0
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2006 for Windows 2000/XP Copyright Љ 2005 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE

#:25 [nprotect.exe]
FilePath : C:\PROGRA~1\NORTON~1\NORTON~3\
ProcessID : 1320
ThreadCreationTime : 9-7-2006 2:37:04 AM
BasePriority : Normal
FileVersion : 19.0.0.48
ProductVersion : 19.0.0.48
ProductName : Norton Utilities
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
LegalCopyright : Copyright Љ 1997-2005 Symantec Corporation
LegalTrademarks : Norton UtilitiesЎ and UnEraseЎ are registered trademarks of Symantec Corporation.
OriginalFilename : NPROTECT.EXE

#:26 [nvsvc32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1376
ThreadCreationTime : 9-7-2006 2:37:04 AM
BasePriority : Normal
FileVersion : 6.14.10.8198
ProductVersion : 6.14.10.8198
ProductName : NVIDIA Driver Helper Service, Version 81.98
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 81.98
InternalName : NVSVC
LegalCopyright : Љ NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:27 [retrorun.exe]
FilePath : C:\PROGRA~1\Dantz\RETROS~1\
ProcessID : 1464
ThreadCreationTime : 9-7-2006 2:37:05 AM
BasePriority : Normal
FileVersion : 6.5.342
ProductVersion : 6.5
ProductName : Retrospect
CompanyName : Dantz Development Corporation
FileDescription : Retrospect
InternalName : 
LegalCopyright : Copyright Dantz 1989-2003
LegalTrademarks : DantzЎ RetrospectЎ
OriginalFilename : retrorun.exe

#:28 [wdsvc.exe]
FilePath : C:\PROGRA~1\Dantz\RETROS~1\
ProcessID : 1660
ThreadCreationTime : 9-7-2006 2:37:05 AM
BasePriority : Normal
FileVersion : 6.5.342
ProductVersion : 6.5
ProductName : Retrospect
CompanyName : Dantz Development Corporation
FileDescription : Retrospect
InternalName : 
LegalCopyright : Copyright Dantz 1989-2003
LegalTrademarks : DantzЎ RetrospectЎ
OriginalFilename : wdsvc.exe

#:29 [nopdb.exe]
FilePath : C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\
ProcessID : 1700
ThreadCreationTime : 9-7-2006 2:37:06 AM
BasePriority : Normal
FileVersion : 7.00.0.24
ProductVersion : 7.00.0.24
ProductName : Norton Speed Disk
CompanyName : Symantec Corporation
FileDescription : NOPDB
InternalName : NOPDB
LegalCopyright : Copyright Љ 1997-2005 Symantec Corporation
OriginalFilename : NOPDB.dll

#:30 [tablet.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1732
ThreadCreationTime : 9-7-2006 2:37:06 AM
BasePriority : High


#:31 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1784
ThreadCreationTime : 9-7-2006 2:37:06 AM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : MicrosoftЎ WindowsЎ Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : Љ Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:32 [upsd.exe]
FilePath : C:\Program Files\Belkin Bulldog Plus\
ProcessID : 1824
ThreadCreationTime : 9-7-2006 2:37:07 AM
BasePriority : Normal
FileVersion : 1.1
ProductVersion : 3.1
ProductName : UPSentry Smart 2000
CompanyName : Delta
FileDescription : upsd
InternalName : UPSentry Service
LegalCopyright : Copyright c 1999
OriginalFilename : upsd.exe

#:33 [mspmspsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2116
ThreadCreationTime : 9-7-2006 2:37:08 AM
BasePriority : Normal
FileVersion : 7.00.00.1954
ProductVersion : 7.00.00.1954
ProductName : Microsoft Ў DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright Љ Microsoft Corp. 1981-2000
OriginalFilename : MSPMSPSV.EXE

