Nick
August 23rd, 2003, 01:27 AM
I just ran the latest ref file for AA6 and 10 reg hits for Hi-wire. I checked over at the Lavasoft forum and saw that someone else posted that they had even more hits from hiwire. One of the mods there answered that the matter is being investigated and to put the results on the ignore list. I can't post there since I don't want to register there, but if anyone would like to look at my scan results and offer any advice, please feel free to do so. I have done nothing with the results, not even put them on the ignore list.
Lavasoft thread about this http://www.lavasoftsupport.com/index.php?s=b0f793df95036cfd15c9206e1ea12 abb&showtopic=10632
My scan log:
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Friday, August 22, 2003 9:28:32 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R21223.08.2003
______________________________________________________
Reffile status:
=========================
Reference file loaded:
Reference Number : 01R21122.08.2003
Internal build : 84
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\reflist.ref
Total size : 528594 Bytes
Signature data size : 518662 Bytes
Reference data size : 9868 Bytes
Signatures total : 11896
Target categories : 10
Target families : 246
8-22-2003 9:28:07 PM Performing Webupdate...
Installing Update...
Reference file loaded:
Reference Number : 01R21223.08.2003
Internal build : 85
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\reflist.ref
Total size : 534252 Bytes
Signature data size : 524184 Bytes
Reference data size : 10004 Bytes
Signatures total : 12055
Target categories : 10
Target families : 249
8-22-2003 9:28:28 PM Success.
Update successfully downlodaded and installed.
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:79 %
Total physical memory:523772 kb
Available physical memory:371512 kb
Total page file size:1573376 kb
Available on page file:1485488 kb
Total virtual memory:2093056 kb
Available virtual memory:2048320 kb
OS:Windows (ME)
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-aware Settings
=========================
Set : Unload recognized processes during scanning
Set : Reanalyze result after scanning, before displaying result list
Set : Include basic Ad-aware settings in logfile
Set : Include additional Ad-aware settings in logfile
Set : Let windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Always back up reference file, before updating
Set : Play sound if scan produced a result
8-22-2003 9:28:32 PM - Scan started. (Smart mode)
Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [kernel32.dll]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4291802357
Threads : 6
Priority : High
FileSize : 524 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1991-2000
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
OriginalFilename : KERNEL32.DLL
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:2 [msgsrv32.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294963733
Threads : 1
Priority : Normal
FileSize : 11 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1992-1998
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
OriginalFilename : MSGSRV32.EXE
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:3 [mmtask.tsk]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294840857
Threads : 1
Priority : Normal
FileSize : 1 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
OriginalFilename : mmtask.tsk
ProductName : Microsoft Windows
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:4 [mprexe.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294843049
Threads : 1
Priority : Normal
FileSize : 28 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1993-2000
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
OriginalFilename : MPREXE.EXE
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:5 [mstask.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294876589
Threads : 2
Priority : Normal
FileSize : 124 KB
FileVersion : 4.71.2721.1
ProductVersion : 4.71.2721.1
Copyright : Copyright (C) Microsoft Corp. 2000
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
OriginalFilename : mstask.exe
ProductName : Microsoft
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:6 [mmkeybd.exe]
FilePath : C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\
ProcessID : 4294872093
Threads : 4
Priority : Normal
FileSize : 576 KB
FileVersion : 3.2.0.7
ProductVersion : 3.2.0.7
Copyright : Copyright
CompanyName : Netropa Corp.
FileDescription : One-touch Multimedia Keyboard
InternalName : MMKEYBD
OriginalFilename : MMKEYBD.EXE
ProductName : One-touch Multimedia Keyboard
Created on : 4/27/2003 7:54:31 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 7/17/2001 11:34:32 AM
#:7 [avgserv9.exe]
FilePath : C:\PROGRAM FILES\GRISOFT\AVG6\
ProcessID : 4294890197
Threads : 2
Priority : Normal
FileSize : 20 KB
FileVersion : 6.0.1.374
ProductVersion : 6.0.1.374
Copyright : Copyright (c) GRISOFT, s.r.o. 1998-2002
CompanyName : GRISOFT, s.r.o
FileDescription : AvgServ - displays notification message
InternalName : AvgServ
OriginalFilename : AvgServ
ProductName : AVG6
Created on : 6/11/2003 10:52:58 PM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/5/2003 1:00:00 PM
#:8 [smc.exe]
FilePath : C:\PROGRAM FILES\SYGATE\SPF\
ProcessID : 4294872445
Threads : 18
Priority : Normal
FileSize : 2088 KB
FileVersion : 5.1.00.1615
ProductVersion : 5.1.00.1615
Copyright : Copyright (C) 1999 - 2003 Sygate Technologies, Inc. All rights reserved.
