Hi I even send you a new scan I made with Adaware:
Ad-Aware SE Build 1.06r1
Logfile Created on:den 31 augusti 2005 21:18:31
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R64 31.08.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Favoriteman(TAC index:8):4 total references
MRU List(TAC index:0):11 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R63 24.08.2005
Internal build : 73
File location : C:\Program\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 512535 Bytes
Total size : 1543974 Bytes
Signature data size : 1510909 Bytes
Reference data size : 32553 Bytes
Signatures total : 42991
CSI Fingerprints total : 1029
CSI data size : 36589 Bytes
Target categories : 15
Target families : 736
2005-08-31 21:16:52 Performing WebUpdate...
Installing Update...
Definitions File Loaded:
Reference Number : SE1R64 31.08.2005
Internal build : 74
File location : C:\Program\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 515383 Bytes
Total size : 1551653 Bytes
Signature data size : 1518542 Bytes
Reference data size : 32599 Bytes
Signatures total : 43185
CSI Fingerprints total : 1032
CSI data size : 36709 Bytes
Target categories : 15
Target families : 740
2005-08-31 21:17:00 Success
Update successfully downloaded and installed.
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:64 %
Total physical memory:1048096 kb
Available physical memory:662980 kb
Total page file size:2521136 kb
Available on page file:2263212 kb
Total virtual memory:2097024 kb
Available virtual memory:2043000 kb
OS:Microsoft Windows XP Professional Service Pack 2 (Build 2600)
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Write-protect system files after repair (Hosts file, etc.)
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
2005-08-31 21:18:31 - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\Administratör\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1409082233-1604221776-839522115-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-1409082233-1604221776-839522115-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-1409082233-1604221776-839522115-500\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1409082233-1604221776-839522115-500\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1409082233-1604221776-839522115-500\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-1409082233-1604221776-839522115-500\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-1409082233-1604221776-839522115-500\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 564
ThreadCreationTime : 2005-08-31 18:49:07
BasePriority : Normal
#:2 [csrss.exe]
ModuleName : \??\C:\windows\system32\csrss.exe
Command Line : C:\windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 628
ThreadCreationTime : 2005-08-31 18:49:08
BasePriority : Normal
#:3 [winlogon.exe]
ModuleName : \??\C:\windows\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 656
ThreadCreationTime : 2005-08-31 18:49:10
BasePriority : High
#:4 [services.exe]
ModuleName : C:\windows\system32\services.exe
Command Line : C:\windows\system32\services.exe
ProcessID : 700
ThreadCreationTime : 2005-08-31 18:49:10
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Tjänst- och styrenhetsprogram
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : services.exe
#:5 [lsass.exe]
ModuleName : C:\windows\system32\lsass.exe
Command Line : C:\windows\system32\lsass.exe
ProcessID : 712
ThreadCreationTime : 2005-08-31 18:49:10
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [ati2evxx.exe]
ModuleName : C:\windows\system32\Ati2evxx.exe
Command Line : C:\windows\system32\Ati2evxx.exe
ProcessID : 864
ThreadCreationTime : 2005-08-31 18:49:10
BasePriority : Normal
FileVersion : 6.14.10.4118
ProductVersion : 6.14.10.4118.02
ProductName : ATI External Event Utility for WindowsNT and Windows9X
CompanyName : ATI Technologies Inc.
