hi,
I don't think of false positive,because when this spy is present surfing is very slowly and it tries to redirect probably to coolwebsearch pages.CWShredder doesn't detect cws_xplugin.I used it.It will be also an old spy but untill now nobody
can removed it definitively.However,there is the log:
Ad-Aware SE Build 1.05
Logfile Created on:mercoledì 20 ottobre 2004 18.48.23
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R13 16.10.2004
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):13 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R13 16.10.2004
Internal build : 18
File location : C:\Programmi\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 363648 Bytes
Total size : 1150665 Bytes
Signature data size : 1124607 Bytes
Reference data size : 25546 Bytes
Signatures total : 31779
Fingerprints total : 291
Fingerprints size : 12292 Bytes
Target categories : 15
Target families : 589
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:57 %
Total physical memory:515568 kb
Available physical memory:290156 kb
Total page file size:1259152 kb
Available on page file:1095140 kb
Total virtual memory:2097024 kb
Available virtual memory:2050052 kb
OS:Microsoft Windows XP Home Edition Service Pack 1 (Build 2600)
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Reanalyze results after scanning before displaying results lists
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include module list in log file
Set : Include alternate data stream details in log file
Set : Create and save WebUpdate log file
20-10-2004 18.48.23 - Scan started. (Custom mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 440
ThreadCreationTime : 20-10-2004 16.20.51
BasePriority : Normal
Scanning Module:\SystemRoot\System32\smss.exe...
Scanning Module:C:\WINDOWS\System32\ntdll.dll...
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 488
ThreadCreationTime : 20-10-2004 16.20.53
BasePriority : Normal
Scanning Module:\??\C:\WINDOWS\system32\csrss.exe...
Scanning Module:C:\WINDOWS\system32\CSRSRV.dll...
Scanning Module:C:\WINDOWS\system32\basesrv.dll...
Scanning Module:C:\WINDOWS\system32\winsrv.dll...
Scanning Module:C:\WINDOWS\system32\USER32.dll...
Scanning Module:C:\WINDOWS\system32\KERNEL32.dll...
Scanning Module:C:\WINDOWS\system32\GDI32.dll...
Scanning Module:C:\WINDOWS\system32\ADVAPI32.dll...
Scanning Module:C:\WINDOWS\system32\RPCRT4.dll...
Scanning Module:C:\WINDOWS\System32\sxs.dll...
Scanning Module:C:\Programmi\Webroot\Spy Sweeper\sis.dll...
Scanning Module:C:\WINDOWS\system32\oleaut32.dll...
Scanning Module:C:\WINDOWS\system32\MSVCRT.DLL...
Scanning Module:C:\WINDOWS\system32\OLE32.DLL...
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 512
ThreadCreationTime : 20-10-2004 16.20.53
BasePriority : High
Scanning Module:\??\C:\WINDOWS\system32\winlogon.exe...
Scanning Module:C:\WINDOWS\system32\AUTHZ.dll...
Scanning Module:C:\WINDOWS\system32\CRYPT32.dll...
Scanning Module:C:\WINDOWS\system32\MSASN1.dll...
Scanning Module:C:\WINDOWS\system32\NDdeApi.dll...
Scanning Module:C:\WINDOWS\system32\PROFMAP.dll...
Scanning Module:C:\WINDOWS\system32\NETAPI32.dll...
Scanning Module:C:\WINDOWS\system32\USERENV.dll...
Scanning Module:C:\WINDOWS\system32\PSAPI.DLL...
Scanning Module:C:\WINDOWS\system32\REGAPI.dll...
Scanning Module:C:\WINDOWS\system32\Secur32.dll...
Scanning Module:C:\WINDOWS\system32\SETUPAPI.dll...
Scanning Module:C:\WINDOWS\system32\VERSION.dll...
Scanning Module:C:\WINDOWS\system32\WINSTA.dll...
Scanning Module:C:\WINDOWS\system32\WS2_32.dll...
Scanning Module:C:\WINDOWS\system32\WS2HELP.dll...
Scanning Module:C:\WINDOWS\System32\MSGINA.dll...
Scanning Module:C:\WINDOWS\system32\SHELL32.dll...
Scanning Module:C:\WINDOWS\system32\SHLWAPI.dll...
Scanning Module:C:\WINDOWS\system32\COMCTL32.dll...
Scanning Module:C:\WINDOWS\System32\ODBC32.dll...
