Ad-Aware SE Build 1.05
Logfile Created on:Tuesday, May 03, 2005 12:59:20 PM
Using definitions file:SE1R42 28.04.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):16 total references
Windows(TAC index:3):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\PROGRA~1\Lavasoft\AD-AWA~1\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Non Intel
Memory available:66 %
Total physical memory:523760 kb
Available physical memory:340520 kb
Total page file size:1277212 kb
Available on page file:1077176 kb
Total virtual memory:2097024 kb
Available virtual memory:2044540 kb
OS:Microsoft Windows 2000 Professional Service Pack 4 (Build 2195)
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Ignore spanned files when scanning cab archives
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Block pop-ups aggressively
Set : Automatically select problematic objects in results lists
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Show splash screen
Set : Backup current definitions file before updating
Set : Play sound at scan completion if scan locates critical objects
5-3-2005 12:59:20 PM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\William Cummings\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-796845957-1677128483-1343024091-1000\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-796845957-1677128483-1343024091-1000\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-796845957-1677128483-1343024091-1000\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-796845957-1677128483-1343024091-1000\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-796845957-1677128483-1343024091-1000\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-796845957-1677128483-1343024091-1000\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console
MRU List Object Recognized!
Location: : S-1-5-21-796845957-1677128483-1343024091-1000\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor
MRU List Object Recognized!
Location: : S-1-5-21-796845957-1677128483-1343024091-1000\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-796845957-1677128483-1343024091-1000\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-796845957-1677128483-1343024091-1000\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-796845957-1677128483-1343024091-1000\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run
MRU List Object Recognized!
Location: : S-1-5-21-796845957-1677128483-1343024091-1000\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 228
ThreadCreationTime : 5-3-2005 3:50:17 PM
BasePriority : Normal
#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 252
ThreadCreationTime : 5-3-2005 3:50:27 PM
BasePriority : Normal
#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 248
ThreadCreationTime : 5-3-2005 3:50:29 PM
BasePriority : High
#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 300
ThreadCreationTime : 5-3-2005 3:50:32 PM
BasePriority : Normal
FileVersion : 5.00.2195.6700
ProductVersion : 5.00.2195.6700
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : services.exe
#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 312
ThreadCreationTime : 5-3-2005 3:50:32 PM
BasePriority : Normal
FileVersion : 5.00.2195.6902
ProductVersion : 5.00.2195.6902
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Executable and Server DLL (Export Version)
InternalName : lsasrv.dll and lsass.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : lsasrv.dll and lsass.exe
#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 496
ThreadCreationTime : 5-3-2005 3:50:38 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : svchost.exe
#:7 [lexbces.exe]
ModuleName : C:\WINDOWS\system32\LEXBCES.EXE
Command Line : C:\WINDOWS\system32\LEXBCES.EXE
ProcessID : 520
ThreadCreationTime : 5-3-2005 3:50:39 PM
BasePriority : Normal
FileVersion : 7.2
ProductVersion : 7.2
ProductName : MarkVision for Windows (32 bit)
CompanyName : Lexmark International, Inc.
FileDescription : LexBce Service
InternalName : LexBce Service
LegalCopyright : © 1993 - 2001 Lexmark International, Inc.
OriginalFilename : LexBceS.exe
#:8 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 548
ThreadCreationTime : 5-3-2005 3:50:39 PM
BasePriority : Normal
FileVersion : 5.00.2195.6659
ProductVersion : 5.00.2195.6659
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolss.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : spoolss.exe
#:9 [lexpps.exe]
ModuleName : C:\WINDOWS\system32\LEXPPS.EXE
Command Line : LEXPPS.EXE
ProcessID : 576
ThreadCreationTime : 5-3-2005 3:50:39 PM
BasePriority : Normal
FileVersion : 7.2
ProductVersion : 7.2
ProductName : MarkVision for Windows (32 bit)
CompanyName : Lexmark International, Inc.
FileDescription : LEXPPS.EXE
InternalName : LEXPPS
LegalCopyright : © 1993 - 2001 Lexmark International, Inc.
OriginalFilename : LEXPPS.EXE
Comments : MarkVision for Windows '95 New P2P Server (32-bit)
#:10 [isafe.exe]
ModuleName : C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe
Command Line : "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe"
ProcessID : 596
ThreadCreationTime : 5-3-2005 3:50:39 PM
BasePriority : Normal
FileVersion : Version 10.63.0.1
ProductVersion : Version 10.63.0.1
ProductName : ISafe
CompanyName : Computer Associates International, Inc.