FileDescription : ATI External Event Utility EXE Module
InternalName : ATI2EVXX.EXE
LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
OriginalFilename : ATI2EVXX.EXE
#:7 [svchost.exe]
ModuleName : C:\windows\system32\svchost.exe
Command Line : C:\windows\system32\svchost -k DcomLaunch
ProcessID : 876
ThreadCreationTime : 2005-08-31 18:49:10
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
ModuleName : C:\windows\system32\svchost.exe
Command Line : C:\windows\system32\svchost -k rpcss
ProcessID : 980
ThreadCreationTime : 2005-08-31 18:49:11
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [winstylerthemesvc.exe]
ModuleName : C:\Program\TuneUp Utilities 2004\WinStylerThemeSvc.exe
Command Line : "C:\Program\TuneUp Utilities 2004\WinStylerThemeSvc.exe"
ProcessID : 992
ThreadCreationTime : 2005-08-31 18:49:11
BasePriority : Normal
FileVersion : 1.0.0.78
ProductVersion : 4.0.0.0
ProductName : TuneUp Utilities
CompanyName : TuneUp Software GmbH
FileDescription : TuneUp WinStyler Theme Service
LegalCopyright : © 1996-2003 TuneUp Software GmbH
#:10 [svchost.exe]
ModuleName : C:\windows\System32\svchost.exe
Command Line : C:\windows\System32\svchost.exe -k netsvcs
ProcessID : 1144
ThreadCreationTime : 2005-08-31 18:49:11
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [svchost.exe]
ModuleName : C:\windows\System32\svchost.exe
Command Line : C:\windows\System32\svchost.exe -k NetworkService
ProcessID : 1184
ThreadCreationTime : 2005-08-31 18:49:11
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:12 [svchost.exe]
ModuleName : C:\windows\System32\svchost.exe
Command Line : C:\windows\System32\svchost.exe -k LocalService
ProcessID : 1236
ThreadCreationTime : 2005-08-31 18:49:11
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:13 [ati2evxx.exe]
ModuleName : C:\windows\system32\Ati2evxx.exe
Command Line : Ati2evxx.exe -Client
ProcessID : 1604
ThreadCreationTime : 2005-08-31 18:49:12
BasePriority : Normal
FileVersion : 6.14.10.4118
ProductVersion : 6.14.10.4118.02
ProductName : ATI External Event Utility for WindowsNT and Windows9X
CompanyName : ATI Technologies Inc.
FileDescription : ATI External Event Utility EXE Module
InternalName : ATI2EVXX.EXE
LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
OriginalFilename : ATI2EVXX.EXE
#:14 [spoolsv.exe]
ModuleName : C:\windows\system32\spoolsv.exe
Command Line : C:\windows\system32\spoolsv.exe
ProcessID : 1684
ThreadCreationTime : 2005-08-31 18:49:12
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:15 [explorer.exe]
ModuleName : C:\windows\Explorer.EXE
Command Line : C:\windows\Explorer.EXE
ProcessID : 1700
ThreadCreationTime : 2005-08-31 18:49:12
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Utforskaren
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : EXPLORER.EXE
#:16 [smtray.exe]
ModuleName : C:\Program\Analog Devices\SoundMAX\SMTray.exe
Command Line : "C:\Program\Analog Devices\SoundMAX\SMTray.exe"
ProcessID : 1832
ThreadCreationTime : 2005-08-31 18:49:14
BasePriority : Normal
FileVersion : 3, 2, 17, 0
ProductVersion : 3, 2, 0, 0
ProductName : SoundMAX Integrated Digital Audio
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX System Tray
InternalName : SMTray
LegalCopyright : Copyright © 2003 Analog Devices
OriginalFilename : SMTray.exe
#:17 [atiptaxx.exe]
ModuleName : C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe
Command Line : "C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe"
ProcessID : 1840
ThreadCreationTime : 2005-08-31 18:49:14
BasePriority : Normal
FileVersion : 6.14.10.5160
ProductVersion : 6.14.10.5160
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright © 1998-2005 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe
#:18 [e_s10ic2.exe]
ModuleName : C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
Command Line : "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE" /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
ProcessID : 1848
ThreadCreationTime : 2005-08-31 18:49:14
BasePriority : Normal
FileVersion : 3.05
ProductVersion : 3.05
ProductName : EPSON Status Monitor 3
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Status Monitor 3
InternalName : E_S10IC2
LegalCopyright : Copyright © SEIKO EPSON CORP. 2002
OriginalFilename : E_S10IC2.EXE
#:19 [realsched.exe]
