Ad-Aware SE Build 1.05 Logfile Created on:10 May 2005 18:56:18 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R43 06.05.2005 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» CommonName(TAC index:7):3 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 10-05-2005 18:56:18 - Scan started. (Smart mode) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 676 ThreadCreationTime : 10-05-2005 17:41:23 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\windows\system32\ ProcessID : 736 ThreadCreationTime : 10-05-2005 17:41:26 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\windows\system32\ ProcessID : 760 ThreadCreationTime : 10-05-2005 17:41:27 BasePriority : High #:4 [services.exe] FilePath : C:\windows\system32\ ProcessID : 816 ThreadCreationTime : 10-05-2005 17:41:28 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Services and Controller app InternalName : services.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\windows\system32\ ProcessID : 828 ThreadCreationTime : 10-05-2005 17:41:28 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\windows\system32\ ProcessID : 1012 ThreadCreationTime : 10-05-2005 17:41:31 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\windows\System32\ ProcessID : 1152 ThreadCreationTime : 10-05-2005 17:41:31 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\windows\System32\ ProcessID : 1308 ThreadCreationTime : 10-05-2005 17:41:32 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\windows\System32\ ProcessID : 1324 ThreadCreationTime : 10-05-2005 17:41:32 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [spoolsv.exe] FilePath : C:\windows\system32\ ProcessID : 1412 ThreadCreationTime : 10-05-2005 17:41:33 BasePriority : Normal FileVersion : 5.1.2600.0 (XPClient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:11 [ccevtmgr.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1440 ThreadCreationTime : 10-05-2005 17:41:33 BasePriority : Normal FileVersion : 1.03.4 ProductVersion : 1.03.4 ProductName : Event Manager CompanyName : Symantec Corporation FileDescription : Event Manager Service InternalName : ccEvtMgr LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved. OriginalFilename : ccEvtMgr.exe #:12 [explorer.exe] FilePath : C:\windows\ ProcessID : 296 ThreadCreationTime : 10-05-2005 17:41:41 BasePriority : Normal FileVersion : 6.00.2600.0000 (xpclient.010817-1148) ProductVersion : 6.00.2600.0000 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : EXPLORER.EXE #:13 [alg.exe] FilePath : C:\windows\System32\ ProcessID : 476 ThreadCreationTime : 10-05-2005 17:41:44 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:14 [navapsvc.exe] FilePath : C:\Program Files\Norton AntiVirus\ ProcessID : 512 ThreadCreationTime : 10-05-2005 17:41:45 BasePriority : Normal FileVersion : 9.07.1013 ProductVersion : 9.07.1013 ProductName : Norton AntiVirus CompanyName : Symantec Corporation FileDescription : Norton AntiVirus Auto-Protect Service InternalName : NAVAPSVC LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved. OriginalFilename : NAVAPSVC.EXE #:15 [nvsvc32.exe] FilePath : C:\windows\System32\ ProcessID : 544 ThreadCreationTime : 10-05-2005 17:41:45 BasePriority : Normal FileVersion : 6.13.10.3082 ProductVersion : 6.13.10.3082 ProductName : NVIDIA Driver Helper Service, Version 30.82 CompanyName : NVIDIA Corporation FileDescription : NVIDIA Driver Helper Service, Version 30.82 InternalName : NVSVC LegalCopyright : (c) NVIDIA Corporation. All rights reserved. OriginalFilename : nvsvc32.exe #:16 [slpservice.exe] FilePath : C:\windows\System32\ ProcessID : 728 ThreadCreationTime : 10-05-2005 17:41:47 BasePriority : Normal FileVersion : 1, 0, 0, 3 ProductVersion : 4, 51, 228, 0 ProductName : Smart Label Printer CompanyName : ProdEx Technologies FileDescription : Slpmonx Service InternalName : slpservice LegalCopyright : Copyright © 2000 ProdEx Technologies OriginalFilename : slpservice.exe #:17 [slpmonx.exe] FilePath : C:\windows\System32\ ProcessID : 912 ThreadCreationTime : 10-05-2005 17:41:47 BasePriority : Normal FileVersion : 0.2.1.219 ProductVersion : 4.55 ProductName : Seiko SLP Printer Driver CompanyName : Seiko Instruments USA, Inc. FileDescription : Seiko SLP Client Port Monitor InternalName : SLPMONX.EXE LegalCopyright : Copyright (C) Microsoft Corp. 1981-1999 OriginalFilename : SLPMONX.EXE #:18 [xl.exe] FilePath : C:\windows\System32\ ProcessID : 832 ThreadCreationTime : 10-05-2005 17:41:48 BasePriority : Normal FileVersion : 1, 5, 1, 149 ProductVersion : 1, 5, 1, 149 ProductName : XtreamLok License Manager FileDescription : XtreamLok License Manager InternalName : XL LegalCopyright : Copyright 2002 OriginalFilename : XL.EXE #:19 [msmsgs.exe] FilePath : C:\Program Files\Messenger\ ProcessID : 1048 ThreadCreationTime : 10-05-2005 17:41:48 BasePriority : Normal FileVersion : 4.7.2009 ProductVersion : Version 4.7 ProductName : Messenger CompanyName : Microsoft Corporation FileDescription : Messenger InternalName : msmsgs LegalCopyright : Copyright (c) Microsoft Corporation 1997-2003 LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries. OriginalFilename : msmsgs.exe #:20 [msole32.exe] FilePath : C:\windows\System32\ ProcessID : 1120 ThreadCreationTime : 10-05-2005 17:41:49 BasePriority : Normal #:21 [popuper.exe] FilePath : C:\windows\ ProcessID : 1244 ThreadCreationTime : 10-05-2005 17:41:50 BasePriority : Normal FileVersion : 1, 0, 0, 217 ProductVersion : 1, 0, 0, 217 ProductName : Popuper Application FileDescription : Popuper Application InternalName : Popuper LegalCopyright : Copyright (C) 2005 OriginalFilename : Popuper.exe #:22 [ltsmmsg.exe] FilePath : C:\windows\ ProcessID : 1276 ThreadCreationTime : 10-05-2005 17:41:51 BasePriority : Normal FileVersion : 3.1.114 3.1.114 07/20/2002 09:22:07 ProductVersion : 3.1.114 3.1.114 07/20/2002 09:22:07 ProductName : Lucent SoftModem Messaging Applet CompanyName : Lucent Technologies FileDescription : SoftModem Messaging Applet InternalName : smdmstat.exe LegalCopyright : Copyright © Lucent Technologies 1998-2000 OriginalFilename : smdmstat.exe #:23 [intmonp.exe] FilePath : C:\windows\System32\ ProcessID : 1316 ThreadCreationTime : 10-05-2005 17:41:51 BasePriority : Normal #:24 [ezsp_px.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1388 ThreadCreationTime : 10-05-2005 17:41:51 BasePriority : Normal #:25 [quicksys.exe] FilePath : C:\HYPER\ ProcessID : 1480 ThreadCreationTime : 10-05-2005 17:41:52 BasePriority : Normal FileVersion : 2.0.200.3 ProductVersion : 2.0.0.0 ProductName : HyperOS 2003 CompanyName : Hyperdrive Computers Ltd FileDescription : HyperOS Quick System Selector InternalName : QUICKSYS LegalCopyright : Copyright © 2000-2002 Hyperdrive Computers Ltd, London OriginalFilename : QUICKSYS.EXE #:26 [activsys.exe] FilePath : C:\HYPER\ ProcessID : 1492 ThreadCreationTime : 10-05-2005 17:41:52 BasePriority : Normal #:27 [ccapp.exe] FilePath : C:\Program Files\Common Files\Symantec Shared\ ProcessID : 1536 ThreadCreationTime : 10-05-2005 17:41:53 BasePriority : Normal FileVersion : 1.0.10.006 ProductVersion : 1.0.10.006 ProductName : Common Client CompanyName : Symantec Corporation FileDescription : Common Client CC App InternalName : ccApp LegalCopyright : Copyright (c) 2000-2002 Symantec Corporation. All rights reserved. OriginalFilename : ccApp.exe #:28 [prodsl.exe] FilePath : C:\Program Files\INTEL\DSLSetup\ ProcessID : 1628 ThreadCreationTime : 10-05-2005 17:41:54 BasePriority : Normal FileVersion : 3.00.02.34 ProductVersion : 1.8.0.0 (TIC 6192) ProductName : Intel(R) AnyPoint(R) Modem CompanyName : Intel Corporation FileDescription : Intel(R) AnyPoint(R) Connection Manager InternalName : ProDsl.exe LegalCopyright : Copyright (c) 2002 Intel Corp. All Rights Reserved. LegalTrademarks : Intel(R) OriginalFilename : ProDsl.exe Comments : Management application for DSL #:29 [directcd.exe] FilePath : C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\ ProcessID : 1664 ThreadCreationTime : 10-05-2005 17:41:55 BasePriority : Normal FileVersion : 5.1.0.209 ProductVersion : 5.1.0.209 ProductName : DirectCD CompanyName : Roxio FileDescription : DirectCD Application InternalName : DirectCD LegalCopyright : Copyright © 2001-2002, Roxio, Inc. OriginalFilename : Directcd.exe #:30 [qttask.exe] FilePath : C:\Program Files\QuickTime\ ProcessID : 1676 ThreadCreationTime : 10-05-2005 17:41:55 BasePriority : Normal FileVersion : 6.0.2 ProductVersion : QuickTime 6.0.2 ProductName : QuickTime CompanyName : Apple Computer, Inc. InternalName : QuickTime Task