CompanyName : Sygate Technologies, Inc.
FileDescription : Sygate Agent Firewall
InternalName : Smc
OriginalFilename : Smc.EXE
ProductName : Sygate(R) Security Agent and Personal Firewall
Created on : 6/29/2003 1:40:16 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 3/21/2003 11:32:42 PM
#:9 [keybdmgr.exe]
FilePath : C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\
ProcessID : 4294826897
Threads : 1
Priority : Normal
FileSize : 103 KB
FileVersion : 3.0.0
ProductVersion : 3.0.0
Copyright : Copyright
CompanyName : Netropa Corp.
FileDescription : Keyboard Manager
InternalName : Keyboard Manager
OriginalFilename : KeybdMgr.exe
ProductName : Keyboard Manager
Created on : 4/27/2003 7:54:31 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 3/23/2001 8:56:28 AM
#:10 [osd.exe]
FilePath : C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\
ProcessID : 4294856349
Threads : 1
Priority : Normal
FileSize : 88 KB
FileVersion : 2.02
ProductVersion : 2.02
Copyright : Copyright
CompanyName : Netropa Corp.
FileDescription : Netropa(r) Onscreen Display
InternalName : OSD
OriginalFilename : osd.exe
ProductName : Onscreen Display
Created on : 4/27/2003 7:54:31 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 7/5/2001 5:24:10 PM
#:11 [mmusbkb2.exe]
FilePath : C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\
ProcessID : 4294820677
Threads : 1
Priority : Normal
FileSize : 44 KB
FileVersion : 1.1
ProductVersion : 1.1
Copyright : Copyright
CompanyName : Netropa Corporation
FileDescription : USB Multimedia Keyboard Driver 2
InternalName : mmusbkb2
OriginalFilename : mmusbkb2.exe
ProductName : USB Multimedia Keyboard Driver 2
Created on : 4/27/2003 7:54:31 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/15/1999 6:46:48 PM
#:12 [stmgr.exe]
FilePath : C:\WINDOWS\SYSTEM\RESTORE\
ProcessID : 4294750081
Threads : 4
Priority : Normal
FileSize : 60 KB
FileVersion : 4.90.0.2533
ProductVersion : 4.90.0.2533
Copyright : Copyright (C) Microsoft Corp. 1981-2000
CompanyName : Microsoft Corporation
FileDescription : Microsoft (R) PC State Manager
InternalName : StateMgr.exe
OriginalFilename : StateMgr.exe
ProductName : Microsoft (r) PCHealth
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:13 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294870321
Threads : 10
Priority : Normal
FileSize : 220 KB
FileVersion : 5.50.4134.100
ProductVersion : 5.50.4134.100
Copyright : Copyright (C) Microsoft Corp. 1981-2000
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:14 [hpsysdrv.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294695285
Threads : 1
Priority : Normal
FileSize : 51 KB
FileVersion : 1, 7, 0, 0
ProductVersion : 1, 7, 0, 0
Copyright : Copyright
CompanyName : Hewlett-Packard Company
FileDescription : hpsysdrv
InternalName : hpsysdrv
OriginalFilename : hpsysdrv.exe
ProductName : hpsysdrv
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 5/7/1998 4:04:38 PM
#:15 [systray.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294696541
Threads : 2
Priority : Normal
FileSize : 36 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1993-2000
CompanyName : Microsoft Corporation
FileDescription : System Tray Applet
InternalName : SYSTRAY
OriginalFilename : SYSTRAY.EXE
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:16 [cpbrwtch.exe]
FilePath : C:\PROGRAM FILES\CPAL\
ProcessID : 4294604421
Threads : 1
Priority : Normal
FileSize : 20 KB
FileVersion : 1.7.0.3001
ProductVersion : 1.7.0.0
Copyright : Copyright
CompanyName : Kookaburra Software
FileDescription : CPBrWtch
InternalName : CPBrWtch
OriginalFilename : CPBrWtch.exe
ProductName : Cookie Pal
Created on : 12/6/2002 8:05:37 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 7/24/2002 7:11:16 AM
#:17 [wmiexe.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294606005
Threads : 3
Priority : Normal
FileSize : 16 KB
FileVersion : 4.90.2452.1