Scanning Module:C:\WINDOWS\system32\comdlg32.dll...
Scanning Module:C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1579_x-ww_7bbf8d08\comctl32.dll...
Scanning Module:C:\WINDOWS\System32\odbcint.dll...
Scanning Module:C:\WINDOWS\System32\SHSVCS.dll...
Scanning Module:C:\WINDOWS\system32\sfc.dll...
Scanning Module:C:\WINDOWS\System32\sfc_os.dll...
Scanning Module:C:\WINDOWS\System32\WINTRUST.dll...
Scanning Module:C:\WINDOWS\system32\IMAGEHLP.dll...
Scanning Module:C:\WINDOWS\System32\WINSCARD.DLL...
Scanning Module:C:\WINDOWS\System32\WTSAPI32.dll...
Scanning Module:C:\WINDOWS\System32\uxtheme.dll...
Scanning Module:C:\WINDOWS\System32\WINMM.dll...
Scanning Module:C:\WINDOWS\System32\SYNCOR11.DLL...
Scanning Module:C:\WINDOWS\system32\cscdll.dll...
Scanning Module:C:\WINDOWS\system32\WlNotify.dll...
Scanning Module:C:\WINDOWS\System32\WINSPOOL.DRV...
Scanning Module:C:\WINDOWS\system32\MPR.dll...
Scanning Module:C:\WINDOWS\System32\rsaenh.dll...
Scanning Module:C:\WINDOWS\System32\SAMLIB.dll...
Scanning Module:C:\WINDOWS\System32\cscui.dll...
Scanning Module:C:\WINDOWS\system32\msv1_0.dll...
Scanning Module:C:\WINDOWS\System32\NTMARTA.DLL...
Scanning Module:C:\WINDOWS\system32\WLDAP32.dll...
Scanning Module:C:\WINDOWS\System32\COMRes.dll...
Scanning Module:C:\WINDOWS\System32\CLBCATQ.DLL...
Scanning Module:C:\WINDOWS\System32\wdmaud.drv...
Scanning Module:C:\WINDOWS\System32\msacm32.drv...
Scanning Module:C:\WINDOWS\System32\MSACM32.dll...
Scanning Module:C:\WINDOWS\System32\midimap.dll...
Scanning Module:C:\WINDOWS\System32\SSSensor.dll...
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 556
ThreadCreationTime : 20-10-2004 16.20.54
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applicazione Servizi e Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tutti i diritti riservati.
OriginalFilename : services.exe
Scanning Module:C:\WINDOWS\system32\services.exe...
Scanning Module:C:\WINDOWS\system32\SCESRV.dll...
Scanning Module:C:\WINDOWS\system32\umpnpmgr.dll...
Scanning Module:C:\WINDOWS\system32\NCObjAPI.DLL...
Scanning Module:C:\WINDOWS\system32\eventlog.dll...
Scanning Module:C:\WINDOWS\system32\Apphelp.dll...
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 568
ThreadCreationTime : 20-10-2004 16.20.54
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
Scanning Module:C:\WINDOWS\system32\lsass.exe...
Scanning Module:C:\WINDOWS\system32\LSASRV.dll...
Scanning Module:C:\WINDOWS\system32\SAMSRV.dll...
Scanning Module:C:\WINDOWS\system32\cryptdll.dll...
Scanning Module:C:\WINDOWS\system32\DNSAPI.dll...
Scanning Module:C:\WINDOWS\system32\NTDSAPI.dll...
Scanning Module:C:\WINDOWS\system32\msprivs.dll...
Scanning Module:C:\WINDOWS\system32\kerberos.dll...
Scanning Module:C:\WINDOWS\system32\netlogon.dll...
Scanning Module:C:\WINDOWS\system32\w32time.dll...
Scanning Module:C:\WINDOWS\system32\MSVCP60.dll...
Scanning Module:C:\WINDOWS\system32\iphlpapi.dll...
Scanning Module:C:\WINDOWS\system32\schannel.dll...
Scanning Module:C:\WINDOWS\system32\wdigest.dll...
Scanning Module:C:\WINDOWS\system32\scecli.dll...
Scanning Module:C:\WINDOWS\system32\pstorsvc.dll...
Scanning Module:C:\WINDOWS\system32\psbase.dll...
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 720
ThreadCreationTime : 20-10-2004 16.20.54
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
Scanning Module:C:\WINDOWS\system32\svchost.exe...
