here's the latest definition.......
Ad-Aware SE Build 1.05
Logfile Created on:May 7, 2005 11:22:44 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
FlashenhancerBHO(TAC index:7):4 total references
Tracking Cookie(TAC index:3):7 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654
07-05-2005 11:21:32 PM Performing WebUpdate...
Installing Update...
07-05-2005 11:21:59 PM Failed
No updates installed.
07-05-2005 11:21:59 PM <RESTORE BCKP>
Definitions File Loaded:
Reference Number : SE1R42 28.04.2005
Internal build : 49
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 466557 Bytes
Total size : 1403889 Bytes
Signature data size : 1373297 Bytes
Reference data size : 30080 Bytes
Signatures total : 39226
Fingerprints total : 836
Fingerprints size : 28245 Bytes
Target categories : 15
Target families : 654
07-05-2005 11:22:01 PM <OK>
07-05-2005 11:22:26 PM Performing WebUpdate...
Installing Update...
Definitions File Loaded:
Reference Number : SE1R43 06.05.2005
Internal build : 50
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 467649 Bytes
Total size : 1414672 Bytes
Signature data size : 1383852 Bytes
Reference data size : 30308 Bytes
Signatures total : 39494
Fingerprints total : 847
Fingerprints size : 28739 Bytes
Target categories : 15
Target families : 663
07-05-2005 11:22:33 PM Success
Update successfully downloaded and installed.
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Non Intel
Memory available:30 %
Total physical memory:261668 kb
Available physical memory:76800 kb
Total page file size:631380 kb
Available on page file:341144 kb
Total virtual memory:2097024 kb
Available virtual memory:2036560 kb
OS:Microsoft Windows XP Professional Service Pack 2 (Build 2600)
Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
07-05-2005 11:22:44 PM - Scan started. (Full System Scan)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 448
ThreadCreationTime : 06-05-2005 11:35:06 PM
BasePriority : Normal
#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 512
ThreadCreationTime : 06-05-2005 11:35:11 PM
BasePriority : Normal
#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 540
ThreadCreationTime : 06-05-2005 11:35:13 PM
BasePriority : High
#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 584
ThreadCreationTime : 06-05-2005 11:35:14 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 596
ThreadCreationTime : 06-05-2005 11:35:14 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch
ProcessID : 864
ThreadCreationTime : 06-05-2005 11:35:17 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 912
ThreadCreationTime : 06-05-2005 11:35:18 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 976
ThreadCreationTime : 06-05-2005 11:35:18 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k LocalService
ProcessID : 1044
ThreadCreationTime : 06-05-2005 11:35:18 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [lexbces.exe]
ModuleName : C:\WINDOWS\system32\LEXBCES.EXE
Command Line : C:\WINDOWS\system32\LEXBCES.EXE
ProcessID : 1228
ThreadCreationTime : 06-05-2005 11:35:19 PM
BasePriority : Normal
FileVersion : 9.30
ProductVersion : 9.30
ProductName : MarkVision for Windows (32 bit)
CompanyName : Lexmark International, Inc.
FileDescription : LexBce Service
InternalName : LexBce Service
LegalCopyright : © 1993 - 2003 Lexmark International, Inc.
OriginalFilename : LexBceS.exe
#:11 [lexpps.exe]
ModuleName : C:\WINDOWS\system32\LEXPPS.EXE
Command Line : LEXPPS.EXE
ProcessID : 1276
ThreadCreationTime : 06-05-2005 11:35:20 PM
BasePriority : Normal
FileVersion : 9.30
ProductVersion : 9.30
ProductName : MarkVision for Windows (32 bit)
CompanyName : Lexmark International, Inc.
FileDescription : LEXPPS.EXE
InternalName : LEXPPS
LegalCopyright : © 1993 - 2003 Lexmark International, Inc.
OriginalFilename : LEXPPS.EXE
Comments : MarkVision for Windows '95 New P2P Server (32-bit)
#:12 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1272
ThreadCreationTime : 06-05-2005 11:35:20 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:13 [sagent2.exe]
ModuleName : C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
Command Line : "C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe"
ProcessID : 1436
ThreadCreationTime : 06-05-2005 11:35:21 PM
BasePriority : Normal
FileVersion : 2, 1, 0, 0
ProductVersion : 1, 0, 0, 0
ProductName : EPSON Bidirectional Printer
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Printer Status Agent
InternalName : SAgent2
LegalCopyright : Copyright © SEIKO EPSON CORP. 2000-2001
OriginalFilename : SAgent2.exe
#:14 [mdm.exe]
ModuleName : C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
Command Line : "C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"
ProcessID : 1508
ThreadCreationTime : 06-05-2005 11:35:21 PM
BasePriority : Normal
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
ProductName : Microsoft Development Environment
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright © Microsoft Corp. 1997-2000
OriginalFilename : mdm.exe
#:15 [pcctlcom.exe]
ModuleName : C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
Command Line : C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
ProcessID : 1540
ThreadCreationTime : 06-05-2005 11:35:21 PM
BasePriority : Normal
FileVersion : 12.10.0.1034
ProductVersion : 12.10.0
ProductName : Trend Micro Internet Security
CompanyName : Trend Micro Incorporated.
