Ad-Aware SE Build 1.06r1 Logfile Created on:Monday, June 06, 2005 9:23:59 PM Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R49 31.05.2005 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» None »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Definition File: ========================= Definitions File Loaded: Reference Number : SE1R49 31.05.2005 Internal build : 57 File location : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\defs.ref File size : 481469 Bytes Total size : 1455496 Bytes Signature data size : 1423833 Bytes Reference data size : 31151 Bytes Signatures total : 40572 CSI Fingerprints total : 902 CSI data size : 31096 Bytes Target categories : 15 Target families : 692 Memory + processor status: ========================== Number of processors : 1 Processor architecture : Intel Pentium Memory available:32 % Total physical memory:130588 kb Available physical memory:28444 kb Total page file size:1966560 kb Available on page file:1861960 kb Total virtual memory:2093056 kb Available virtual memory:2046080 kb OS:Microsoft Windows 98 SE Ad-Aware SE Settings =========================== Set : Search for low-risk threats Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Obtain command line of scanned processes Set : Scan registry for all users instead of current user only Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Play sound at scan completion if scan locates critical objects 06-06-2005 9:23:59 PM - Scan started. (Full System Scan) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [KERNEL32.DLL] ModuleName : C:\WINDOWS\SYSTEM\KERNEL32.DLL Command Line : n/a ProcessID : 4279226385 Threads : 5 Priority : High FileVersion : 4.10.2222 ProductVersion : 4.10.2222 ProductName : Microsoft(R) Windows(R) Operating System CompanyName : Microsoft Corporation FileDescription : Win32 Kernel core component InternalName : KERNEL32 LegalCopyright : Copyright (C) Microsoft Corp. 1991-1999 OriginalFilename : KERNEL32.DLL #:2 [MSGSRV32.EXE] ModuleName : C:\WINDOWS\SYSTEM\MSGSRV32.EXE Command Line : n/a ProcessID : 4294847781 Threads : 1 Priority : Normal FileVersion : 4.10.2222 ProductVersion : 4.10.2222 ProductName : Microsoft(R) Windows(R) Operating System CompanyName : Microsoft Corporation FileDescription : Windows 32-bit VxD Message Server InternalName : MSGSRV32 LegalCopyright : Copyright (C) Microsoft Corp. 1992-1998 OriginalFilename : MSGSRV32.EXE #:3 [MPREXE.EXE] ModuleName : C:\WINDOWS\SYSTEM\MPREXE.EXE Command Line : C:\WINDOWS\SYSTEM\MPREXE.EXE ProcessID : 4294843349 Threads : 1 Priority : Normal FileVersion : 4.10.1998 ProductVersion : 4.10.1998 ProductName : Microsoft(R) Windows(R) Operating System CompanyName : Microsoft Corporation FileDescription : WIN32 Network Interface Service Process InternalName : MPREXE LegalCopyright : Copyright (C) Microsoft Corp. 1993-1998 OriginalFilename : MPREXE.EXE #:4 [mmtask.tsk] ModuleName : C:\WINDOWS\SYSTEM\mmtask.tsk Command Line : n/a ProcessID : 4294868133 Threads : 1 Priority : Normal FileVersion : 4.03.1998 ProductVersion : 4.03.1998 ProductName : Microsoft Windows CompanyName : Microsoft Corporation FileDescription : Multimedia background task support module InternalName : mmtask.tsk LegalCopyright : Copyright © Microsoft Corp. 1991-1998 OriginalFilename : mmtask.tsk #:5 [SSDPSRV.EXE] ModuleName : C:\WINDOWS\SYSTEM\SSDPSRV.EXE Command Line : C:\WINDOWS\SYSTEM\ssdpsrv.exe ProcessID : 4294879537 Threads : 6 Priority : Normal FileVersion : 4.90.3003.0 ProductVersion : 4.90.3003.0 ProductName : Microsoft(R) Windows(R) Millennium Operating System CompanyName : Microsoft Corporation FileDescription : SSDP Service on Windows Millennium InternalName : ssdpsrv.exe LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000 OriginalFilename : ssdpsrv.exe #:6 [WINST.EXE] ModuleName : C:\WINDOWS\SYSTEM\WINST.EXE Command Line : C:\WINDOWS\SYSTEM\WINST.EXE ProcessID : 4294877149 Threads : 1 Priority : Normal FileVersion : 1,0,0,0 ProductVersion : 1, 0, 0, 5 ProductName : Installer FileDescription : Installer