Scanning Module:c:\windows\system32\rpcss.dll...
Scanning Module:C:\WINDOWS\system32\mswsock.dll...
Scanning Module:C:\WINDOWS\System32\wshtcpip.dll...
Scanning Module:C:\WINDOWS\System32\winrnr.dll...
Scanning Module:C:\WINDOWS\system32\rasadhlp.dll...
#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 744
ThreadCreationTime : 20-10-2004 16.20.55
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
Scanning Module:c:\windows\system32\dhcpcsvc.dll...
Scanning Module:c:\windows\system32\schedsvc.dll...
Scanning Module:C:\WINDOWS\System32\MSIDLE.DLL...
Scanning Module:c:\windows\system32\audiosrv.dll...
Scanning Module:c:\windows\system32\wkssvc.dll...
Scanning Module:c:\windows\system32\cryptsvc.dll...
Scanning Module:c:\windows\system32\certcli.dll...
Scanning Module:c:\windows\system32\ATL.DLL...
Scanning Module:c:\windows\system32\CRYPTUI.dll...
Scanning Module:C:\WINDOWS\system32\WININET.dll...
Scanning Module:c:\windows\system32\ESENT.dll...
Scanning Module:c:\windows\pchealth\helpctr\binaries\pchsvc.dll...
Scanning Module:c:\windows\system32\es.dll...
Scanning Module:c:\windows\system32\sens.dll...
Scanning Module:c:\windows\system32\srsvc.dll...
Scanning Module:c:\windows\system32\POWRPROF.dll...
Scanning Module:c:\windows\system32\wuauserv.dll...
Scanning Module:c:\windows\system32\wbem\wmisvc.dll...
Scanning Module:c:\windows\system32\wbem\wbemcomn.dll...
Scanning Module:C:\WINDOWS\System32\VSSAPI.DLL...
Scanning Module:C:\WINDOWS\System32\wuaueng.dll...
Scanning Module:C:\WINDOWS\System32\ADVPACK.dll...
Scanning Module:C:\WINDOWS\System32\SHFOLDER.dll...
Scanning Module:C:\WINDOWS\System32\WINHTTP.dll...
Scanning Module:C:\WINDOWS\System32\Cabinet.dll...
Scanning Module:C:\WINDOWS\System32\mspatcha.dll...
Scanning Module:C:\WINDOWS\system32\comsvcs.dll...
Scanning Module:C:\WINDOWS\system32\MTXCLU.DLL...
Scanning Module:C:\WINDOWS\system32\WSOCK32.dll...
Scanning Module:C:\WINDOWS\system32\colbact.DLL...
Scanning Module:C:\WINDOWS\System32\CLUSAPI.DLL...
Scanning Module:C:\WINDOWS\System32\RESUTILS.DLL...
Scanning Module:C:\WINDOWS\System32\mtxoci.dll...
Scanning Module:c:\windows\system32\tapisrv.dll...
Scanning Module:c:\windows\system32\ACTIVEDS.dll...
Scanning Module:c:\windows\system32\adsldpc.dll...
Scanning Module:c:\windows\system32\rtutils.dll...
Scanning Module:c:\windows\system32\rasmans.dll...
Scanning Module:c:\windows\system32\WINIPSEC.DLL...
Scanning Module:c:\windows\system32\netcfgx.dll...
Scanning Module:C:\WINDOWS\System32\rastapi.dll...
Scanning Module:C:\WINDOWS\System32\TAPI32.dll...
Scanning Module:C:\WINDOWS\System32\unimdm.tsp...
Scanning Module:C:\WINDOWS\System32\uniplat.dll...
Scanning Module:C:\WINDOWS\System32\unimdmat.dll...
Scanning Module:C:\WINDOWS\System32\modemui.dll...
Scanning Module:C:\WINDOWS\System32\kmddsp.tsp...
Scanning Module:C:\WINDOWS\System32\ndptsp.tsp...
Scanning Module:C:\WINDOWS\System32\ipconf.tsp...
Scanning Module:C:\WINDOWS\System32\h323.tsp...
Scanning Module:C:\WINDOWS\System32\hidphone.tsp...
Scanning Module:C:\WINDOWS\System32\HID.DLL...
Scanning Module:C:\WINDOWS\System32\rasppp.dll...
Scanning Module:C:\WINDOWS\System32\MPRAPI.dll...
