Logfile Created on:Monday, May 23, 2005 3:38:04 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R46 17.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
ClickSpring(TAC index:6):1 total references
EzuLa(TAC index:6):2 total references
IBIS Toolbar(TAC index:5):7 total references
ImIServer IEPlugin(TAC index:5):3 total references
MRU List(TAC index:0):23 total references
SahAgent(TAC index:9):5 total references
VX2(TAC index:10):17 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
5-23-2005 3:38:04 PM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\Swizzlestix\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\Swizzlestix\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\office\11.0\common\open find\microsoft office word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\office\11.0\powerpoint\recent file list
Description : list of recent files used by microsoft powerpoint
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\office\11.0\publisher\recent file list
Description : list of recent files used by microsoft publisher
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-854245398-2111687655-839522115-1003\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 580
ThreadCreationTime : 5-23-2005 6:44:01 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 644
ThreadCreationTime : 5-23-2005 6:44:02 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 676
ThreadCreationTime : 5-23-2005 6:44:06 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 720
ThreadCreationTime : 5-23-2005 6:44:06 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 732
ThreadCreationTime : 5-23-2005 6:44:06 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [ati2evxx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 884
ThreadCreationTime : 5-23-2005 6:44:06 PM
BasePriority : Normal
FileVersion : 6.14.10.4113
ProductVersion : 6.14.10.4113
ProductName : ATI External Event Utility for WindowsNT and Windows9X
CompanyName : ATI Technologies Inc.
FileDescription : ATI External Event Utility EXE Module
InternalName : ATI2EVXX.EXE
LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
OriginalFilename : ATI2EVXX.EXE
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 900
ThreadCreationTime : 5-23-2005 6:44:06 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 988
ThreadCreationTime : 5-23-2005 6:44:06 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1088
ThreadCreationTime : 5-23-2005 6:44:06 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1148
ThreadCreationTime : 5-23-2005 6:44:06 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1244
ThreadCreationTime : 5-23-2005 6:44:06 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:12 [ccsetmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1600
ThreadCreationTime : 5-23-2005 6:44:07 PM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe
#:13 [sndsrvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1648
ThreadCreationTime : 5-23-2005 6:44:07 PM
BasePriority : Normal
FileVersion : 5.5.1.6
ProductVersion : 5.5
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe
#:14 [spbbcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\SPBBC\
ProcessID : 1672
ThreadCreationTime : 5-23-2005 6:44:07 PM
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe
#:15 [ccevtmgr.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 1712
ThreadCreationTime : 5-23-2005 6:44:07 PM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:16 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1884
ThreadCreationTime : 5-23-2005 6:44:08 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:17 [ewidoctrl.exe]
FilePath : C:\Program Files\ewido\security suite\
ProcessID : 2008
ThreadCreationTime : 5-23-2005 6:44:08 PM
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : ewido control
CompanyName : ewido networks
FileDescription : ewido control
InternalName : ewido control
LegalCopyright : Copyright © 2004
OriginalFilename : ewidoctrl.exe
#:18 [navapsvc.exe]
FilePath : C:\Program Files\Norton AntiVirus\
ProcessID : 208
ThreadCreationTime : 5-23-2005 6:44:09 PM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:19 [npfmntor.exe]
FilePath : C:\Program Files\Norton AntiVirus\IWP\
ProcessID : 248
ThreadCreationTime : 5-23-2005 6:44:09 PM
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE
#:20 [symlcsvc.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\CCPD-LC\
ProcessID : 640
ThreadCreationTime : 5-23-2005 6:44:11 PM
BasePriority : Normal
FileVersion : 1, 8, 54, 534
ProductVersion : 1, 8, 54, 534
ProductName : Symantec Core Component
CompanyName : Symantec Corporation
FileDescription : Symantec Core Component
InternalName : symlcsvc
LegalCopyright : Copyright © 2003
OriginalFilename : symlcsvc.exe
#:21 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 916
ThreadCreationTime : 5-23-2005 6:44:12 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:22 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2120
ThreadCreationTime : 5-23-2005 6:44:17 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:23 [ati2evxx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3044
ThreadCreationTime : 5-23-2005 7:26:57 PM
BasePriority : Normal
FileVersion : 6.14.10.4113
ProductVersion : 6.14.10.4113
ProductName : ATI External Event Utility for WindowsNT and Windows9X
CompanyName : ATI Technologies Inc.
