Ad-Aware SE Build 1.06r1 Logfile Created on:2 maja 2007 10:13:24 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R168 30.04.2007 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» AdvertBar(TAC index:5):1 total references MRU List(TAC index:0):38 total references Tracking Cookie(TAC index:3):16 total references Windows(TAC index:3):1 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 2007-05-02 10:13:24 - Scan started. (Full System Scan) MRU List Object Recognized! Location: : C:\Documents and Settings\Bartusiolandia\recent Description : list of recently opened documents MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\ahead\cover designer\recent file list Description : list of recently used files in ahead cover designer MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\clipart gallery\2.0\mrudescription Description : most recently used description in microsoft clipart gallery MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\frontpage\explorer\frontpage explorer\recent file list Description : list of recently used files in microsoft frontpage MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\frontpage\explorer\frontpage explorer\recent page list Description : list of recently used pages in microsoft frontpage MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\frontpage\explorer\frontpage explorer\recent web list Description : list of recently used webs in microsoft frontpage MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\internet explorer\typedurls Description : list of recently entered addresses in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\mediaplayer\medialibraryui Description : last selected node in the microsoft windows media player media library MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\mediaplayer\player\recentfilelist Description : list of recently used files in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\mediaplayer\player\recenturllist Description : list of recently used web addresses in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\mediaplayer\player\settings Description : last save as directory used in jasc paint shop pro MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\mediaplayer\player\settings Description : last open directory used in jasc paint shop pro MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\mediaplayer\preferences Description : last playlist index loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\mediaplayer\preferences Description : last search path used in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\microsoft management console\recent file list Description : list of recent snap-ins used in the microsoft management console MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\office\9.0\powerpoint\recent file list Description : list of recent files used by microsoft powerpoint MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\office\9.0\powerpoint\recent typeface list Description : list of recently used typefaces in microsoft powerpoint MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\office\9.0\powerpoint\recentfolderlist Description : list of recent folders used by microsoft powerpoint MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\search assistant\acmru Description : list of recent search terms used with the search assistant MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\windows\currentversion\applets\paint\recent file list Description : list of files recently opened using microsoft paint MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\windows\currentversion\applets\regedit Description : last key accessed using the microsoft registry editor MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\windows\currentversion\applets\wordpad\recent file list Description : list of recent files opened using wordpad MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\windows\currentversion\explorer\runmru Description : mru list for items opened in start | run MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-527237240-179605362-682003330-1003\software\microsoft\windows media\wmsdk\general Description : windows media sdk Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 512 ThreadCreationTime : 2007-05-02 07:18:40 BasePriority : Normal #:2 [csrss.exe] FilePath : ??