ModuleName : C:\Program\Delade filer\Real\Update_OB\realsched.exe
Command Line : "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
ProcessID : 1856
ThreadCreationTime : 2005-08-31 18:49:14
BasePriority : Normal
FileVersion : 0.1.0.3292
ProductVersion : 0.1.0.3292
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:20 [ashdisp.exe]
ModuleName : C:\Program\ALWILS~1\Avast4\ashDisp.exe
Command Line : "C:\Program\ALWILS~1\Avast4\ashDisp.exe"
ProcessID : 1884
ThreadCreationTime : 2005-08-31 18:49:14
BasePriority : Normal
FileVersion : 4, 6, 665, 0
ProductVersion : 4, 6, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! service GUI component
InternalName : aswDisp
LegalCopyright : Copyright © 2005 ALWIL Software
OriginalFilename : aswDisp.exe
#:21 [ctfmon.exe]
ModuleName : C:\windows\system32\ctfmon.exe
Command Line : "C:\windows\system32\ctfmon.exe"
ProcessID : 1892
ThreadCreationTime : 2005-08-31 18:49:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:22 [skype.exe]
ModuleName : C:\Program\Skype\Phone\Skype.exe
Command Line : "C:\Program\Skype\Phone\Skype.exe" /nosplash /minimized
ProcessID : 2032
ThreadCreationTime : 2005-08-31 18:49:14
BasePriority : Normal
#:23 [eebsvc.exe]
ModuleName : C:\Program\Delade filer\EPSON\EBAPI\eEBSVC.exe
Command Line : "C:\Program\Delade filer\EPSON\EBAPI\eEBSVC.exe"
ProcessID : 504
ThreadCreationTime : 2005-08-31 18:49:21
BasePriority : Normal
#:24 [aswupdsv.exe]
ModuleName : C:\Program\Alwil Software\Avast4\aswUpdSv.exe
Command Line : "C:\Program\Alwil Software\Avast4\aswUpdSv.exe"
ProcessID : 1036
ThreadCreationTime : 2005-08-31 18:49:21
BasePriority : Normal
#:25 [ashserv.exe]
ModuleName : C:\Program\Alwil Software\Avast4\ashServ.exe
Command Line : "C:\Program\Alwil Software\Avast4\ashServ.exe"
ProcessID : 1064
ThreadCreationTime : 2005-08-31 18:49:21
BasePriority : High
FileVersion : 4, 6, 665, 0
ProductVersion : 4, 6, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright © 2005 ALWIL Software
OriginalFilename : aswServ.exe
#:26 [sagent2.exe]
ModuleName : C:\Program\Delade filer\EPSON\EBAPI\SAgent2.exe
Command Line : "C:\Program\Delade filer\EPSON\EBAPI\SAgent2.exe"
ProcessID : 1140
ThreadCreationTime : 2005-08-31 18:49:23
BasePriority : Normal
FileVersion : 2, 2, 0, 0
ProductVersion : 1, 0, 0, 0
ProductName : EPSON Bidirectional Printer
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Printer Status Agent
InternalName : SAgent2
LegalCopyright : Copyright © SEIKO EPSON CORP. 2000-2001
OriginalFilename : SAgent2.exe
#:27 [ewidoctrl.exe]
ModuleName : C:\Program\ewido\security suite\ewidoctrl.exe
Command Line : "C:\Program\ewido\security suite\ewidoctrl.exe"
ProcessID : 1196
ThreadCreationTime : 2005-08-31 18:49:23
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : ewido control
CompanyName : ewido networks
FileDescription : ewido control
InternalName : ewido control
LegalCopyright : Copyright © 2004
OriginalFilename : ewidoctrl.exe
#:28 [svchost.exe]
ModuleName : C:\windows\System32\svchost.exe
Command Line : C:\windows\System32\svchost.exe -k imgsvc
ProcessID : 1400
ThreadCreationTime : 2005-08-31 18:49:24
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:29 [wdfmgr.exe]
ModuleName : C:\WINDOWS\system32\wdfmgr.exe
Command Line : C:\WINDOWS\system32\wdfmgr.exe
ProcessID : 1532
ThreadCreationTime : 2005-08-31 18:49:24
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:30 [ashmaisv.exe]
ModuleName : C:\Program\Alwil Software\Avast4\ashMaiSv.exe
Command Line : "C:\Program\Alwil Software\Avast4\ashMaiSv.exe" /service
ProcessID : 2616
ThreadCreationTime : 2005-08-31 18:49:30
BasePriority : Normal
#:31 [ashwebsv.exe]
ModuleName : C:\Program\Alwil Software\Avast4\ashWebSv.exe
Command Line : "C:\Program\Alwil Software\Avast4\ashWebSv.exe" /service
ProcessID : 2644
ThreadCreationTime : 2005-08-31 18:49:31
BasePriority : Normal
#:32 [alg.exe]
ModuleName : C:\windows\System32\alg.exe
Command Line : C:\windows\System32\alg.exe
ProcessID : 2752
ThreadCreationTime : 2005-08-31 18:49:34
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:33 [ad-aware.exe]
ModuleName : C:\Program\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 1944
ThreadCreationTime : 2005-08-31 19:16:39
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Favoriteman Object Recognized!