ProductVersion : 4.90.2452.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : WMI service exe housing
InternalName : wmiexe
OriginalFilename : wmiexe.exe
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:18 [avgcc32.exe]
FilePath : C:\PROGRAM FILES\GRISOFT\AVG6\
ProcessID : 4294599533
Threads : 1
Priority : Normal
FileSize : 396 KB
FileVersion : 6, 0, 0, 427
ProductVersion : 6, 0, 0, 0
Copyright : Copyright
CompanyName : GRISOFT s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC32
OriginalFilename : AvgCC32.EXE
ProductName : AVG Anti-Virus System
Created on : 6/11/2003 10:52:58 PM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/5/2003 1:00:00 PM
#:19 [startupmonitor.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294621589
Threads : 1
Priority : Normal
FileSize : 84 KB
Created on : 5/21/2000 12:23:48 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 5/21/2000 12:23:48 AM
#:20 [sgmain.exe]
FilePath : C:\PROGRAM FILES\SPYWAREGUARD\
ProcessID : 4294624809
Threads : 1
Priority : Normal
FileSize : 364 KB
FileVersion : 2.01.0001
ProductVersion : 2.01.0001
Copyright : Copyright (C) 2002-2003 Javacool Software LLC
CompanyName : Copyright (C) 2002-2003 Javacool Software LLC
FileDescription : SpywareGuard
InternalName : sgmain
OriginalFilename : sgmain.exe
ProductName : SpywareGuard
Created on : 5/18/2003 1:07:15 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 5/18/2003 1:07:16 AM
#:21 [sgbhp.exe]
FilePath : C:\PROGRAM FILES\SPYWAREGUARD\
ProcessID : 4294700625
Threads : 2
Priority : Normal
FileSize : 300 KB
FileVersion : 2.01
ProductVersion : 2.01
Copyright : Copyright (C) 2002-2003 Javacool Software LLC.
CompanyName : Copyright (C) 2002-2003 Javacool Software LLC.
FileDescription : SG Browser Hijacking Protection
InternalName : sgbhp
OriginalFilename : sgbhp.exe
ProductName : SG Browser Hijacking Protection
Created on : 5/17/2003 2:36:08 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 5/17/2003 2:36:10 AM
#:22 [resman.exe]
FilePath : C:\WINDOWS\DESKTOP\
ProcessID : 4294859101
Threads : 2
Priority : Normal
FileSize : 121 KB
Created on : 5/26/2002 7:41:55 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 9/29/2001 8:47:22 PM
#:23 [ad-aware.exe]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
ProcessID : 4294613313
Threads : 2
Priority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 7/17/2003 5:45:25 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 7/13/2003 5:00:20 AM
Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{28f00b04-dc4e-11d3-abec-005004a44eeb}
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{28f00b20-dc4e-11d3-abec-005004a44eeb}
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{28f00b21-dc4e-11d3-abec-005004a44eeb}
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.configurator
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.configurator.1
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.transportcenter
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.transportcenter.1
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.userregrequest
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.userregrequest.1
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CURRENT_USER
Object : Software\HIWIRE
Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 10
Objects found so far: 10
Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 10
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep scanning and examining files (C
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 10
Reanalyzing scan result
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
No objects have been removed from the result list.
9:29:58 PM Scan complete
Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:01:25:850
Objects scanned :34525
Objects identified :10
Objects ignored :1
New objects :9
Oh yeah, I ran Spybot and it found nothing.