\C:\WINDOWS\system32\ ProcessID : 576 ThreadCreationTime : 2007-05-02 07:18:48 BasePriority : Normal #:3 [winlogon.exe] FilePath : ??\C:\WINDOWS\system32\ ProcessID : 600 ThreadCreationTime : 2007-05-02 07:18:49 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 644 ThreadCreationTime : 2007-05-02 07:18:50 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : System operacyjny Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Usługi i aplikacja Kontroler InternalName : services.exe LegalCopyright : © Microsoft Corporation. Wszelkie prawa zastrzeżone. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 656 ThreadCreationTime : 2007-05-02 07:18:50 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [ati2evxx.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 804 ThreadCreationTime : 2007-05-02 07:18:50 BasePriority : Normal #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 816 ThreadCreationTime : 2007-05-02 07:18:50 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [themehelpersvc.exe] FilePath : C:\Program Files\AusLogics Visual Styler\ ProcessID : 880 ThreadCreationTime : 2007-05-02 07:18:51 BasePriority : Normal #:9 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 920 ThreadCreationTime : 2007-05-02 07:18:51 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 956 ThreadCreationTime : 2007-05-02 07:18:51 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [incdsrv.exe] FilePath : C:\Program Files\Ahead\InCD\ ProcessID : 980 ThreadCreationTime : 2007-05-02 07:18:51 BasePriority : Normal FileVersion : 4, 3, 20, 1 ProductVersion : 4, 3, 20, 1 ProductName : Nero AG incdsrv CompanyName : Nero AG FileDescription : incdsrv InternalName : incdsrv LegalCopyright : Copyright 1995-2005 Nero AG and its licensors. All Rights Reserved. LegalTrademarks : InCD is a trademark of Nero AG OriginalFilename : incdsrv.exe #:12 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1172 ThreadCreationTime : 2007-05-02 07:18:52 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:13 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1220 ThreadCreationTime : 2007-05-02 07:18:52 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:14 [aswupdsv.exe] FilePath : C:\Program Files\Alwil Software\Avast4\ ProcessID : 1276 ThreadCreationTime : 2007-05-02 07:18:53 BasePriority : Normal FileVersion : 4, 7, 985, 0 ProductVersion : 4, 7, 0, 0 ProductName : avast! Antivirus CompanyName : ALWIL Software FileDescription : avast! Antivirus updating service InternalName : aswUpdSv.exe LegalCopyright : Copyright © 2007 ALWIL Software OriginalFilename : aswUpdSv.exe #:15 [ashserv.exe] FilePath : C:\Program Files\Alwil Software\Avast4\ ProcessID : 1324 ThreadCreationTime : 2007-05-02 07:18:53 BasePriority : High FileVersion : 4, 7, 985, 0 ProductVersion : 4, 7, 0, 0 ProductName : avast! Antivirus CompanyName : ALWIL Software FileDescription : avast! antivirus service InternalName : aswServ LegalCopyright : Copyright © 2007 ALWIL Software OriginalFilename : aswServ.exe #:16 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1492 ThreadCreationTime : 2007-05-02 07:18:57 BasePriority : Normal FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) ProductVersion : 5.1.2600.2696 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:17 [cisvc.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1604 ThreadCreationTime : 2007-05-02 07:18:57 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Content Index service InternalName : cisvc.