FileDescription : ISafe Service
InternalName : ISafe
LegalCopyright : © 2003 Computer Associates International, Inc.
LegalTrademarks : Vet is a trademark of Computer Associates International, Inc.
OriginalFilename : ISafe.exe
Comments : ISafe
#:11 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 648
ThreadCreationTime : 5-3-2005 3:50:40 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : svchost.exe
#:12 [ewidoctrl.exe]
ModuleName : C:\Program Files\ewido\security suite\ewidoctrl.exe
Command Line : "C:\Program Files\ewido\security suite\ewidoctrl.exe"
ProcessID : 660
ThreadCreationTime : 5-3-2005 3:50:40 PM
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : ewido control
CompanyName : ewido networks
FileDescription : ewido control
InternalName : ewido control
LegalCopyright : Copyright © 2004
OriginalFilename : ewidoctrl.exe
#:13 [ewidoguard.exe]
ModuleName : C:\Program Files\ewido\security suite\ewidoguard.exe
Command Line : n/a
ProcessID : 696
ThreadCreationTime : 5-3-2005 3:50:42 PM
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : guard
CompanyName : ewido networks
FileDescription : guard
InternalName : guard
LegalCopyright : Copyright © 2004
OriginalFilename : guard.exe
#:14 [nvsvc32.exe]
ModuleName : C:\WINDOWS\System32\nvsvc32.exe
Command Line : C:\WINDOWS\System32\nvsvc32.exe
ProcessID : 772
ThreadCreationTime : 5-3-2005 3:50:46 PM
BasePriority : Normal
FileVersion : 5.13.01.1462
ProductVersion : 5.13.01.1462
ProductName : NVIDIA Driver Helper Service, Version 14.62
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 14.62
InternalName : NVSVC
LegalCopyright : Copyright © 1998-2001 NVIDIA Corporation
OriginalFilename : nvsvc32.exe
#:15 [regsvc.exe]
ModuleName : C:\WINDOWS\system32\regsvc.exe
Command Line : C:\WINDOWS\system32\regsvc.exe
ProcessID : 796
ThreadCreationTime : 5-3-2005 3:50:47 PM
BasePriority : Normal
FileVersion : 5.00.2195.6701
ProductVersion : 5.00.2195.6701
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Remote Registry Service
InternalName : regsvc
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : REGSVC.EXE
#:16 [mstask.exe]
ModuleName : C:\WINDOWS\system32\MSTask.exe
Command Line : C:\WINDOWS\system32\MSTask.exe
ProcessID : 812
ThreadCreationTime : 5-3-2005 3:50:47 PM
BasePriority : Normal
FileVersion : 4.71.2195.6920
ProductVersion : 4.71.2195.6920
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright © Microsoft Corp. 1997
OriginalFilename : mstask.exe
#:17 [vetmsg.exe]
ModuleName : C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
Command Line : "C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe"
ProcessID : 880
ThreadCreationTime : 5-3-2005 3:50:48 PM
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : vetmsg
CompanyName : Computer Associates International, Inc.
FileDescription : vetmsg
InternalName : vetmsg
LegalCopyright : Copyright © 1989-2003 Computer Associates International, Inc.
OriginalFilename : vetmsg.exe
#:18 [vsmon.exe]
ModuleName : C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Command Line : n/a
ProcessID : 944
ThreadCreationTime : 5-3-2005 3:50:52 PM
BasePriority : Normal
FileVersion : 4.5.585.000
ProductVersion : 4.5.585.000
ProductName : TrueVector Service
CompanyName : Zone Labs Inc.
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2003, Zone Labs Inc.