FileDescription : PcCtlCom Module
InternalName : PcCtlCom
LegalCopyright : Copyright © 1995-2004 Trend Micro Incorporated. All rights reserved.
LegalTrademarks : Copyright © Trend Micro Incorporated.
OriginalFilename : PcCtlCom.EXE
#:16 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k imgsvc
ProcessID : 1604
ThreadCreationTime : 06-05-2005 11:35:22 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:17 [tmntsrv.exe]
ModuleName : C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
Command Line : C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
ProcessID : 1624
ThreadCreationTime : 06-05-2005 11:35:22 PM
BasePriority : Normal
FileVersion : 12.10.0.1034
ProductVersion : 12.10.0
ProductName : Trend Micro Internet Security
CompanyName : Trend Micro Incorporated.
FileDescription : Tmntsrv
InternalName : Tmntsrv
LegalCopyright : Copyright © 1995-2004 Trend Micro Incorporated. All rights reserved.
LegalTrademarks : Copyright © Trend Micro Incorporated.
OriginalFilename : Tmntsrv.exe
#:18 [tmproxy.exe]
ModuleName : C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
Command Line : C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
ProcessID : 1692
ThreadCreationTime : 06-05-2005 11:35:23 PM
BasePriority : Normal
FileVersion : 1.0.0.1125
ProductVersion : 1.0.0
ProductName : Trend Micro Network Security Components 1.0
CompanyName : Trend Micro Inc.
FileDescription : TmProxy.exe
InternalName : TmProxy.exe
LegalCopyright : Copyright © 2001-2004 Trend Micro Inc. All rights reserved.
LegalTrademarks : Copyright © Trend Micro Inc.
OriginalFilename : TmProxy.exe
#:19 [wdfmgr.exe]
ModuleName : C:\WINDOWS\system32\wdfmgr.exe
Command Line : C:\WINDOWS\system32\wdfmgr.exe
ProcessID : 1812
ThreadCreationTime : 06-05-2005 11:35:26 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:20 [wfxsvc.exe]
ModuleName : C:\WINDOWS\system32\WFXSVC.EXE
Command Line : C:\WINDOWS\system32\WFXSVC.EXE
ProcessID : 1836
ThreadCreationTime : 06-05-2005 11:35:26 PM
BasePriority : Normal
FileVersion : 9.00.98.0727
ProductVersion : 9.00
ProductName : Symantec WinFax PRO
CompanyName : Symantec Corporation
FileDescription : Symantec WinFax PRO NT Service
InternalName : WFXSVC
LegalCopyright : Copyright © Symantec Corporation. 1990-1998
LegalTrademarks : Symantec WinFax PRO ® is a registered trademark of Symantec Corporation
#:21 [tmpfw.exe]
ModuleName : C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
Command Line : C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
ProcessID : 196
ThreadCreationTime : 06-05-2005 11:35:32 PM
BasePriority : Normal
FileVersion : 2.0.0.1125
ProductVersion : 1.0.0
ProductName : Trend Network Security Component 1.0
CompanyName : Trend Micro Inc.
FileDescription : TmPfw
InternalName : TmPfw
LegalCopyright : Copyright © 2001-2004 Trend Micro Inc. All rights reserved.
LegalTrademarks : Copyright © Trend Micro Inc.
OriginalFilename : TmPfw.exe
#:22 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 2384
ThreadCreationTime : 06-05-2005 11:38:54 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:23 [qttask.exe]
ModuleName : C:\Program Files\QuickTime\qttask.exe
Command Line : "C:\Program Files\QuickTime\qttask.exe" -atboottime
ProcessID : 2484
ThreadCreationTime : 06-05-2005 11:38:58 PM
BasePriority : Normal
FileVersion : 6.4
ProductVersion : QuickTime 6.4
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2003
OriginalFilename : QTTask.exe
#:24 [camtray.exe]
ModuleName : C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
Command Line : "C:\Program Files\Creative\Shared Files\CAMTRAY.EXE"
ProcessID : 2536
ThreadCreationTime : 06-05-2005 11:39:00 PM
BasePriority : Normal
FileVersion : 3.2.1.0
ProductVersion : 2.20
ProductName : PC-CAM Center
CompanyName : Creative Technology Ltd
FileDescription : PC-CAM Center Launcher Application
InternalName : PC-CAM Center Launcher Application
LegalCopyright : Copyright © Creative Technology Ltd., 2002. All rights reserved.