Scanning Module:C:\WINDOWS\System32\ntlsapi.dll...
Scanning Module:C:\WINDOWS\System32\RASAPI32.dll...
Scanning Module:C:\WINDOWS\System32\rasman.dll...
Scanning Module:C:\WINDOWS\System32\raschap.dll...
Scanning Module:C:\WINDOWS\System32\rastls.dll...
Scanning Module:c:\windows\system32\netman.dll...
Scanning Module:c:\windows\system32\WZCSvc.DLL...
Scanning Module:c:\windows\system32\WMI.dll...
Scanning Module:C:\WINDOWS\system32\NETSHELL.dll...
Scanning Module:C:\WINDOWS\system32\credui.dll...
Scanning Module:C:\WINDOWS\System32\hnetcfg.dll...
Scanning Module:C:\WINDOWS\System32\Wbem\wbemcore.dll...
Scanning Module:C:\WINDOWS\System32\Wbem\esscli.dll...
Scanning Module:C:\WINDOWS\System32\Wbem\FastProx.dll...
Scanning Module:C:\WINDOWS\System32\wbem\wmiutils.dll...
Scanning Module:C:\WINDOWS\System32\wbem\repdrvfs.dll...
Scanning Module:C:\WINDOWS\System32\wbem\wmiprvsd.dll...
Scanning Module:C:\WINDOWS\System32\wbem\wbemess.dll...
Scanning Module:C:\WINDOWS\System32\msi.dll...
Scanning Module:C:\WINDOWS\System32\RASDLG.dll...
Scanning Module:C:\WINDOWS\System32\wbem\ncprov.dll...
#:8 [smc.exe]
FilePath : C:\Programmi\Sygate\SPF\
ProcessID : 788
ThreadCreationTime : 20-10-2004 16.20.55
BasePriority : Normal
FileVersion : 5.5.00.2525
ProductVersion : 5.5.00.2525
ProductName : Sygate® Security Agent and Personal Firewall
CompanyName : Sygate Technologies, Inc.
FileDescription : Sygate Agent Firewall
InternalName : Smc
LegalCopyright : Copyright © 1999 - 2003 Sygate Technologies, Inc. All rights reserved.
OriginalFilename : Smc.EXE
Scanning Module:C:\Programmi\Sygate\SPF\smc.exe...
Scanning Module:C:\Programmi\Sygate\SPF\Trident.dll...
Scanning Module:C:\Programmi\Sygate\SPF\tfman.dll...
Scanning Module:C:\Programmi\Sygate\SPF\tse.dll...
Scanning Module:C:\Programmi\Sygate\SPF\DataMan.dll...
Scanning Module:C:\Programmi\Sygate\SPF\PSSensor.dll...
Scanning Module:C:\Programmi\Sygate\SPF\SpNet.dll...
Scanning Module:C:\Programmi\Sygate\SPF\IdsTrafficPipe.dll...
Scanning Module:C:\Programmi\Sygate\SPF\wpsman.dll...
Scanning Module:C:\Programmi\Sygate\SPF\wsman.dll...
Scanning Module:C:\WINDOWS\System32\snmpapi.dll...
Scanning Module:C:\Programmi\Sygate\SPF\SyLog.dll...
Scanning Module:C:\Programmi\Sygate\SPF\Netport.dll...
Scanning Module:C:\Programmi\Sygate\SPF\wgman.dll...
Scanning Module:C:\Programmi\Sygate\SPF\SyLink.dll...
Scanning Module:C:\WINDOWS\System32\oledlg.dll...
Scanning Module:C:\WINDOWS\System32\OLEPRO32.DLL...
Scanning Module:C:\WINDOWS\System32\VDMDBG.DLL...
Scanning Module:C:\WINDOWS\System32\RICHED32.DLL...
Scanning Module:C:\WINDOWS\System32\RICHED20.dll...
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 952
ThreadCreationTime : 20-10-2004 16.20.57
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
Scanning Module:c:\windows\system32\dnsrslvr.dll...
#:10 [lexbces.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1016
ThreadCreationTime : 20-10-2004 16.20.57
BasePriority : Normal
FileVersion : 7.4
ProductVersion : 7.4
ProductName : MarkVision for Windows (32 bit)
CompanyName : Lexmark International, Inc.
FileDescription : LexBce Service
InternalName : LexBce Service
LegalCopyright : © 1993 - 2002 Lexmark International, Inc.