Lavasoft thread about this http://www.lavasoftsupport.com/index.php?s=b0f793df95036cfd15c9206e1ea12 abb&showtopic=10632
My scan log:
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Friday, August 22, 2003 9:28:32 PM
Created with Ad-aware Personal, free for private use.
Using reference-file :01R21223.08.2003
______________________________________________________
Reffile status:
=========================
Reference file loaded:
Reference Number : 01R21122.08.2003
Internal build : 84
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\reflist.ref
Total size : 528594 Bytes
Signature data size : 518662 Bytes
Reference data size : 9868 Bytes
Signatures total : 11896
Target categories : 10
Target families : 246
8-22-2003 9:28:07 PM Performing Webupdate...
Installing Update...
Reference file loaded:
Reference Number : 01R21223.08.2003
Internal build : 85
File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\reflist.ref
Total size : 534252 Bytes
Signature data size : 524184 Bytes
Reference data size : 10004 Bytes
Signatures total : 12055
Target categories : 10
Target families : 249
8-22-2003 9:28:28 PM Success.
Update successfully downlodaded and installed.
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:79 %
Total physical memory:523772 kb
Available physical memory:371512 kb
Total page file size:1573376 kb
Available on page file:1485488 kb
Total virtual memory:2093056 kb
Available virtual memory:2048320 kb
OS:Windows (ME)
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-aware Settings
=========================
Set : Unload recognized processes during scanning
Set : Reanalyze result after scanning, before displaying result list
Set : Include basic Ad-aware settings in logfile
Set : Include additional Ad-aware settings in logfile
Set : Let windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Always back up reference file, before updating
Set : Play sound if scan produced a result
8-22-2003 9:28:32 PM - Scan started. (Smart mode)
Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [kernel32.dll]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4291802357
Threads : 6
Priority : High
FileSize : 524 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1991-2000
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
OriginalFilename : KERNEL32.DLL
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:2 [msgsrv32.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294963733
Threads : 1
Priority : Normal
FileSize : 11 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1992-1998
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
OriginalFilename : MSGSRV32.EXE
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:3 [mmtask.tsk]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294840857
Threads : 1
Priority : Normal
FileSize : 1 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
OriginalFilename : mmtask.tsk
ProductName : Microsoft Windows
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:4 [mprexe.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294843049
Threads : 1
Priority : Normal
FileSize : 28 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1993-2000
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
OriginalFilename : MPREXE.EXE
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:5 [mstask.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294876589
Threads : 2
Priority : Normal
FileSize : 124 KB
FileVersion : 4.71.2721.1
ProductVersion : 4.71.2721.1
Copyright : Copyright (C) Microsoft Corp. 2000
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
OriginalFilename : mstask.exe
ProductName : Microsoft
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:6 [mmkeybd.exe]
FilePath : C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\
ProcessID : 4294872093
Threads : 4
Priority : Normal
FileSize : 576 KB
FileVersion : 3.2.0.7
ProductVersion : 3.2.0.7
Copyright : Copyright
CompanyName : Netropa Corp.
FileDescription : One-touch Multimedia Keyboard
InternalName : MMKEYBD
OriginalFilename : MMKEYBD.EXE
ProductName : One-touch Multimedia Keyboard
Created on : 4/27/2003 7:54:31 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 7/17/2001 11:34:32 AM
#:7 [avgserv9.exe]
FilePath : C:\PROGRAM FILES\GRISOFT\AVG6\
ProcessID : 4294890197
Threads : 2
Priority : Normal
FileSize : 20 KB
FileVersion : 6.0.1.374
ProductVersion : 6.0.1.374
Copyright : Copyright (c) GRISOFT, s.r.o. 1998-2002
CompanyName : GRISOFT, s.r.o
FileDescription : AvgServ - displays notification message
InternalName : AvgServ
OriginalFilename : AvgServ
ProductName : AVG6
Created on : 6/11/2003 10:52:58 PM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/5/2003 1:00:00 PM
#:8 [smc.exe]
FilePath : C:\PROGRAM FILES\SYGATE\SPF\
ProcessID : 4294872445
Threads : 18
Priority : Normal
FileSize : 2088 KB
FileVersion : 5.1.00.1615
ProductVersion : 5.1.00.1615
Copyright : Copyright (C) 1999 - 2003 Sygate Technologies, Inc. All rights reserved.