OriginalFilename : vsmon.exe
#:19 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1048
ThreadCreationTime : 5-3-2005 3:51:01 PM
BasePriority : Normal
FileVersion : 5.00.3700.6690
ProductVersion : 5.00.3700.6690
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : EXPLORER.EXE
#:20 [winmgmt.exe]
ModuleName : C:\WINDOWS\System32\WBEM\WinMgmt.exe
Command Line : C:\WINDOWS\System32\WBEM\WinMgmt.exe
ProcessID : 1060
ThreadCreationTime : 5-3-2005 3:51:02 PM
BasePriority : Normal
FileVersion : 1.50.1085.0100
ProductVersion : 1.50.1085.0100
ProductName : Windows Management Instrumentation
CompanyName : Microsoft Corporation
FileDescription : Windows Management Instrumentation
InternalName : WINMGMT
LegalCopyright : Copyright © Microsoft Corp. 1995-1999
#:21 [mspmspsv.exe]
ModuleName : C:\WINDOWS\System32\MsPMSPSv.exe
Command Line : C:\WINDOWS\System32\MsPMSPSv.exe
ProcessID : 1080
ThreadCreationTime : 5-3-2005 3:51:04 PM
BasePriority : Normal
FileVersion : 7.01.00.3055
ProductVersion : 7.01.00.3055
ProductName : Microsoft ® DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright © Microsoft Corp. 1981-2000
OriginalFilename : MSPMSPSV.EXE
#:22 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k wugroup
ProcessID : 1092
ThreadCreationTime : 5-3-2005 3:51:04 PM
BasePriority : Normal
FileVersion : 5.00.2134.1
ProductVersion : 5.00.2134.1
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : svchost.exe
#:23 [soundman.exe]
ModuleName : C:\WINDOWS\soundman.exe
Command Line : "C:\WINDOWS\soundman.exe"
ProcessID : 1284
ThreadCreationTime : 5-3-2005 3:51:26 PM
BasePriority : Normal
FileVersion : 5, 0, 0, 0
ProductVersion : 5, 0, 0, 0
ProductName : Avance Sound Manager
CompanyName : Avance Logic, Inc.
FileDescription : Avance Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright © 2001 Avance Logic, Inc.
OriginalFilename : ALSMTray.exe
Comments : Avance AC97 Audio Sound Manager
#:24 [anvshell.exe]
ModuleName : C:\WINDOWS\anvshell.exe
Command Line : "C:\WINDOWS\anvshell.exe"
ProcessID : 1340
ThreadCreationTime : 5-3-2005 3:51:29 PM
BasePriority : Normal
FileVersion : 1.00.00
ProductVersion : 1.00.00
ProductName : ASUS nVidia Series Shell
CompanyName : AsusTeK Computer Inc.
FileDescription : ASUS nVidia Series Shell
InternalName : ANVShell
LegalCopyright : Copyright © 2000
OriginalFilename : ANVShell.EXE
#:25 [projselector.exe]
ModuleName : C:\Program Files\Common Files\Roxio Shared\Project Selector\projselector.exe
Command Line : "C:\Program Files\Common Files\Roxio Shared\Project Selector\projselector.exe" -r
ProcessID : 1348
ThreadCreationTime : 5-3-2005 3:51:32 PM
BasePriority : Normal
FileVersion : 6.1.1.7
ProductVersion : 6.1.1.7
ProductName : Easy CD Creator
CompanyName : Roxio
FileDescription : Roxio Project Selector
InternalName : projselector.exe
LegalCopyright : Copyright © 1999-2003 Roxio, Inc.
OriginalFilename : projselector.exe
#:26 [drgtodsc.exe]
ModuleName : C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
Command Line : "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
ProcessID : 1388
ThreadCreationTime : 5-3-2005 3:51:36 PM
BasePriority : Normal
FileVersion : 6.1.1.7
ProductVersion : 6.1.1.7
ProductName : Drag-to-Disc
CompanyName : Roxio
FileDescription : Drag To Disc Application
InternalName : D2D
LegalCopyright : Copyright © 1999-2003 Roxio, Inc.
LegalTrademarks : Copyright © 1999-2003 Roxio, Inc.
OriginalFilename : BurnCtrl.EXE
#:27 [rxmon.exe]
ModuleName : C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
Command Line : "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
ProcessID : 1396
ThreadCreationTime : 5-3-2005 3:51:37 PM
BasePriority : Normal
#:28 [lxsupmon.exe]
ModuleName : C:\WINDOWS\System32\LXSUPMON.EXE
Command Line : "C:\WINDOWS\System32\LXSUPMON.EXE" RUN
ProcessID : 1404
ThreadCreationTime : 5-3-2005 3:51:39 PM
BasePriority : Normal
FileVersion : 2.3.86.1
ProductVersion : 2.3.86.1
ProductName : Lexmark Supplies Monitor
CompanyName : Lexmark International Inc.
FileDescription : Supplies Monitor
InternalName : LXSUPMON
LegalCopyright : Copyright © 2001
OriginalFilename : LXSUPMON.RC
#:29 [ad-watch.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
ProcessID : 1468
ThreadCreationTime : 5-3-2005 3:51:42 PM
BasePriority : Normal
FileVersion : 3.1.2.17
ProductVersion : 3.2
ProductName : Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Watch System Protector
InternalName : Ad-Watch.exe
LegalCopyright : 1999-2004 Team Lavasoft
OriginalFilename : Ad-Watch.exe
#:30 [itouch.exe]
ModuleName : C:\Program Files\Logitech\iTouch\iTouch.exe
Command Line : "C:\Program Files\Logitech\iTouch\iTouch.exe"
ProcessID : 1296
ThreadCreationTime : 5-3-2005 3:51:44 PM
BasePriority : Normal
FileVersion : 2.15.264
ProductVersion : 2.15.264
ProductName : iTouch
CompanyName : Logitech Inc.