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : cisvc.exe #:18 [mwaser.exe] FilePath : C:\Program Files\Common Files\MicroWorld\Agent\ ProcessID : 1676 ThreadCreationTime : 2007-05-02 07:18:59 BasePriority : Normal FileVersion : 4.0.0.0 ProductVersion : 4.0.0.0 ProductName : eScan CompanyName : MicroWorld Technologies Inc. FileDescription : MWAgent Service InternalName : MWASer LegalCopyright : Copyright 2003-2006 OriginalFilename : MWASer.exe #:19 [kauths.exe] FilePath : C:\PROGRA~1\R2D2SO~1\R2D2KE~1\ ProcessID : 1736 ThreadCreationTime : 2007-05-02 07:18:59 BasePriority : High #:20 [mwagent.exe] FilePath : C:\Program Files\Common Files\MicroWorld\Agent\ ProcessID : 1744 ThreadCreationTime : 2007-05-02 07:18:59 BasePriority : Normal FileVersion : 4.0.0.0 ProductVersion : 4.0.0.0 ProductName : eScan CompanyName : MicroWorld Technologies Inc. FileDescription : MicroWorld Agent InternalName : Agent LegalCopyright : Copyright © 2003-2006 OriginalFilename : Agent.exe #:21 [wdfmgr.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1808 ThreadCreationTime : 2007-05-02 07:19:00 BasePriority : Normal FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act) ProductVersion : 5.2.3790.1230 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows User Mode Driver Manager InternalName : WdfMgr LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : WdfMgr.exe #:22 [ashmaisv.exe] FilePath : C:\Program Files\Alwil Software\Avast4\ ProcessID : 1992 ThreadCreationTime : 2007-05-02 07:19:01 BasePriority : Normal #:23 [ashwebsv.exe] FilePath : C:\Program Files\Alwil Software\Avast4\ ProcessID : 2012 ThreadCreationTime : 2007-05-02 07:19:01 BasePriority : Normal #:24 [alg.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 300 ThreadCreationTime : 2007-05-02 07:19:01 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:25 [ati2evxx.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1596 ThreadCreationTime : 2007-05-02 07:19:12 BasePriority : Normal #:26 [wgatray.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2104 ThreadCreationTime : 2007-05-02 07:19:12 BasePriority : Normal FileVersion : 1.5.0540.0 ProductVersion : 1.5.0540.0 ProductName : Windows Genuine Advantage CompanyName : Microsoft Corporation FileDescription : Windows Genuine Advantage Notification InternalName : WgaNotify LegalCopyright : © 1995-2006 Microsoft Corporation OriginalFilename : WgaTray.exe #:27 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 2132 ThreadCreationTime : 2007-05-02 07:19:12 BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : System operacyjny Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Eksplorator Windows InternalName : explorer LegalCopyright : © Microsoft Corporation. Wszelkie prawa zastrzeżone. OriginalFilename : EXPLORER.EXE #:28 [atiptaxx.exe] FilePath : C:\Program Files\ATI Technologies\ATI Control Panel\ ProcessID : 2316 ThreadCreationTime : 2007-05-02 07:19:17 BasePriority : Normal FileVersion : 6.14.10.5120 ProductVersion : 6.14.10.5120 ProductName : ATI Desktop Component CompanyName : ATI Technologies, Inc. FileDescription : ATI Desktop Control Panel InternalName : Atiptaxx.exe LegalCopyright : Copyright © 1998-2004 ATI Technologies Inc. OriginalFilename : Atiptaxx.exe #:29 [g-vga.exe] FilePath : C:\Program Files\GigaByte\VGA Utility Manager\ ProcessID : 2324 ThreadCreationTime : 2007-05-02 07:19:17 BasePriority : Normal FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 ProductName : Menu Application FileDescription : Menu MFC Application InternalName : Menu LegalCopyright : Copyright © 2001 OriginalFilename : Menu.EXE #:30 [pdvdserv.exe] FilePath : C:\Program Files\CyberLink\PowerDVD\ ProcessID : 2332 ThreadCreationTime : 2007-05-02 07:19:17 BasePriority : Normal FileVersion : 5.00.0000 ProductVersion : 5.00.0000 ProductName : PowerDVD CompanyName : Cyberlink Corp. FileDescription : PowerDVD RC Service InternalName : PowerDVD RC Service LegalCopyright : Copyright © CyberLink Corp. 1997-2002 OriginalFilename : PDVDSERV.EXE #:31 [soundman.exe] FilePath : C:\WINDOWS\ ProcessID : 2344 ThreadCreationTime : 2007-05-02 07:19:17 BasePriority : Normal FileVersion : 5.1.0.34 ProductVersion : 5.1.0.34 ProductName : Realtek Sound Manager CompanyName : Realtek Semiconductor Corp. FileDescription : Realtek Sound Manager InternalName : ALSMTray LegalCopyright : Copyright © 2001-2004 Realtek Semiconductor Corp. OriginalFilename : ALSMTray.exe Comments : Realtek AC97 Audio Sound Manager #:32 [ali5289.exe] FilePath : C:\Program Files\ULI5289\ ProcessID : 2356 ThreadCreationTime : 2007-05-02 07:19:17 BasePriority : Normal FileVersion : 6, 0, 0, 2 ProductVersion : 6, 0, 0, 2 ProductName : ALiRAID Application CompanyName : ALi Corporation FileDescription : ALiRAID Application LegalCopyright : Copyright © 2005 #:33 [incd.exe] FilePath : C:\Program Files\Ahead\InCD\ ProcessID : 2372 ThreadCreationTime : 2007-05-02 07:19:17 BasePriority : Normal FileVersion : 4, 3, 20, 1 ProductVersion : 4, 3, 20, 1 ProductName : Nero AG InCD CompanyName : Nero AG FileDescription : InCD InternalName : InCD LegalCopyright : Copyright 1995-2005 Nero AG and its licensors. All Rights Reserved. LegalTrademarks : InCD is a trademark of Nero AG OriginalFilename : InCD.exe #:34 [cnxmon.exe] FilePath : C:\PROGRA~1\NEOSTR~1\ ProcessID : 2380 ThreadCreationTime : 2007-05-02 07:19:17 BasePriority : Normal FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 ProductName : Application CnxMon FileDescription : Application MFC CnxMon InternalName : CnxMon LegalCopyright : Copyright © 2001 OriginalFilename : CnxMon.EXE #:35 [dragdiag.exe] FilePath : C:\Program Files\Thomson\SpeedTouch USB\ ProcessID : 2388 ThreadCreationTime : 2007-05-02 07:19:17 BasePriority : Normal FileVersion : 301.0.0.12 ProductVersion : 301.0.0.12 ProductName : SpeedTouch USB CompanyName : THOMSON Telecom Belgium FileDescription : SpeedTouch Statistics LegalCopyright : Copyright© THOMSON Telecom Belgium 1999-2004 LegalTrademarks : SpeedTouch #:36 [taskbaricon.exe] FilePath : C:\PROGRA~1\NEOSTR~1\ ProcessID : 2404 ThreadCreationTime : 2007-05-02 07:19:18 BasePriority : Normal FileVersion : 5.6 (3) ProductVersion : 5.6 (3) ProductName : Kit de Connexion et de Services CompanyName : France Télécom R&D FileDescription : Gestion de l’icône de la barre des tâches InternalName : TaskBarIcon LegalCopyright : Copyright © France Télécom R&D 1999 - 2003 OriginalFilename : TaskBarIcon.exe #:37 [amoumain.exe] FilePath : C:\PROGRA~1\A4Tech\Mouse\ ProcessID : 2412 ThreadCreationTime : 2007-05-02 07:19:18 BasePriority : Normal FileVersion : 7.64.0.0 ProductVersion : 7.64.0.0 ProductName : A4Tech iWheelWorks Mouse Driver CompanyName : A4Tech Co.,Ltd. FileDescription : Amoumain InternalName : Amoumain LegalCopyright : Copyright © A4Tech Co.,Ltd. 1999-2004 LegalTrademarks : A4Tech is a registered trademark of A4Tech Co.,Ltd. OriginalFilename : Amoumain.exe Comments : A4Tech iWheelWorks Mouse Driver #:38 [issch.exe] FilePath : C:\Program Files\Common Files\InstallShield\UpdateService\ ProcessID : 2452 ThreadCreationTime : 2007-05-02 07:19:18 BasePriority : Normal FileVersion : 4, 10, 100, 25539 ProductVersion : 4, 10 ProductName : InstallShield Update Service CompanyName : InstallShield Software Corporation FileDescription : InstallShield Update Service Scheduler InternalName : Scheduler LegalCopyright : Copyright © 1990-2004 InstallShield Software Corporation OriginalFilename : issch.exe #:39 [winampa.exe] FilePath : C:\Program Files\Winamp\ ProcessID : 2468 ThreadCreationTime : 2007-05-02 07:19:18 BasePriority : Normal #:40 [daemon.exe] FilePath : C:\Program Files\DAEMON Tools\ ProcessID : 2476 ThreadCreationTime : 2007-05-02 07:19:18 BasePriority : Normal #:41 [ashdisp.exe] FilePath : C:\PROGRA~1\ALWILS~1\Avast4\ ProcessID : 2484 ThreadCreationTime : 2007-05-02 07:19:18 BasePriority : Normal FileVersion : 4, 7, 985, 0 ProductVersion : 4, 7, 0, 0 ProductName : avast! Antivirus CompanyName : ALWIL Software FileDescription : avast! service GUI component