Type : File
Data : A0001127.exe
TAC Rating : 8
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{BE06ABAB-2007-4D24-AD58-7D50024D2A32}\RP3\
FileVersion : 6.0.1.4
ProductVersion : 6.0.1.4
ProductName : Setup Factory 6.0 Runtime Module
CompanyName : Indigo Rose Corporation
FileDescription : SUF60Runtime
InternalName : SUF60Runtime
LegalCopyright : Copyright © 2001 - 2002 Indigo Rose Corporation. All Rights Reserved
LegalTrademarks : Setup Factory is a trademark of Indigo Rose Corporation
OriginalFilename : SUF60Runtime.exe
Comments :
http://www.indigorose.com Favoriteman Object Recognized!
Type : File
Data : A0023725.exe
TAC Rating : 8
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{BE06ABAB-2007-4D24-AD58-7D50024D2A32}\RP43\
FileVersion : 6.0.1.4
ProductVersion : 6.0.1.4
ProductName : Setup Factory 6.0 Runtime Module
CompanyName : Indigo Rose Corporation
FileDescription : SUF60Runtime
InternalName : SUF60Runtime
LegalCopyright : Copyright © 2001 - 2002 Indigo Rose Corporation. All Rights Reserved
LegalTrademarks : Setup Factory is a trademark of Indigo Rose Corporation
OriginalFilename : SUF60Runtime.exe
Comments :
http://www.indigorose.com Favoriteman Object Recognized!
Type : File
Data : A0002328.exe
TAC Rating : 8
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{BE06ABAB-2007-4D24-AD58-7D50024D2A32}\RP9\
FileVersion : 6.0.1.4
ProductVersion : 6.0.1.4
ProductName : Setup Factory 6.0 Runtime Module
CompanyName : Indigo Rose Corporation
FileDescription : SUF60Runtime
InternalName : SUF60Runtime
LegalCopyright : Copyright © 2001 - 2002 Indigo Rose Corporation. All Rights Reserved
LegalTrademarks : Setup Factory is a trademark of Indigo Rose Corporation
OriginalFilename : SUF60Runtime.exe
Comments :
http://www.indigorose.com Favoriteman Object Recognized!
Type : File
Data : A0002483.exe
TAC Rating : 8
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{BE06ABAB-2007-4D24-AD58-7D50024D2A32}\RP9\
FileVersion : 6.0.1.4
ProductVersion : 6.0.1.4
ProductName : Setup Factory 6.0 Runtime Module
CompanyName : Indigo Rose Corporation
FileDescription : SUF60Runtime
InternalName : SUF60Runtime
LegalCopyright : Copyright © 2001 - 2002 Indigo Rose Corporation. All Rights Reserved
LegalTrademarks : Setup Factory is a trademark of Indigo Rose Corporation
OriginalFilename : SUF60Runtime.exe
Comments :
http://www.indigorose.comDisk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 15
Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 15
Deep scanning and examining files (E:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for E:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 15
Scanning Hosts file......
Hosts file location:"C:\windows\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
2 entries scanned.
New critical objects:0
Objects found so far: 15
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 15
21:24:17 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:05:46.47
Objects scanned:115812
Objects identified:4
Objects ignored:0
New critical objects:4
Hopefully it will be helpfull =)
I corrected the problems