FileDescription : ATI External Event Utility EXE Module
InternalName : ATI2EVXX.EXE
LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
OriginalFilename : ATI2EVXX.EXE
#:24 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2460
ThreadCreationTime : 5-23-2005 7:26:58 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:25 [cli.exe]
FilePath : C:\Program Files\ATI Technologies\ATI.ACE\
ProcessID : 2448
ThreadCreationTime : 5-23-2005 7:26:59 PM
BasePriority : Normal
#:26 [ccapp.exe]
FilePath : C:\Program Files\Common Files\Symantec Shared\
ProcessID : 3604
ThreadCreationTime : 5-23-2005 7:26:59 PM
BasePriority : Normal
FileVersion : 103.0.4.3
ProductVersion : 103.0.4.3
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:27 [em_exec.exe]
FilePath : C:\Program Files\Logitech\MouseWare\system\
ProcessID : 656
ThreadCreationTime : 5-23-2005 7:26:59 PM
BasePriority : Normal
FileVersion : 9.80.019
ProductVersion : 9.80.019
ProductName : MouseWare
CompanyName : Logitech Inc.
FileDescription : Logitech Events Handler Application
InternalName : Em_Exec
LegalCopyright : © 1987-2004 Logitech. All rights reserved.
LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc.
OriginalFilename : Em_Exec.exe
Comments : Created by the MouseWare team
#:28 [hpcmpmgr.exe]
FilePath : C:\Program Files\HP\hpcoretech\
ProcessID : 1612
ThreadCreationTime : 5-23-2005 7:26:59 PM
BasePriority : Normal
FileVersion : 2.1.1.0
ProductVersion : 2.1.4
ProductName : hp coretech (COmponent REuse TECHnology)
CompanyName : Hewlett-Packard Company
FileDescription : HP Framework Component Manager Service
InternalName : HPComponentManagerService module
LegalCopyright : Copyright © Hewlett-Packard. 2002-2003
OriginalFilename : HpCmpMgr.exe
#:29 [hpztsb10.exe]
FilePath : C:\WINDOWS\system32\spool\drivers\w32x86\3\
ProcessID : 3200
ThreadCreationTime : 5-23-2005 7:26:59 PM
BasePriority : Normal
FileVersion : 2.323.0.0
ProductVersion : 2.323.0.0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright © Hewlett-Packard Company 1999-2004
#:30 [hpwuschd2.exe]
FilePath : C:\Program Files\Hewlett-Packard\HP Software Update\
ProcessID : 3760
ThreadCreationTime : 5-23-2005 7:26:59 PM
BasePriority : Normal
FileVersion : 3, 0, 38, 1
ProductVersion : 3, 0, 38, 1
ProductName : HP Software Update Application
CompanyName : Hewlett-Packard Company
FileDescription : hpwuSchd
InternalName : hpwuSchd
LegalCopyright : Copyright © 2003
OriginalFilename : hpwuSchd.exe
#:31 [cli.exe]
FilePath : C:\Program Files\ATI Technologies\ATI.ACE\
ProcessID : 2780
ThreadCreationTime : 5-23-2005 7:26:59 PM
BasePriority : Normal
#:32 [ventrilo.exe]
FilePath : C:\Program Files\Ventrilo\
ProcessID : 3168
ThreadCreationTime : 5-23-2005 7:27:18 PM
BasePriority : Normal
FileVersion : 2, 2, 0, 0
ProductVersion : 2, 2, 0, 0
ProductName : Ventrilo Application
FileDescription : Ventrilo by Flagship Industries, Inc.