InternalName : aswDisp LegalCopyright : Copyright © 2007 ALWIL Software OriginalFilename : aswDisp.exe #:42 [qttask.exe] FilePath : C:\Program Files\QuickTime\ ProcessID : 2520 ThreadCreationTime : 2007-05-02 07:19:18 BasePriority : Normal FileVersion : 7.1.3 ProductVersion : QuickTime 7.1.3 ProductName : QuickTime CompanyName : Apple Computer, Inc. FileDescription : QuickTime Task InternalName : QuickTime Task LegalCopyright : Copyright Apple Computer, Inc. 1989-2006 OriginalFilename : QTTask.exe #:43 [ituneshelper.exe] FilePath : C:\Program Files\iTunes\ ProcessID : 2532 ThreadCreationTime : 2007-05-02 07:19:19 BasePriority : Normal FileVersion : 7.0.2.16 ProductVersion : 7.0.2.16 ProductName : iTunes CompanyName : Apple Computer, Inc. FileDescription : iTunesHelper Module InternalName : iTunesHelper LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved. OriginalFilename : iTunesHelper.exe #:44 [kb_2k.exe] FilePath : C:\Program Files\USB Keyboard Driver\ ProcessID : 2580 ThreadCreationTime : 2007-05-02 07:19:19 BasePriority : Normal FileVersion : 1, 0, 0, 1 ProductVersion : 1, 0, 0, 1 ProductName : KbNewBridge Application FileDescription : KbNewBridge MFC Application InternalName : KbNewBridge LegalCopyright : Copyright © 2002 OriginalFilename : KbNewBridge.EXE #:45 [hotkey.exe] FilePath : C:\Program Files\Hotkey\ ProcessID : 2604 ThreadCreationTime : 2007-05-02 07:19:19 BasePriority : Normal FileVersion : 2, 0, 0, 1 ProductVersion : 2, 0, 0, 1 ProductName : Hotkey ??? FileDescription : Hotkey Microsoft ??? InternalName : Hotkey LegalCopyright : ??? © 2004 OriginalFilename : Hotkey.exe #:46 [ctfmon.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2616 ThreadCreationTime : 2007-05-02 07:19:19 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON.EXE #:47 [tlen.exe] FilePath : C:\Program Files\Tlen.pl\ ProcessID : 2672 ThreadCreationTime : 2007-05-02 07:19:21 BasePriority : Normal FileVersion : 5.60.2.29 ProductVersion : 5.60.2.29 ProductName : Komunikator Tlen.pl CompanyName : o2.pl Sp. z o.o. FileDescription : Komunikator Tlen.pl LegalCopyright : © 1999-2006 o2.pl Sp. z o.o. LegalTrademarks : Tlen jest znakiem towarowym prawnie chronionym OriginalFilename : Tlen.exe #:48 [autoconnect.exe] FilePath : C:\AutoConnect\ ProcessID : 2700 ThreadCreationTime : 2007-05-02 07:19:21 BasePriority : Normal FileVersion : 0.1.3.0 ProductVersion : 1.0.0.0 ProductName : AutoConnect CompanyName : http://autoconnect.prv.pl InternalName : AutoConnect LegalCopyright : © 2003-2005 Shider #:49 [yodm3d.exe] FilePath : C:\windowsowyberyl\ ProcessID : 2768 ThreadCreationTime : 2007-05-02 07:19:24 BasePriority : Normal FileVersion : 1.3.2.0 ProductVersion : 1.3.2.0 ProductName : Yod’m 3D CompanyName : Christian SALMON FileDescription : Yod’m 3D - Yet anOther Desktop Manager 3D - Virtual desktop InternalName : Yodm3D.exe LegalCopyright : Freeware, Christian Salmon OriginalFilename : Yodm3D.exe Comments : Freeware #:50 [ipodservice.exe] FilePath : C:\Program Files\iPod\bin\ ProcessID : 2812 ThreadCreationTime : 2007-05-02 07:19:26 BasePriority : Normal FileVersion : 7.0.2.16 ProductVersion : 7.0.2.16 ProductName : iTunes CompanyName : Apple Computer, Inc. FileDescription : iPodService Module InternalName : iPodService LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved. OriginalFilename : iPodService.exe #:51 [kalendarz.exe] FilePath : C:\Program Files\Kalendarz XP\ ProcessID : 2888 ThreadCreationTime : 2007-05-02 07:19:29 BasePriority : Idle #:52 [yzdock.exe] FilePath : C:\YzDock\ ProcessID : 3020 ThreadCreationTime : 2007-05-02 07:19:31 BasePriority : Normal FileVersion : 0, 8, 3, 0 ProductVersion : 0, 8, 3, 0 ProductName : Y’z Dock CompanyName : Y’z@Home InternalName : YzDock LegalCopyright : Copyright © 2002 - 2003 M.Yamaguchi OriginalFilename : YzDock.exe #:53 [yzshadow.exe] FilePath : C:\Documents and Settings\Bartusiolandia\Moje dokumenty\ ProcessID : 3040 ThreadCreationTime : 2007-05-02 