OriginalFilename : LexBceS.exe
Scanning Module:C:\WINDOWS\system32\LEXBCES.EXE...
Scanning Module:C:\WINDOWS\system32\lexp2p32.dll...
Scanning Module:C:\WINDOWS\system32\lex2kusb.dll...
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1052
ThreadCreationTime : 20-10-2004 16.20.57
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
Scanning Module:C:\WINDOWS\system32\spoolsv.exe...
Scanning Module:C:\WINDOWS\system32\SPOOLSS.DLL...
Scanning Module:C:\WINDOWS\system32\localspl.dll...
Scanning Module:C:\WINDOWS\system32\cnbjmon.dll...
Scanning Module:C:\WINDOWS\system32\CNMLM47.DLL...
Scanning Module:C:\WINDOWS\system32\LEXLMPM.DLL...
Scanning Module:C:\WINDOWS\system32\LexBce.dll...
Scanning Module:C:\WINDOWS\system32\pjlmon.dll...
Scanning Module:C:\WINDOWS\system32\tcpmon.dll...
Scanning Module:C:\WINDOWS\system32\usbmon.dll...
Scanning Module:C:\WINDOWS\system32\virport.dll...
Scanning Module:C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD47.DLL...
Scanning Module:C:\WINDOWS\System32\spool\PRTPROCS\W32X86\lxbhPP5C.dll...
Scanning Module:C:\WINDOWS\system32\win32spl.dll...
Scanning Module:C:\WINDOWS\system32\NETRAP.dll...
Scanning Module:C:\WINDOWS\system32\inetpp.dll...
Scanning Module:C:\WINDOWS\system32\icmp.dll...
Scanning Module:C:\WINDOWS\system32\LXBHpwr.dll...
#:12 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1144
ThreadCreationTime : 20-10-2004 16.20.58
BasePriority : Normal
FileVersion : 6.00.2800.1221 (xpsp2.030511-1403)
ProductVersion : 6.00.2800.1221
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Esplora risorse
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tutti i diritti riservati.
OriginalFilename : EXPLORER.EXE
Scanning Module:C:\WINDOWS\Explorer.EXE...
Scanning Module:C:\WINDOWS\System32\BROWSEUI.dll...
Scanning Module:C:\WINDOWS\System32\SHDOCVW.dll...
Scanning Module:C:\WINDOWS\System32\themeui.dll...
Scanning Module:C:\WINDOWS\System32\MSIMG32.dll...
Scanning Module:C:\WINDOWS\System32\ntshrui.dll...
Scanning Module:C:\WINDOWS\System32\LINKINFO.dll...
Scanning Module:C:\WINDOWS\System32\webcheck.dll...
Scanning Module:C:\WINDOWS\System32\stobject.dll...
Scanning Module:C:\WINDOWS\System32\BatMeter.dll...
Scanning Module:C:\WINDOWS\system32\urlmon.dll...
Scanning Module:C:\WINDOWS\System32\printui.dll...
Scanning Module:C:\WINDOWS\System32\CFGMGR32.dll...
Scanning Module:C:\WINDOWS\System32\ntlanman.dll...
Scanning Module:C:\WINDOWS\System32\NETUI0.dll...
Scanning Module:C:\WINDOWS\System32\NETUI1.dll...
Scanning Module:C:\WINDOWS\System32\drprov.dll...
Scanning Module:C:\WINDOWS\System32\davclnt.dll...
Scanning Module:C:\WINDOWS\System32\browselc.dll...
Scanning Module:C:\Programmi\Popup Manager\PopupMgr_1.0.2.1P.dll...
Scanning Module:C:\WINDOWS\Release_Ansi\MP3ext.dll...
Scanning Module:C:\WINDOWS\System32\MSVCR70.dll...
Scanning Module:C:\WINDOWS\System32\MSVCP70.dll...
Scanning Module:C:\WINDOWS\System32\shdoclc.dll...
Scanning Module:C:\WINDOWS\System32\mydocs.dll...
Scanning Module:C:\WINDOWS\System32\shmedia.dll...
Scanning Module:C:\WINDOWS\System32\MSVFW32.dll...
Scanning Module:C:\WINDOWS\System32\AVIFIL32.dll...