#:34 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2532
ThreadCreationTime : 9-7-2006 2:37:23 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftЎ WindowsЎ Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : Љ Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:35 [ezsp_px.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2900
ThreadCreationTime : 9-7-2006 2:37:29 AM
BasePriority : Normal


#:36 [wdbtnmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2936
ThreadCreationTime : 9-7-2006 2:37:30 AM
BasePriority : Normal
FileVersion : 1, 0, 17, 0
ProductVersion : 1, 0, 17, 0
ProductName : WD Button Manager
CompanyName : Western Digital Technologies, Inc.
FileDescription : WD Button Manager
InternalName : WD Button Manager
LegalCopyright : Copyright Љ 2003-2004
OriginalFilename : WDBtnMgr.exe

#:37 [realsched.exe]
FilePath : C:\Program Files\Common Files\Real\Update_OB\
ProcessID : 3088
ThreadCreationTime : 9-7-2006 2:37:31 AM
BasePriority : Normal
FileVersion : 0.1.0.3510
ProductVersion : 0.1.0.3510
ProductName : RealPlayer (32-bit) 
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright Љ RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:38 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3256
ThreadCreationTime : 9-7-2006 2:37:32 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftЎ WindowsЎ Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Љ Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:39 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3428
ThreadCreationTime : 9-7-2006 2:37:34 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftЎ WindowsЎ Operating System
CompanyName : Microsoft Corporation
FileDescription : Run a DLL as an App
InternalName : rundll
LegalCopyright : Љ Microsoft Corporation. All rights reserved.
OriginalFilename : RUNDLL.EXE

#:40 [cthelper.exe]
FilePath : C:\WINDOWS\
ProcessID : 3472
ThreadCreationTime : 9-7-2006 2:37:35 AM
BasePriority : Normal
FileVersion : 2, 0, 0, 33
ProductVersion : 2, 0, 0, 33
ProductName : CtHelper Application
CompanyName : Creative Technology Ltd
FileDescription : CtHelper Application
InternalName : CtHelper
LegalCopyright : Copyright Љ 2004
OriginalFilename : CtHelper.EXE

#:41 [ctdvddet.exe]
FilePath : C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\
ProcessID : 3500
ThreadCreationTime : 9-7-2006 2:37:36 AM
BasePriority : Normal
FileVersion : 1.0.3.0
ProductVersion : 1.0.3.0
ProductName : CTDVDDET
CompanyName : Creative Technology Ltd
FileDescription : CTDVDDET
InternalName : CTDVDDET
LegalCopyright : Copyright Љ Creative Technology Ltd., 2002-2003. All rights reserved.
OriginalFilename : CTDVDDET.EXE

#:42 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 3520
ThreadCreationTime : 9-7-2006 2:37:37 AM
BasePriority : Normal
FileVersion : 104.0.1.17
ProductVersion : 104.0.1.17
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright Љ 2000-2005 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe

#:43 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.5.0_06\bin\
ProcessID : 3620
ThreadCreationTime : 9-7-2006 2:37:40 AM
BasePriority : Normal


#:44 [wfxload.exe]
FilePath : C:\Program Files\Stardock\Object Desktop\WindowFX\
ProcessID : 3740
ThreadCreationTime : 9-7-2006 2:37:44 AM
BasePriority : Normal
FileVersion : 3.0
ProductVersion : 3.0
ProductName : WindowFX - A Component of Object Desktop 
CompanyName : Stardock Corporation
FileDescription : WindowFX Loader / Config Utility
InternalName : WindowFX
LegalCopyright : Copyright Љ 2000-2006 Stardock Corporation
OriginalFilename : wfxload.EXE
Comments : Not for redistribution in any form without the express permission of Stardock.Net, Inc