OriginalFilename : CamTray.EXE
#:25 [jusched.exe]
ModuleName : C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
Command Line : "C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe"
ProcessID : 2588
ThreadCreationTime : 06-05-2005 11:39:01 PM
BasePriority : Normal
#:26 [lxbrksk.exe]
ModuleName : C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe
Command Line : "C:\PROGRA~1\LEXMAR~1\LXBRKsk.exe"
ProcessID : 2624
ThreadCreationTime : 06-05-2005 11:39:03 PM
BasePriority : Normal
FileVersion : 3.37
ProductVersion : 3.37
LegalCopyright : Copyright © 1999-2003 OnSpec Electronic Inc.
#:27 [lxbrbmgr.exe]
ModuleName : C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
Command Line : "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
ProcessID : 2660
ThreadCreationTime : 06-05-2005 11:39:04 PM
BasePriority : Normal
FileVersion : 0.1.1.1
ProductVersion : 0.1.1.1
ProductName : Button Manager Executable
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark 3100 Series Button Manager
InternalName : lxbrbmgr.exe
LegalCopyright : © 2003 Lexmark International, Inc.
OriginalFilename : lxbrbmgr.exe
#:28 [lxbrbmon.exe]
ModuleName : C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
Command Line : "C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe"
ProcessID : 2732
ThreadCreationTime : 06-05-2005 11:39:08 PM
BasePriority : Normal
FileVersion : 0.1.1.1
ProductVersion : 0.1.1.1
ProductName : Button Monitor Executable
CompanyName : Lexmark International, Inc.
FileDescription : Lexmark 3100 Series Button Monitor
InternalName : lxbrbmon.exe
LegalCopyright : © 2003 Lexmark International, Inc.
OriginalFilename : lxbrbmon.exe
#:29 [lxbrcmon.exe]
ModuleName : C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe
Command Line : "C:\Program Files\Lexmark 3100 Series\lxbrcmon.exe"
ProcessID : 2760
ThreadCreationTime : 06-05-2005 11:39:09 PM
BasePriority : Normal
#:30 [incd.exe]
ModuleName : C:\Program Files\ahead\InCD\InCD.exe
Command Line : "C:\Program Files\ahead\InCD\InCD.exe"
ProcessID : 2776
ThreadCreationTime : 06-05-2005 11:39:10 PM
BasePriority : Normal
FileVersion : 3.20.1
ProductVersion : 3.20.1
ProductName : InCD
CompanyName : Copyright © ahead software gmbh and its licensors
FileDescription : InCD CD-RW UDF Tools
InternalName : InCD
LegalCopyright : Copyright © ahead software gmbh and its licensors
OriginalFilename : InCD.EXE
Comments : CD-RW UDF Tools
#:31 [pccguide.exe]
ModuleName : C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe
Command Line : "C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe"
ProcessID : 2876
ThreadCreationTime : 06-05-2005 11:39:17 PM
BasePriority : Normal
FileVersion : 12.10.0.1014
ProductVersion : 12.10.0
ProductName : Trend Micro Internet Security
CompanyName : Trend Micro Incorporated.
FileDescription : PCCGuide
InternalName : PCCGuide
LegalCopyright : Copyright © 1995-2004 Trend Micro Incorporated. All rights reserved.
LegalTrademarks : Copyright © Trend Micro Incorporated.
OriginalFilename : PCCGuide
#:32 [mwsoemon.exe]
ModuleName : C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
Command Line : "C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe"
ProcessID : 2888
ThreadCreationTime : 06-05-2005 11:39:19 PM
BasePriority : Normal
FileVersion : 1,2,2,2
ProductVersion : 2,0,1,0
ProductName : My Web Search Bar for Internet Explorer, email clients, and messenger clients
CompanyName : MyWebSearch.com
FileDescription : My Web Search Email Plugin
InternalName : mwsoemon
LegalCopyright : Copyright © 2003-2004 MyWebSearch.com
OriginalFilename : mwsoemon.exe
#:33 [ctfmon.exe]
ModuleName : C:\WINDOWS\system32\ctfmon.exe
Command Line : "C:\WINDOWS\system32\ctfmon.exe"
ProcessID : 2900
ThreadCreationTime : 06-05-2005 11:39:19 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:34 [msmsgs.exe]
ModuleName : C:\Program Files\Messenger\msmsgs.exe
Command Line : "C:\Program Files\Messenger\msmsgs.exe" /background
ProcessID : 2996
ThreadCreationTime : 06-05-2005 11:39:25 PM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe
#:35 [wcescomm.exe]
ModuleName : C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
Command Line : "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
ProcessID : 3012
ThreadCreationTime : 06-05-2005 11:39:26 PM
BasePriority : Normal
FileVersion : 3.5.0.12007
ProductVersion : 3.5.12007
ProductName : Microsoft ActiveSync
CompanyName : Microsoft Corporation
FileDescription : Connection Manager
InternalName : wcescomm
LegalCopyright : Copyright © 1995-2001 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.