#:13 [navapsvc.exe]
FilePath : C:\Programmi\Norton AntiVirus\
ProcessID : 1184
ThreadCreationTime : 20-10-2004 16.20.58
BasePriority : Normal
FileVersion : 8.00.58
ProductVersion : 8.00.58
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Copyright © 2000-2001 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
Scanning Module:C:\Programmi\Norton AntiVirus\navapsvc.exe...
#:14 [locator.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1208
ThreadCreationTime : 20-10-2004 16.20.58
BasePriority : Normal
FileVersion : 5.1.2600.1147 (xpsp2.021108-1929)
ProductVersion : 5.1.2600.1147
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Rpc Locator
InternalName : locator.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : locator.exe
Scanning Module:C:\WINDOWS\System32\locator.exe...
#:15 [smagent.exe]
FilePath : C:\Programmi\Analog Devices\SoundMAX\
ProcessID : 1276
ThreadCreationTime : 20-10-2004 16.20.59
BasePriority : Normal
FileVersion : 3, 2, 4, 0
ProductVersion : 3, 2, 4, 0
ProductName : SoundMAX service agent
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX service agent component
InternalName : SMAgent
LegalCopyright : Copyright © 2002
OriginalFilename : SMAgent.exe
Scanning Module:C:\Programmi\Analog Devices\SoundMAX\SMAgent.exe...
#:16 [navapw32.exe]
FilePath : C:\PROGRA~1\Norton AntiVirus\
ProcessID : 1776
ThreadCreationTime : 20-10-2004 16.21.21
BasePriority : Normal
FileVersion : 8.00.58
ProductVersion : 8.00.58
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Agent
InternalName : NAVAPW32
LegalCopyright : Copyright © 2000-2001 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPW32.EXE
Scanning Module:C:\PROGRA~1\Norton AntiVirus\navapw32.exe...
Scanning Module:C:\PROGRA~1\Norton AntiVirus\apwutil.dll...
Scanning Module:C:\PROGRA~1\Norton AntiVirus\apwcmdnt.dll...
Scanning Module:C:\PROGRA~1\Norton AntiVirus\DefAlert.dll...
Scanning Module:C:\PROGRA~1\Norton AntiVirus\NAVProxy.dll...
Scanning Module:C:\WINDOWS\System32\SYMREDIR.dll...
#:17 [teatimer.exe]
FilePath : C:\Programmi\Spybot - Search & Destroy\
ProcessID : 1832
ThreadCreationTime : 20-10-2004 16.21.27
BasePriority : Idle
FileVersion : 1, 3, 0, 12
ProductVersion : 1, 3, 0, 12
ProductName : Spybot - Search & Destroy
CompanyName : Safer Networking Limited
FileDescription : System settings protector
InternalName : TeaTimer
LegalCopyright : © 2000-2004 Patrick M. Kolla / Safer Networking Limited. Alle Rechte vorbehalten.
LegalTrademarks : "Spybot" und "Spybot - Search & Destroy" sind registrierte Warenzeichen.
OriginalFilename : TeaTimer.exe
Comments : Schützt Systemeinstellungen vor ungewollten Änderungen.
Scanning Module:C:\Programmi\Spybot - Search & Destroy\TeaTimer.exe...
Scanning Module:C:\WINDOWS\System32\hhctrl.ocx...
Scanning Module:C:\WINDOWS\System32\mui\0010\hhctrlui.dll...
#:18 [winpatrol.exe]
FilePath : C:\Programmi\BillP Studios\WinPatrol\
ProcessID : 1912
ThreadCreationTime : 20-10-2004 16.21.29
BasePriority : Normal
FileVersion : 8, 0, 0, 8
ProductVersion : 8.0.0.8
ProductName : WinPatrol Monitor
CompanyName : BillP Studios
FileDescription : WinPatrol System Monitor
InternalName : WinPatrol Monitor
LegalCopyright : Copyright © 1997- 2004 BillP Studios
OriginalFilename : Scotty
Comments : Let Scotty the Windows Watchdog patrol your system.
Scanning Module:C:\Programmi\BillP Studios\WinPatrol\WinPatrol.exe...
Scanning Module:C:\WINDOWS\System32\mstask.dll...
Scanning Module:C:\WINDOWS\System32\xpsp2res.dll...
#:19 [startupmonitor.exe]
FilePath : C:\WINDOWS\
ProcessID : 1992
ThreadCreationTime : 20-10-2004 16.21.31
BasePriority : Normal
Scanning Module:C:\WINDOWS\StartupMonitor.exe...