#:45 [ssaad.exe]
FilePath : C:\PROGRA~1\Sony\SONICS~1\
ProcessID : 3756
ThreadCreationTime : 9-7-2006 2:37:45 AM
BasePriority : Normal
FileVersion : 4.0.00.05080
ProductVersion : 4.0.00
ProductName : SonicStage
FileDescription : SonicStage Atrac Hard Disk Monitor
InternalName : SonicStage Atrac Hard Disk Monitor
LegalCopyright : Copyright 2005 Sony Corporation
OriginalFilename : SSAAD.EXE

#:46 [cursorxp.exe]
FilePath : C:\Program Files\Stardock\Cursor XP\
ProcessID : 3812
ThreadCreationTime : 9-7-2006 2:37:47 AM
BasePriority : High


#:47 [ctdetect.exe]
FilePath : D:\Program Files\Creative\MediaSource\Detector\
ProcessID : 3916
ThreadCreationTime : 9-7-2006 2:37:55 AM
BasePriority : Normal
FileVersion : 3.0.2.0
ProductVersion : 3.0.0.0
ProductName : Creative MediaSource Detector
CompanyName : Creative Technology Ltd
FileDescription : Creative MediaSource Detector
InternalName : CTDetect
LegalCopyright : Copyright Љ Creative Technology Ltd., 2003-2004. All rights reserved.
OriginalFilename : CTDetect.EXE

#:48 [ad-watch.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~2\
ProcessID : 472
ThreadCreationTime : 9-7-2006 2:38:05 AM
BasePriority : High
FileVersion : 3.1.2.17
ProductVersion : 3.2
ProductName : Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Watch System Protector
InternalName : Ad-Watch.exe
LegalCopyright : 1999-2004 Team Lavasoft
OriginalFilename : Ad-Watch.exe

#:49 [mups.exe]
FilePath : C:\Program Files\Belkin Bulldog Plus\
ProcessID : 1460
ThreadCreationTime : 9-7-2006 2:38:07 AM
BasePriority : Normal


#:50 [gbtray.exe]
FilePath : C:\Program Files\Norton SystemWorks\Norton GoBack\
ProcessID : 1312
ThreadCreationTime : 9-7-2006 2:38:14 AM
BasePriority : Normal


#:51 [tabuserw.exe]
FilePath : C:\WINDOWS\system32\WTablet\
ProcessID : 2420
ThreadCreationTime : 9-7-2006 2:38:17 AM
BasePriority : Normal
FileVersion : 4.91-2
ProductVersion : 4.91-2
ProductName : Wacom Technology, Corp. TABUSERW
CompanyName : Wacom Technology, Corp.
FileDescription : TABUSERW
InternalName : TABUSERW
LegalCopyright : Copyright Љ 1997,1998,1999,2000,2001,2002,2003,2004,2005 Wacom Technology, Corp.
OriginalFilename : TABUSERW.EXE

#:52 [nscsrvce.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\Security Console\
ProcessID : 480
ThreadCreationTime : 9-7-2006 2:39:44 AM
BasePriority : Normal
FileVersion : 2006.1.5.17
ProductVersion : 2006.1.5
ProductName : Norton Security Console
CompanyName : Symantec Corporation
FileDescription : Norton Security Console Norton Protection Center Service
InternalName : NSCService
LegalCopyright : Norton Security Console 2006 for Windows 2000/XP Copyright Љ 2005 Symantec Corporation. All rights reserved.
OriginalFilename : NSCSrvce.exe

#:53 [spybotsd.exe]
FilePath : C:\Program Files\Spybot - Search & Destroy\
ProcessID : 3836
ThreadCreationTime : 9-7-2006 2:41:15 AM
BasePriority : Normal
FileVersion : 1.4.0.3
ProductVersion : 1, 4, 0, 3
ProductName : SpyBot-S&D
CompanyName : Safer Networking Limited
FileDescription : Spybot - Search & Destroy
InternalName : SpybotSD
LegalCopyright : Љ 2000-2005 Patrick M. Kolla / Safer Networking Limited. Alle Rechte vorbehalten.
LegalTrademarks : "Spybot" und "Spybot - Search & Destroy" sind registrierte Warenzeichen.
OriginalFilename : SpyBotSD.exe
Comments : Software zum Entfernen von Spyware und фhnlichen Bedrohungen.