07:19:32 BasePriority : Normal FileVersion : 1, 9, 0, 0 ProductVersion : 1, 9, 0, 0 ProductName : Y’z Shadow CompanyName : Y’z@Home FileDescription : Attach drop shadow to windows. InternalName : YzShadow LegalCopyright : Copyright © 2002 M.Yamaguchi OriginalFilename : YzShadow.exe Comments : The enhancement software which adds a shadow effect to the windows. #:54 [soffice.exe] FilePath : C:\Program Files\OpenOffice.org 2.2\program\ ProcessID : 3056 ThreadCreationTime : 2007-05-02 07:19:32 BasePriority : Normal FileVersion : 1.09.9129 ProductVersion : 1.09.9129 CompanyName : OpenOffice.org FileDescription : OpenOffice.org 2.2 InternalName : SOFFICE LegalCopyright : Copyright © 2005 by Sun Microsystems, Inc. OriginalFilename : SOFFICE.EXE #:55 [winamp.exe] FilePath : C:\Program Files\Winamp\ ProcessID : 3072 ThreadCreationTime : 2007-05-02 07:19:33 BasePriority : Normal FileVersion : 5,2,4,703 ProductVersion : 5.2.4.703 ProductName : Winamp CompanyName : Nullsoft FileDescription : Winamp InternalName : WINAMP LegalCopyright : Copyright © 1997-2006, Nullsoft LegalTrademarks : Nullsoft and Winamp are trademarks of Nullsoft, Inc. OriginalFilename : Winamp.exe Comments : Visit http://www.winamp.com/ for updates. #:56 [soffice.bin] FilePath : C:\Program Files\OpenOffice.org 2.2\program\ ProcessID : 3152 ThreadCreationTime : 2007-05-02 07:19:38 BasePriority : Normal FileVersion : 1.09.9129 ProductVersion : 1.09.9129 CompanyName : OpenOffice.org FileDescription : OpenOffice.org 2.2 InternalName : SOFFICE LegalCopyright : Copyright © 2005 by Sun Microsystems, Inc. OriginalFilename : SOFFICE.EXE #:57 [wuauclt.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 3588 ThreadCreationTime : 2007-05-02 07:20:43 BasePriority : Normal FileVersion : 5.8.0.2469 built by: lab01_n(wmbla) ProductVersion : 5.8.0.2469 ProductName : System operacyjny Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Aktualizacje automatyczne InternalName : wuauclt.exe LegalCopyright : © Microsoft Corporation. Wszelkie prawa zastrzeżone. OriginalFilename : wuauclt.exe #:58 [lastfm.exe] FilePath : C:\Program Files\Last.fm\ ProcessID : 3704 ThreadCreationTime : 2007-05-02 07:21:24 BasePriority : Normal #:59 [uwdf.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 3736 ThreadCreationTime : 2007-05-02 07:21:27 BasePriority : Normal FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act) ProductVersion : 5.2.3790.1230 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows User-Mode Driver Framework InternalName : uwdf.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : uwdf.exe #:60 [cidaemon.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 896 ThreadCreationTime : 2007-05-02 07:26:23 BasePriority : Idle FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Indexing Service filter daemon InternalName : cidaemon.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : cidaemon.exe #:61 [opera.exe] FilePath : C:\Program Files\Opera\ ProcessID : 636 ThreadCreationTime : 2007-05-02 07:52:34 BasePriority : Normal FileVersion : 8771 ProductVersion : 9.20 ProductName : Opera Internet Browser CompanyName : Opera Software FileDescription : Opera Internet Browser InternalName : Opera LegalCopyright : Copyright © Opera Software 1995-2007 OriginalFilename : Opera.exe #:62 [msiexec.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 3888 ThreadCreationTime : 2007-05-02 08:08:00 BasePriority : Normal #:63 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\ ProcessID : 1264 ThreadCreationTime : 2007-05-02 08:10:27 BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 38 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» AdvertBar Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Data Miner Comment : Rootkey : HKEY_USERS Object : S-1-5-21-527237240-179605362-682003330-1003\software\adtools, inc. Windows Object Recognized! Type : RegData Data : “regedit.exe” “%1” TAC Rating : 3 Category : Vulnerability Comment : Rootkey : HKEY_CLASSES_ROOT Object : regfile\shell\open\command Value : Data : “regedit.exe” “%1” Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 2 Objects found so far: 40 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 40 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : bartusiolandia@hit.gemius[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:478 Value : Cookie:bartusiolandia@hit.gemius.pl/ Expires : 2012-10-22 09:20:36 LastSync : Hits:478 UseCount : 0 Hits : 478 Tracking Cookie Object Recognized! Type : IECache Entry Data : bartusiolandia@adserver.o2[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:30 Value : Cookie:bartusiolandia@adserver.o2.pl/ Expires : 2009-07-27 01:50:34 LastSync : Hits:30 UseCount : 0 Hits : 30 Tracking Cookie Object Recognized! Type : IECache Entry Data : bartusiolandia@tradedoubler[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:177 Value : Cookie:bartusiolandia@tradedoubler.com/ Expires : 2027-04-21 12:37:10 LastSync : Hits:177 UseCount : 0 Hits : 177 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 3 Objects found so far: 43 Deep scanning and examining files (C:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : kacperkolandia@hit.gemius[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Kacperkolandia\Cookies\kacperkolandia@hit.gemius[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : kacperkolandia@please[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Kacperkolandia\Cookies\kacperkolandia@please[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : kacperkolandia@tradedoubler[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Kacperkolandia\Cookies\kacperkolandia@tradedoubler[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : mama i tata@adserver.o2[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Mama i Tata\Cookies\mama i tata@adserver.o2[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : mama i tata@atdmt[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Mama i Tata\Cookies\mama i tata@atdmt[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : mama i tata@doubleclick[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Mama i Tata\Cookies\mama i tata@doubleclick[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : mama i tata@hit.gemius[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Mama i Tata\Cookies\mama i tata@hit.gemius[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : mama i tata@mediaplex[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Mama i Tata\Cookies\mama i tata@mediaplex[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : mama i tata@microsoftwga.112.2o7[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Mama i Tata\Cookies\mama i tata@microsoftwga.112.2o7[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : mama i tata@msnportal.112.2o7[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Mama i Tata\Cookies\mama i tata@msnportal.112.2o7[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : mama i tata@please[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Mama i Tata\Cookies\mama i tata@please[1].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : mama i tata@statcounter[2].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Mama i Tata\Cookies\mama i tata@statcounter[2].txt Tracking Cookie Object Recognized! Type : IECache Entry Data : mama i tata@tradedoubler[1].txt TAC Rating : 3 Category : Data Miner Comment : Value : C:\Documents and Settings\Mama i Tata\Cookies\mama i tata@tradedoubler[1].txt Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 56 Scanning Hosts file… Hosts file location:“C:\WINDOWS\system32\drivers\etc\hosts”. »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 56 Performing conditional scans… »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 56 10:41:00 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:27:35.937 Objects scanned:308431 Objects identified:18 Objects ignored:0 New critical objects:18