OriginalFilename : WCESCOMM.EXE
#:36 [shs.exe]
ModuleName : C:\Program Files\Rogers\SelfHealing\SHS.exe
Command Line : "C:\Program Files\Rogers\SelfHealing\SHS.exe" /background
ProcessID : 3020
ThreadCreationTime : 06-05-2005 11:39:27 PM
BasePriority : Normal
FileVersion : 0.06.0004
ProductVersion : 0.06.0004
ProductName : Self Healing Software (SHS)
CompanyName : Rogers Cable
FileDescription : Rogers Hi-Speed Internet Self Healing Software
InternalName : SHS
LegalCopyright : Copyright 2002 Rogers Cable Inc. All Rights Reserved
OriginalFilename : SHS.exe
Comments : Written and Designed by Robert French
#:37 [acrotray.exe]
ModuleName : C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
Command Line : "C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe"
ProcessID : 3188
ThreadCreationTime : 06-05-2005 11:39:39 PM
BasePriority : Normal
FileVersion : 5, 0, 0, 0
ProductVersion : 5, 0, 0, 0
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
LegalCopyright : Copyright © 2001
OriginalFilename : AcroTray.exe
#:38 [wfxctl32.exe]
ModuleName : C:\Program Files\Symantec\WinFax\WFXCTL32.EXE
Command Line : "c:\program files\symantec\winfax\wfxctl32.exe"
ProcessID : 3244
ThreadCreationTime : 06-05-2005 11:39:41 PM
BasePriority : Normal
#:39 [wfxmod32.exe]
ModuleName : C:\Program Files\Symantec\WinFax\WFXMOD32.EXE
Command Line : /0
ProcessID : 3732
ThreadCreationTime : 06-05-2005 11:40:18 PM
BasePriority : High
FileVersion : 9.00.98.0727
ProductVersion : 9.00
ProductName : Symantec WinFax PRO
CompanyName : Symantec Corporation
FileDescription : WinFax Pro Serial Modem Driver.
InternalName : WFXMOD32.EXE
LegalCopyright : Copyright © Symantec Corporation. 1990-1998
LegalTrademarks : Symantec WinFax PRO ® is a registered trademark of Symantec Corporation
Comments : This is the Class1/Class2/SendFax/WorldPort Driver Program
#:40 [realsched.exe]
ModuleName : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -restart
ProcessID : 2196
ThreadCreationTime : 07-05-2005 11:39:04 PM
BasePriority : Normal
FileVersion : 0.1.0.3034
ProductVersion : 0.1.0.3034
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:41 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 3168
ThreadCreationTime : 08-05-2005 3:20:36 AM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
FlashenhancerBHO Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : unawareobj.unawareobj
FlashenhancerBHO Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : unawareobj.unawareobj
Value :
FlashenhancerBHO Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : unawareobj.unawareobj.1
FlashenhancerBHO Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : unawareobj.unawareobj.1
Value :
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 4
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 4
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : denise@realmedia[2].txt
Category : Data Miner
Comment : Hits:14
Value : Cookie:
[email protected]/
Expires : 31-12-2020 8:00:00 PM
LastSync : Hits:14
UseCount : 0
Hits : 14
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : denise@fastclick[2].txt
Category : Data Miner
Comment : Hits:14
Value : Cookie:
[email protected]/
Expires : 26-04-2007 5:21:58 PM
LastSync : Hits:14
UseCount : 0
Hits : 14
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : denise@hitbox[2].txt
Category : Data Miner
Comment : Hits:16
Value : Cookie:
[email protected]/
Expires : 06-05-2006 5:21:04 PM
LastSync : Hits:16
UseCount : 0
Hits : 16
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : denise@tribalfusion[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:
[email protected]/
Expires : 31-12-2037 8:00:00 PM
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][2].txt
Category : Data Miner
Comment : Hits:8
Value : Cookie:
[email protected]/
Expires : 06-05-2006 5:21:04 PM
LastSync : Hits:8
UseCount : 0
Hits : 8
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : denise@casalemedia[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:
[email protected]/
Expires : 27-04-2006 1:44:02 PM
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][1].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:
[email protected]/
Expires : 06-05-2006 6:34:02 PM
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 7
Objects found so far: 11
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
11 entries scanned.
New critical objects:0
Objects found so far: 11
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
11:35:52 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:13:08.281
Objects scanned:119206
Objects identified:11
Objects ignored:0
New critical objects:11