#:20 [spysweeper.exe]
FilePath : C:\Programmi\Webroot\Spy Sweeper\
ProcessID : 2020
ThreadCreationTime : 20-10-2004 16.21.32
BasePriority : Normal
FileVersion : 3.0.0.129
ProductVersion : 3.0i
ProductName : Spy Sweeper
CompanyName : Webroot Software, Inc.
FileDescription : Spy Sweeper
LegalCopyright : Copyright © 2001-2004 Webroot Software, Inc.
LegalTrademarks : Spy Sweeper is a trademark of Webroot Software, Inc.
Scanning Module:C:\Programmi\Webroot\Spy Sweeper\SpySweeper.exe...
Scanning Module:C:\Programmi\Webroot\Spy Sweeper\Language.dll...
#:21 [gsicon.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 232
ThreadCreationTime : 20-10-2004 16.21.35
BasePriority : Normal
FileVersion : 3.1.0
ProductVersion : 3.1.0
ProductName : DSL Modem
CompanyName : GlobeSpan, Inc.
FileDescription : DSL Modem Monitor
InternalName : GSICON.EXE
LegalCopyright : Copyright © 2001 GlobeSpan, Inc.
OriginalFilename : GSICON.EXE
Scanning Module:C:\WINDOWS\System32\GSICON.EXE...
#:22 [tcm.exe]
FilePath : C:\Programmi\The Cleaner\
ProcessID : 288
ThreadCreationTime : 20-10-2004 16.21.40
BasePriority : Normal
FileVersion : 2.1.0.2043
ProductVersion : 2.1.0.0
ProductName : TC Monitor
CompanyName : MooSoft Development
FileDescription : The Cleaner Registry and File Monitor
InternalName : TCMonitor
LegalCopyright : 2000-2004 MooSoft Development
OriginalFilename : tcm.exe
Comments :
http://www.moosoft.com Scanning Module:C:\Programmi\The Cleaner\tcm.exe...
Scanning Module:C:\WINDOWS\System32\appwiz.cpl...
Scanning Module:C:\WINDOWS\System32\DUSER.dll...
Scanning Module:C:\WINDOWS\System32\OLEACC.dll...
#:23 [ad-aware.exe]
FilePath : C:\Programmi\Lavasoft\Ad-Aware SE Personal\
ProcessID : 964
ThreadCreationTime : 20-10-2004 16.48.00
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Scanning Module:C:\Programmi\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe...
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
MRU List Object Recognized!
Location: : S-1-5-21-2424629274-914090876-3233042676-1006\software\microsoft\windows\currentversion\applets\regedit\favorites
Description : registry editor favorites
MRU List Object Recognized!
Location: : S-1-5-21-2424629274-914090876-3233042676-1006\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run
MRU List Object Recognized!
Location: : S-1-5-21-2424629274-914090876-3233042676-1006\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-2424629274-914090876-3233042676-1006\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-2424629274-914090876-3233042676-1006\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-2424629274-914090876-3233042676-1006\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-2424629274-914090876-3233042676-1006\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console
MRU List Object Recognized!
Location: : S-1-5-21-2424629274-914090876-3233042676-1006\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-2424629274-914090876-3233042676-1006\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor
MRU List Object Recognized!
Location: : S-1-5-21-2424629274-914090876-3233042676-1006\software\microsoft\ntbackup\log files
Description : list of recent logfiles in microsoft backup
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Deep scanning and examining files (F:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for F:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\BEATLES\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\CARMELO BENE\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\CHARLIE PARKER\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\CLASSIQUE\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\ELLA FITGERALD\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\ELVIS PRESLEY\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\FRANCE\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\FRANK SINATRA-DEAN MARTIN\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\GROUP\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\ITALY\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\JAZZ GUITAR\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\JAZZ ONE\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\JAZZ TWO\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\LATIN\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\LOUIS ARMSTRONG\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\OTHER MUSIK\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\POP-ROCK ONE\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\POP-ROCK TWO\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\RECYCLER\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\SINGERS\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\STONES\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\System Volume Information\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\VIDEOS\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Disk Scan Result for F:\ZZ-VARI\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
4752 entries scanned.
New critical objects:0
Objects found so far: 13
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13
19.03.36 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00.15.13.234
Objects scanned:145233
Objects identified:0
Objects ignored:0
New critical objects:0