FileDescription : iTouch Application
InternalName : iTouch
LegalCopyright : © 1998-2002 Logitech. All rights reserved.
LegalTrademarks : Logitech® and iTouch® are registered trademarks of Logitech Inc.
OriginalFilename : iTouch.exe
Comments : Created by the iTouch team
#:31 [vettray.exe]
ModuleName : C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
Command Line : "C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe"
ProcessID : 1484
ThreadCreationTime : 5-3-2005 3:51:45 PM
BasePriority : Normal
FileVersion : Version 1.0
ProductName : VetTray
CompanyName : Computer Associates International, Inc.
FileDescription : Iconic notifier
InternalName : VetTray
LegalCopyright : Copyright © 1997-2001 Computer Associates International, Inc.
OriginalFilename : VetTray.exe
#:32 [em_exec.exe]
ModuleName : C:\Program Files\Logitech\MouseWare\system\em_exec.exe
Command Line : "C:\Program Files\Logitech\MouseWare\system\em_exec.exe"
ProcessID : 1492
ThreadCreationTime : 5-3-2005 3:51:45 PM
BasePriority : Normal
FileVersion : 9.75.302
ProductVersion : 9.75.302
ProductName : MouseWare
CompanyName : Logitech Inc.
FileDescription : Logitech Events Handler Application
InternalName : Em_Exec
LegalCopyright : © 1987-2002 Logitech. All rights reserved.
LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc.
OriginalFilename : Em_Exec.exe
Comments : Created by the MouseWare team
#:33 [playlist.exe]
ModuleName : C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
Command Line : "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe" -Embedding
ProcessID : 1496
ThreadCreationTime : 5-3-2005 3:51:47 PM
BasePriority : Normal
#:34 [ca.exe]
ModuleName : C:\PROGRA~1\CA\ETRUST~1\ETRUST~2\ca.exe
Command Line : n/a
ProcessID : 1536
ThreadCreationTime : 5-3-2005 3:51:50 PM
BasePriority : Normal
FileVersion : 4.5.585.000
ProductVersion : 4.5.585.000
ProductName : EZ Firewall
CompanyName : Computer Associates
FileDescription : EZ Firewall
InternalName : ca
LegalCopyright : Copyright © 1998-2003, Computer Associates..............
OriginalFilename : ca.exe
#:35 [wzqkpick.exe]
ModuleName : C:\Program Files\WinZip\WZQKPICK.EXE
Command Line : "C:\Program Files\WinZip\WZQKPICK.EXE"
ProcessID : 1540
ThreadCreationTime : 5-3-2005 3:51:53 PM
BasePriority : Normal
FileVersion : 1.0 (32-bit)
ProductVersion : 8.1 (4319)
ProductName : WinZip
CompanyName : WinZip Computing, Inc.
FileDescription : WinZip Executable
InternalName : WZQKPICK.EXE
LegalCopyright : Copyright © WinZip Computing, Inc. 1991-2001 - All Rights Reserved
LegalTrademarks : WinZip is a registered trademark of WinZip Computing, Inc
OriginalFilename : WZQKPICK.EXE
Comments : StringFileInfo: U.S. English
#:36 [iexplore.exe]
ModuleName : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Command Line : "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
ProcessID : 1680
ThreadCreationTime : 5-3-2005 3:53:46 PM
BasePriority : Normal
FileVersion : 6.00.2800.1106
ProductVersion : 6.00.2800.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
#:37 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe"
ProcessID : 1372
ThreadCreationTime : 5-3-2005 4:56:13 PM
BasePriority : Normal
FileVersion : 6.2.0.208
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 16
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Windows Object Recognized!
Type : RegData
Data : explorer.exe c:\windows\nail.exe
Category : Vulnerability
Comment : Shell Possibly Compromised
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows nt\currentversion\winlogon
Value : Shell
Data : explorer.exe c:\windows\nail.exe
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 17
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17
Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17
Deep scanning and examining files (E:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for E:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17
Deep scanning and examining files (F:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for F:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17
Deep scanning and examining files (G:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for G:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 17
1:01:30 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:02:09.786
Objects scanned:54722
Objects identified:1
Objects ignored:0
New critical objects:1