InternalName : Installer LegalCopyright : Copyright © 2004 OriginalFilename : Installer Comments : Installer #:7 [EXPLORER.EXE] ModuleName : C:\WINDOWS\EXPLORER.EXE Command Line : C:\WINDOWS\Explorer.exe ProcessID : 4294890949 Threads : 17 Priority : Normal FileVersion : 4.72.3110.1 ProductVersion : 4.72.3110.1 ProductName : Microsoft(R) Windows NT(R) Operating System CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : Copyright (C) Microsoft Corp. 1981-1997 OriginalFilename : EXPLORER.EXE #:8 [TASKMON.EXE] ModuleName : C:\WINDOWS\TASKMON.EXE Command Line : "C:\WINDOWS\taskmon.exe" ProcessID : 4294817869 Threads : 1 Priority : Normal FileVersion : 4.10.1998 ProductVersion : 4.10.1998 ProductName : Microsoft(R) Windows(R) Operating System CompanyName : Microsoft Corporation FileDescription : Task Monitor InternalName : TaskMon LegalCopyright : Copyright (C) Microsoft Corp. 1998 OriginalFilename : TASKMON.EXE #:9 [STIMON.EXE] ModuleName : C:\WINDOWS\SYSTEM\STIMON.EXE Command Line : "C:\WINDOWS\SYSTEM\STIMON.EXE" ProcessID : 4294815905 Threads : 3 Priority : Normal FileVersion : 4.10.2222 ProductVersion : 4.10.2222 ProductName : Microsoft(R) Windows(R) Operating System CompanyName : Microsoft Corporation FileDescription : Still Image Devices Monitor InternalName : STIMON LegalCopyright : Copyright (C) Microsoft Corp. 1996-1998 OriginalFilename : STIMON.EXE #:10 [QTTASK.EXE] ModuleName : C:\WINDOWS\SYSTEM\QTTASK.EXE Command Line : "C:\WINDOWS\SYSTEM\QTTASK.EXE" ProcessID : 4294807065 Threads : 1 Priority : Normal #:11 [SYSTRAY.EXE] ModuleName : C:\WINDOWS\SYSTEM\SYSTRAY.EXE Command Line : "C:\WINDOWS\SYSTEM\SysTray.Exe" ProcessID : 4294829089 Threads : 2 Priority : Normal FileVersion : 4.10.2222 ProductVersion : 4.10.2222 ProductName : Microsoft(R) Windows(R) Operating System CompanyName : Microsoft Corporation FileDescription : System Tray Applet InternalName : SYSTRAY LegalCopyright : Copyright (C) Microsoft Corp. 1993-1998 OriginalFilename : SYSTRAY.EXE #:12 [DCFSSVC.EXE] ModuleName : C:\WINDOWS\SYSTEM32\DRIVERS\DCFSSVC.EXE Command Line : "C:\WINDOWS\System32\Drivers\dcfssvc.exe" ProcessID : 4294827981 Threads : 2 Priority : Normal FileVersion : 1.1.4400.0 ProductVersion : 3.2.0400.0 ProductName : Kodak DC File System Driver (Win32) CompanyName : Eastman Kodak Company FileDescription : Kodak DC Ring 3 Conduit (Win32) InternalName : DcFsSvc.exe LegalCopyright : Copyright (C) Eastman Kodak Co. 2000-2002 OriginalFilename : DcFsSvc.exe #:13 [RUNDLL32.EXE] ModuleName : C:\WINDOWS\RUNDLL32.EXE Command Line : "C:\WINDOWS\rundll32.exe" ProcessID : 4294827209 Threads : 8 Priority : Normal FileVersion : 4.10.1998 ProductVersion : 4.10.1998 ProductName : Microsoft(R) Windows(R) Operating System CompanyName : Microsoft Corporation FileDescription : Run a DLL as an App InternalName : rundll LegalCopyright : Copyright (C) Microsoft Corp. 1991-1998 OriginalFilename : RUNDLL.EXE #:14 [REALSCHED.EXE] ModuleName : C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot ProcessID : 4294717505 Threads : 2 Priority : Normal FileVersion : 0.1.0.3034 ProductVersion : 0.1.0.3034 ProductName : RealPlayer (32-bit) CompanyName : RealNetworks, Inc. FileDescription : RealNetworks Scheduler InternalName : schedapp LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004 LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc. OriginalFilename : realsched.exe #:15 [ATITASK.EXE] ModuleName : C:\WINDOWS\SYSTEM\ATITASK.EXE Command Line : "C:\WINDOWS\SYSTEM\Atitask.exe" ProcessID : 4294720961 Threads : 1 Priority : Normal FileVersion : 4.11.2309 ProductVersion : 4.11.2309 ProductName : ATI Technologies, Inc. CompanyName : ATI Technologies, Inc. FileDescription : ATI Task Application InternalName : AtiTask LegalCopyright : Copyright © ATI Technologies Inc. 1998 OriginalFilename : AtiTask #:16 [ATICWD32.EXE] ModuleName : C:\WINDOWS\SYSTEM\ATICWD32.EXE Command Line : "C:\WINDOWS\SYSTEM\Aticwd32.exe" ProcessID : 4294706621 Threads : 1 Priority : Normal FileVersion : 4.11.2449 ProductVersion : 