InternalName : Ventrilo
LegalCopyright : Copyright © 1999-2004 Flagship Industries, Inc.
LegalTrademarks : Ventrilo
OriginalFilename : Ventrilo.EXE
#:33 [mirc.exe]
FilePath : C:\Program Files\mIRC\
ProcessID : 2020
ThreadCreationTime : 5-23-2005 7:27:36 PM
BasePriority : Normal
FileVersion : 6.16
ProductVersion : 6.16
ProductName : mIRC
CompanyName : mIRC Co. Ltd.
FileDescription : mIRC
InternalName : mIRC
LegalCopyright : Copyright © 1995-2004 mIRC Co. Ltd.
LegalTrademarks : mIRC® is a Registered Trademark of mIRC Co. Ltd.
OriginalFilename : mirc.exe
#:34 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 2644
ThreadCreationTime : 5-23-2005 7:36:57 PM
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright © Microsoft Corporation 2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe
#:35 [firefox.exe]
FilePath : C:\Program Files\Mozilla Firefox\
ProcessID : 384
ThreadCreationTime : 5-23-2005 7:37:18 PM
BasePriority : Normal
#:36 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2080
ThreadCreationTime : 5-23-2005 7:37:54 PM
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
IBIS Toolbar Object Recognized!
Type : File
Data : A0080231.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP152\
IBIS Toolbar Object Recognized!
Type : File
Data : A0080233.cfg
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP152\
IBIS Toolbar Object Recognized!
Type : File
Data : A0080242.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP152\
IBIS Toolbar Object Recognized!
Type : File
Data : A0080248.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP152\
VX2 Object Recognized!
Type : File
Data : A0080249.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP152\
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.
VX2 Object Recognized!
Type : File
Data : A0080250.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP152\
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.
EzuLa Object Recognized!
Type : File
Data : A0080258.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP152\
ClickSpring Object Recognized!
Type : File
Data : A0080262.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP152\
VX2 Object Recognized!
Type : File
Data : A0080703.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP155\
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.
VX2 Object Recognized!
Type : File
Data : A0080714.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP155\
FileVersion : 1, 0, 0, 5
ProductVersion : 1, 0, 0, 0
ProductName : DrPMon PrintMonitor
CompanyName : Direct Revenue
FileDescription : DrPMon PrintMonitor
InternalName : DrPMon
LegalCopyright : Copyright © 2005
OriginalFilename : DrPMon.dll
VX2 Object Recognized!
Type : File
Data : A0080732.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP155\
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.
VX2 Object Recognized!
Type : File
Data : A0080733.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP155\
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.
VX2 Object Recognized!
Type : File
Data : A0080762.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP155\
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.
VX2 Object Recognized!
Type : File
Data : A0080770.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP155\
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.
VX2 Object Recognized!
Type : File
Data : A0080919.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP156\
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.
VX2 Object Recognized!
Type : File
Data : A0080925.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP156\
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.
VX2 Object Recognized!
Type : File
Data : A0080939.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP157\
FileVersion : 0, 4, 1, 3
ProductVersion : 0, 4, 1, 3
CompanyName : FarmMext
FileDescription : www.farmmext.com
LegalCopyright : Copyright © 2002
VX2 Object Recognized!
Type : File
Data : A0080940.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP157\
FileVersion : 1, 0, 0, 5
ProductVersion : 1, 0, 0, 0
ProductName : DrPMon PrintMonitor
CompanyName : Direct Revenue
FileDescription : DrPMon PrintMonitor
InternalName : DrPMon
LegalCopyright : Copyright © 2005
OriginalFilename : DrPMon.dll
ImIServer IEPlugin Object Recognized!
Type : File
Data : A0080941.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP157\
FileVersion : 1, 0, 8, 1
ProductVersion : 1, 0, 8, 1
ProductName : wbho Module
FileDescription : wbho Module
InternalName : wbho
LegalCopyright : Copyright 2004
OriginalFilename : wbho.DLL
ImIServer IEPlugin Object Recognized!