#:54 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Professional\
ProcessID : 1396
ThreadCreationTime : 9-7-2006 2:47:57 AM
BasePriority : Normal
FileVersion : 6.2.0.238
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright Љ Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ
New critical objects: 0
Objects found so far: 27


Started registry scan
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ

Adware.Pop Object Recognized!
Type : Regkey
Data : 
TAC Rating : 3
Category : Adware
Comment : 
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca}

Adware.Pop Object Recognized!
Type : Regkey
Data : 
TAC Rating : 3
Category : Adware
Comment : 
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe}

Win32.Spyware.Acoona Object Recognized!
Type : Regkey
Data : 
TAC Rating : 7
Category : Spyware
Comment : 
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{f80c1d93-0d22-436e-963e-9d3156997a4e}

Win32.Spyware.Acoona Object Recognized!
Type : RegValue
Data : 
TAC Rating : 7
Category : Spyware
Comment : 
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{f80c1d93-0d22-436e-963e-9d3156997a4e}
Value : Distribution ID

Win32.TrojanDownloader.Small Object Recognized!
Type : Regkey
Data : 
TAC Rating : 7
Category : Malware
Comment : 
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{81cddae8-3b92-4f0d-86c1-8dd5db6a8471}

Win32.TrojanDownloader.Small Object Recognized!
Type : Regkey
Data : 
TAC Rating : 7
Category : Malware
Comment : 
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{efa1ec0f-8359-41b7-a178-7dd6805a0c79}

Win32.Spyware.Acoona Object Recognized!
Type : Regkey
Data : 
TAC Rating : 7
Category : Spyware
Comment : 
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\windows\currentversion\ext\stats\{944864a5-3916-46e2-96a9-a2e84f3f1208}

Win32.Spyware.Acoona Object Recognized!
Type : Regkey
Data : 
TAC Rating : 7
Category : Spyware
Comment : 
Rootkey : HKEY_USERS
Object : S-1-5-18\software\microsoft\windows\currentversion\ext\stats\{944864a5-3916-46e2-96a9-a2e84f3f1208}

Win32.Spyware.Acoona Object Recognized!
Type : Regkey
Data : 
TAC Rating : 7
Category : Spyware
Comment : 
Rootkey : HKEY_USERS
Object : S-1-5-21-602162358-308236825-1801674531-1004\software\microsoft\windows\currentversion\ext\stats\{944864a5-3916-46e2-96a9-a2e84f3f1208}

Registry Scan result:
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ
New critical objects: 9
Objects found so far: 36


Started deep registry scan
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ

Deep registry scan result:
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ
New critical objects: 0
Objects found so far: 36


Started Tracking Cookie scan
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ


Tracking cookie scan result:
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ
New critical objects: 0
Objects found so far: 36



Deep scanning and examining files (C:)
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ

Disk Scan Result for C:\
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ
New critical objects: 0
Objects found so far: 36


Deep scanning and examining files (D:)
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ

Disk Scan Result for D:\
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ
New critical objects: 0
Objects found so far: 36


Deep scanning and examining files (I:)
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ

Disk Scan Result for I:\
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ
New critical objects: 0
Objects found so far: 36


Deep scanning and examining files (J:)
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ

Disk Scan Result for J:\
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ
New critical objects: 0
Objects found so far: 36


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ

Hosts file scan result:
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ
1 entries scanned.
New critical objects:0
Objects found so far: 36




Performing conditional scans...
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ

Conditional scan result:
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ
New critical objects: 0
Objects found so far: 36

2:53:10 AM Scan Complete

Summary Of This Scan
ЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛЛ
Total scanning time:04:02:52.297
Objects scanned:341794
Objects identified:9
Objects ignored:0
New critical objects:9