CompanyName : Sygate Technologies, Inc.
FileDescription : Sygate Agent Firewall
InternalName : Smc
OriginalFilename : Smc.EXE
ProductName : Sygate(R) Security Agent and Personal Firewall
Created on : 6/29/2003 1:40:16 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 3/21/2003 11:32:42 PM
#:9 [keybdmgr.exe]
FilePath : C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\
ProcessID : 4294826897
Threads : 1
Priority : Normal
FileSize : 103 KB
FileVersion : 3.0.0
ProductVersion : 3.0.0
Copyright : Copyright
CompanyName : Netropa Corp.
FileDescription : Keyboard Manager
InternalName : Keyboard Manager
OriginalFilename : KeybdMgr.exe
ProductName : Keyboard Manager
Created on : 4/27/2003 7:54:31 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 3/23/2001 8:56:28 AM
#:10 [osd.exe]
FilePath : C:\PROGRAM FILES\NETROPA\ONSCREEN DISPLAY\
ProcessID : 4294856349
Threads : 1
Priority : Normal
FileSize : 88 KB
FileVersion : 2.02
ProductVersion : 2.02
Copyright : Copyright
CompanyName : Netropa Corp.
FileDescription : Netropa(r) Onscreen Display
InternalName : OSD
OriginalFilename : osd.exe
ProductName : Onscreen Display
Created on : 4/27/2003 7:54:31 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 7/5/2001 5:24:10 PM
#:11 [mmusbkb2.exe]
FilePath : C:\PROGRAM FILES\NETROPA\ONE-TOUCH MULTIMEDIA KEYBOARD\
ProcessID : 4294820677
Threads : 1
Priority : Normal
FileSize : 44 KB
FileVersion : 1.1
ProductVersion : 1.1
Copyright : Copyright
CompanyName : Netropa Corporation
FileDescription : USB Multimedia Keyboard Driver 2
InternalName : mmusbkb2
OriginalFilename : mmusbkb2.exe
ProductName : USB Multimedia Keyboard Driver 2
Created on : 4/27/2003 7:54:31 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/15/1999 6:46:48 PM
#:12 [stmgr.exe]
FilePath : C:\WINDOWS\SYSTEM\RESTORE\
ProcessID : 4294750081
Threads : 4
Priority : Normal
FileSize : 60 KB
FileVersion : 4.90.0.2533
ProductVersion : 4.90.0.2533
Copyright : Copyright (C) Microsoft Corp. 1981-2000
CompanyName : Microsoft Corporation
FileDescription : Microsoft (R) PC State Manager
InternalName : StateMgr.exe
OriginalFilename : StateMgr.exe
ProductName : Microsoft (r) PCHealth
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:13 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294870321
Threads : 10
Priority : Normal
FileSize : 220 KB
FileVersion : 5.50.4134.100
ProductVersion : 5.50.4134.100
Copyright : Copyright (C) Microsoft Corp. 1981-2000
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft(R) Windows (R) 2000 Operating System
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:14 [hpsysdrv.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294695285
Threads : 1
Priority : Normal
FileSize : 51 KB
FileVersion : 1, 7, 0, 0
ProductVersion : 1, 7, 0, 0
Copyright : Copyright
CompanyName : Hewlett-Packard Company
FileDescription : hpsysdrv
InternalName : hpsysdrv
OriginalFilename : hpsysdrv.exe
ProductName : hpsysdrv
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 5/7/1998 4:04:38 PM
#:15 [systray.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294696541
Threads : 2
Priority : Normal
FileSize : 36 KB
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
Copyright : Copyright (C) Microsoft Corp. 1993-2000
CompanyName : Microsoft Corporation
FileDescription : System Tray Applet
InternalName : SYSTRAY
OriginalFilename : SYSTRAY.EXE
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:16 [cpbrwtch.exe]
FilePath : C:\PROGRAM FILES\CPAL\
ProcessID : 4294604421
Threads : 1
Priority : Normal
FileSize : 20 KB
FileVersion : 1.7.0.3001
ProductVersion : 1.7.0.0
Copyright : Copyright
CompanyName : Kookaburra Software
FileDescription : CPBrWtch
InternalName : CPBrWtch
OriginalFilename : CPBrWtch.exe
ProductName : Cookie Pal
Created on : 12/6/2002 8:05:37 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 7/24/2002 7:11:16 AM
#:17 [wmiexe.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294606005
Threads : 3
Priority : Normal
FileSize : 16 KB
FileVersion : 4.90.2452.1