4.11.2449 ProductName : ATI Technologies Inc. CompanyName : ATI Technologies Inc. FileDescription : ATI Common Windows Display Driver Extension InternalName : ATICWD32 LegalCopyright : Copyright © ATI Technologies Inc., 1998 OriginalFilename : ATICWD32.EXE #:17 [NSVSVC.EXE] ModuleName : C:\WINDOWS\SYSTEM\NSVSVC\NSVSVC.EXE Command Line : "C:\WINDOWS\SYSTEM\nsvsvc\nsvsvc.exe" ProcessID : 4294708237 Threads : 4 Priority : Normal FileVersion : 2.17.0000 ProductVersion : 2, 1, 7, 0 #:18 [PICSVR.EXE] ModuleName : C:\WINDOWS\SYSTEM\PICSVR\PICSVR.EXE Command Line : "C:\WINDOWS\SYSTEM\PICSVR\PICSVR.EXE" ProcessID : 4294727237 Threads : 2 Priority : Normal #:19 [RUNDLL32.EXE] ModuleName : C:\WINDOWS\RUNDLL32.EXE Command Line : "C:\WINDOWS\rundll32.exe" ProcessID : 4294814573 Threads : 1 Priority : Normal FileVersion : 4.10.1998 ProductVersion : 4.10.1998 ProductName : Microsoft(R) Windows(R) Operating System CompanyName : Microsoft Corporation FileDescription : Run a DLL as an App InternalName : rundll LegalCopyright : Copyright (C) Microsoft Corp. 1991-1998 OriginalFilename : RUNDLL.EXE #:20 [ALUZKN.EXE] ModuleName : C:\WINDOWS\ALUZKN.EXE Command Line : "C:\WINDOWS\aluzkn.exe" reg_run ProcessID : 4294749921 Threads : 1 Priority : Normal #:21 [DEVMON.EXE] ModuleName : C:\PROGRAM FILES\SNAPFISH\DEVMON.EXE Command Line : "C:\Program Files\Snapfish\Devmon.exe" C:\Program Files\Snapfish\Snapfish Photo Wizard.exe ProcessID : 4294828645 Threads : 1 Priority : Normal #:22 [YPAGER.EXE] ModuleName : C:\PROGRAM FILES\YAHOO!\MESSENGER\YPAGER.EXE Command Line : "C:\PROGRAM FILES\YAHOO!\MESSENGER\ypager.exe" -quiet ProcessID : 4294758881 Threads : 8 Priority : Normal FileVersion : 5, 6, 0, 1358 ProductVersion : 5, 6, 0, 1358 ProductName : Yahoo! Messenger CompanyName : Yahoo! Inc. FileDescription : Yahoo! Messenger InternalName : Yahoo! Messengerr LegalCopyright : Copyright 1998-2003 OriginalFilename : YPager.exe #:23 [ZONEALARM.EXE] ModuleName : C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZONEALARM.EXE Command Line : "C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe" ProcessID : 4294668753 Threads : 6 Priority : Normal FileVersion : 3.7.098 ProductVersion : 3.7.098 ProductName : ZoneAlarm CompanyName : Zone Labs Inc. FileDescription : ZoneAlarm InternalName : zonealarm LegalCopyright : Copyright © 1998-2003, Zone Labs Inc. OriginalFilename : zonealarm.exe #:24 [CALLWAVEACCEL.EXE] ModuleName : C:\PROGRAM FILES\CIA\CALLWAVEACCEL.EXE Command Line : "C:\Program Files\CIA\callwaveaccel.exe" ProcessID : 4294657253 Threads : 1 Priority : Normal FileVersion : 3.2.12 ProductVersion : 3.2.12 #:25 [WMIEXE.EXE] ModuleName : C:\WINDOWS\SYSTEM\WMIEXE.EXE Command Line : WmiExe 52 ProcessID : 4294513997 Threads : 3 Priority : Normal FileVersion : 5.00.1755.1 ProductVersion : 5.00.1755.1 ProductName : Microsoft(R) Windows NT(R) Operating System CompanyName : Microsoft Corporation FileDescription : WMI service exe housing InternalName : wmiexe LegalCopyright : Copyright (C) Microsoft Corp. 1981-1998 OriginalFilename : wmiexe.exe #:26 [VSMON.EXE] ModuleName : C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE Command Line : vsmon.exe -status ProcessID : 4294553453 Threads : 16 Priority : Normal FileVersion : 3.7.098 ProductVersion : 3.7.098 ProductName : TrueVector Service CompanyName : Zone Labs Inc. FileDescription : TrueVector Service InternalName : vsmon LegalCopyright : Copyright © 1998-2003, Zone Labs Inc. OriginalFilename : vsmon.exe #:27 [AD-AWARE.EXE] ModuleName : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\AD-AWARE.EXE Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" ProcessID : 4294490121 Threads : 2 Priority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Deep scanning and examining files (c:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for c:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 9:28:33 PM Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:04:33.90 Objects scanned:48185 Objects identified:0 Objects ignored:0 New critical objects:0