Type : File
Data : A0080942.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP157\
VX2 Object Recognized!
Type : File
Data : A0080958.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP158\
FileVersion : 1, 0, 0, 12
ProductVersion : 1, 0, 0, 12
ProductName : Install Utility
CompanyName : BetterInternet, Inc.
FileDescription : www.abetterinternet.com - Utility for downloading files and upgrading software.
InternalName : Install Utility
LegalCopyright : BetterInternet, Inc. © 2004
OriginalFilename : InstUtil.exe
Comments : Utility for downloading files and upgrading software. Visit www.abetterinternet.com for more info.
VX2 Object Recognized!
Type : File
Data : A0080959.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP158\
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.
VX2 Object Recognized!
Type : File
Data : A0080970.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP158\
FileVersion : 1, 0, 0, 5
ProductVersion : 1, 0, 0, 0
ProductName : DrPMon PrintMonitor
CompanyName : Direct Revenue
FileDescription : DrPMon PrintMonitor
InternalName : DrPMon
LegalCopyright : Copyright © 2005
OriginalFilename : DrPMon.dll
VX2 Object Recognized!
Type : File
Data : A0080979.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP158\
FileVersion : 1, 0, 7, 1
ProductVersion : 0, 0, 7, 0
ProductName : TODO: <Product name>
CompanyName : TODO: <Company name>
FileDescription : TODO: <File description>
LegalCopyright : TODO: © <Company name>. All rights reserved.
VX2 Object Recognized!
Type : File
Data : A0080990.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP158\
FileVersion : 1, 0, 0, 5
ProductVersion : 1, 0, 0, 0
ProductName : DrPMon PrintMonitor
CompanyName : Direct Revenue
FileDescription : DrPMon PrintMonitor
InternalName : DrPMon
LegalCopyright : Copyright © 2005
OriginalFilename : DrPMon.dll
ImIServer IEPlugin Object Recognized!
Type : File
Data : A0081073.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP158\
FileVersion : 5.0.2001.10043
ProductVersion : 2001, 0, 0, 0
ProductName : MimarSinan Emissary, MimarSinan Charm Family
CompanyName : Mimar Sinan International
FileDescription : Emissary
InternalName : autonomy
LegalCopyright : Copyright © 1992-2000 Mimar Sinan International. All rights reserved.
OriginalFilename : autonomy.exe
SahAgent Object Recognized!
Type : File
Data : A0041048.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP91\
FileVersion : 3, 0, 0, 3
ProductVersion : 3, 0, 0, 3
IBIS Toolbar Object Recognized!
Type : File
Data : A0041073.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP91\
SahAgent Object Recognized!
Type : File
Data : A0041912.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP93\
FileVersion : 4, 0, 0, 4
ProductVersion : 4, 0, 0, 4
SahAgent Object Recognized!
Type : File
Data : A0041913.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP93\
FileVersion : 4, 0, 0, 2
ProductVersion : 4, 0, 0, 2
SahAgent Object Recognized!
Type : File
Data : A0041914.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{7AB868DF-13A2-4967-B557-53BAC8C364A1}\RP93\
FileVersion : 4, 0, 0, 4
ProductVersion : 4, 0, 0, 4
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 54
Deep scanning and examining files (H:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for H:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 54
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 54
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
IBIS Toolbar Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\currentcontrolset\enum\root\legacy_wintoolssvc
IBIS Toolbar Object Recognized!
Type : RegValue
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer
Value : ServerProc
EzuLa Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\downloadmanager
SahAgent Object Recognized!
Type : File
Data : ap9h4qmo.ini
Category : Data Miner
Comment :
Object : C:\WINDOWS\system32\
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 58
3:50:25 PM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:12:21.0
Objects scanned:125332
Objects identified:35
Objects ignored:0
New critical objects:35