ProductVersion : 4.90.2452.1
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : WMI service exe housing
InternalName : wmiexe
OriginalFilename : wmiexe.exe
ProductName : Microsoft(R) Windows(R) Millennium Operating System
Created on : 1/1/1601
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/9/2000
#:18 [avgcc32.exe]
FilePath : C:\PROGRAM FILES\GRISOFT\AVG6\
ProcessID : 4294599533
Threads : 1
Priority : Normal
FileSize : 396 KB
FileVersion : 6, 0, 0, 427
ProductVersion : 6, 0, 0, 0
Copyright : Copyright
CompanyName : GRISOFT s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC32
OriginalFilename : AvgCC32.EXE
ProductName : AVG Anti-Virus System
Created on : 6/11/2003 10:52:58 PM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 6/5/2003 1:00:00 PM
#:19 [startupmonitor.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294621589
Threads : 1
Priority : Normal
FileSize : 84 KB
Created on : 5/21/2000 12:23:48 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 5/21/2000 12:23:48 AM
#:20 [sgmain.exe]
FilePath : C:\PROGRAM FILES\SPYWAREGUARD\
ProcessID : 4294624809
Threads : 1
Priority : Normal
FileSize : 364 KB
FileVersion : 2.01.0001
ProductVersion : 2.01.0001
Copyright : Copyright (C) 2002-2003 Javacool Software LLC
CompanyName : Copyright (C) 2002-2003 Javacool Software LLC
FileDescription : SpywareGuard
InternalName : sgmain
OriginalFilename : sgmain.exe
ProductName : SpywareGuard
Created on : 5/18/2003 1:07:15 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 5/18/2003 1:07:16 AM
#:21 [sgbhp.exe]
FilePath : C:\PROGRAM FILES\SPYWAREGUARD\
ProcessID : 4294700625
Threads : 2
Priority : Normal
FileSize : 300 KB
FileVersion : 2.01
ProductVersion : 2.01
Copyright : Copyright (C) 2002-2003 Javacool Software LLC.
CompanyName : Copyright (C) 2002-2003 Javacool Software LLC.
FileDescription : SG Browser Hijacking Protection
InternalName : sgbhp
OriginalFilename : sgbhp.exe
ProductName : SG Browser Hijacking Protection
Created on : 5/17/2003 2:36:08 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 5/17/2003 2:36:10 AM
#:22 [resman.exe]
FilePath : C:\WINDOWS\DESKTOP\
ProcessID : 4294859101
Threads : 2
Priority : Normal
FileSize : 121 KB
Created on : 5/26/2002 7:41:55 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 9/29/2001 8:47:22 PM
#:23 [ad-aware.exe]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
ProcessID : 4294613313
Threads : 2
Priority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 7/17/2003 5:45:25 AM
Last accessed : 8/22/2003 7:00:00 AM
Last modified : 7/13/2003 5:00:20 AM
Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{28f00b04-dc4e-11d3-abec-005004a44eeb}
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{28f00b20-dc4e-11d3-abec-005004a44eeb}
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : CLSID\{28f00b21-dc4e-11d3-abec-005004a44eeb}
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.configurator
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.configurator.1
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.transportcenter
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.transportcenter.1
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.userregrequest
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : hiwire.userregrequest.1
Hi-Wire Object recognized!
Type : RegKey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CURRENT_USER
Object : Software\HIWIRE
Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 10
Objects found so far: 10
Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 10
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep scanning and examining files (C
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 10
Reanalyzing scan result
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
No objects have been removed from the result list.
9:29:58 PM Scan complete
Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:01:25:850
Objects scanned :34525
Objects identified :10
Objects ignored :1
New objects :9
Oh yeah, I ran Spybot and it found nothing.