LegalCopyright : © Apple Computer, Inc. 2001-2002 OriginalFilename : QTTask.exe #:31 [sm1bg.exe] FilePath : C:\windows\ ProcessID : 1708 ThreadCreationTime : 10-05-2005 17:41:56 BasePriority : Normal FileVersion : 6.01.1000.0 ProductVersion : 6.01.1000.0 ProductName : Cypress USB Mass Storage Adapter CompanyName : Cypress Semiconductor FileDescription : Cypress USB Mass Storage Driver Background Application InternalName : SM1BG.EXE LegalCopyright : Copyright (C) 1998-2003 Cypress Semiconductor OriginalFilename : SM1BG.EXE #:32 [gcasserv.exe] FilePath : C:\Program Files\Microsoft AntiSpyware\ ProcessID : 1740 ThreadCreationTime : 10-05-2005 17:41:57 BasePriority : Idle FileVersion : 1.00.0509 ProductVersion : 1.00.0509 ProductName : Microsoft AntiSpyware (Beta 1) CompanyName : Microsoft Corporation FileDescription : Microsoft AntiSpyware Service InternalName : gcasServ LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved. LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet(tm) is a trademark of Microsoft Corporation. OriginalFilename : gcasServ.exe #:33 [wcescomm.exe] FilePath : C:\Program Files\Microsoft ActiveSync\ ProcessID : 1836 ThreadCreationTime : 10-05-2005 17:41:58 BasePriority : Normal FileVersion : 3.7.1.4034 ProductVersion : 3.7.4034 ProductName : Microsoft ActiveSync CompanyName : Microsoft Corporation FileDescription : ActiveSync Connection Manager InternalName : wcescomm LegalCopyright : Copyright © 1995-2004 Microsoft Corp. All rights reserved. LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. OriginalFilename : WCESCOMM.EXE #:34 [swdoctor.exe] FilePath : C:\Program Files\Spyware Doctor\ ProcessID : 1860 ThreadCreationTime : 10-05-2005 17:41:59 BasePriority : Normal FileVersion : 3.2.1.359 ProductVersion : 3.1 ProductName : Spyware Doctor CompanyName : PCTools FileDescription : Spyware Doctor InternalName : Spyware Doctor LegalCopyright : Copyright (c) 2004. Distributed by PC Tools Pty Ltd OriginalFilename : swdr.exe #:35 [vaserv.exe] FilePath : C:\Program Files\Sony\VAIO Action Setup\ ProcessID : 1928 ThreadCreationTime : 10-05-2005 17:42:01 BasePriority : Normal #:36 [wzqkpick.exe] FilePath : C:\Program Files\WinZip\ ProcessID : 1508 ThreadCreationTime : 10-05-2005 17:42:03 BasePriority : Normal FileVersion : 1.0 (32-bit) ProductVersion : 8.1 (4319) ProductName : WinZip CompanyName : WinZip Computing, Inc. FileDescription : WinZip Executable InternalName : WZQKPICK.EXE LegalCopyright : Copyright (c) WinZip Computing, Inc. 1991-2001 - All Rights Reserved LegalTrademarks : WinZip is a registered trademark of WinZip Computing, Inc OriginalFilename : WZQKPICK.EXE Comments : StringFileInfo: U.S. English #:37 [hotsync.exe] FilePath : C:\Palm\ ProcessID : 184 ThreadCreationTime : 10-05-2005 17:42:04 BasePriority : Normal FileVersion : 4.0 ProductVersion : 4.0 ProductName : HotSync® Manager, Palm Desktop CompanyName : Palm, Inc. FileDescription : HotSync® Manager Application InternalName : HotSync® LegalCopyright : Copyright © 1995-2001 Palm, Inc. LegalTrademarks : HotSync® is a registered trademark of Palm, Inc. OriginalFilename : Hotsync.exe #:38 [gcasdtserv.exe] FilePath : C:\Program Files\Microsoft AntiSpyware\ ProcessID : 200 ThreadCreationTime : 10-05-2005 17:42:05 BasePriority : Normal FileVersion : 1.00.0509 ProductVersion : 1.00.0509 ProductName : Microsoft AntiSpyware (Beta 1) CompanyName : Microsoft Corporation FileDescription : Microsoft AntiSpyware Data Service InternalName : gcasDtServ LegalCopyright : Copyright © 2004-2005 Microsoft Corporation. All rights reserved. LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation. SpyNet(tm) is a trademark of Microsoft Corporation. OriginalFilename : gcasDtServ.exe #:39 [slpcap.exe] FilePath : C:\WINDOWS\Seiko\ ProcessID : 2064 ThreadCreationTime : 10-05-2005 17:42:27 BasePriority : Normal FileVersion : 4.57 ProductVersion : 4.57.246.00 ProductName : Smart Label Printer CompanyName : Seiko Instruments USA Inc. FileDescription : SLP Text Capture Application InternalName : SLPCAP LegalCopyright : Copyright © 1991, 1999 Seiko Instruments USA Inc. LegalTrademarks : Smart Label Printer?, SmartCapture?, SmartCopy?, and SmartCode? are Trademarks of Seiko Instruments USA Inc. #:40 [plauto.exe] FilePath : C:\Program Files\CASIO\Photo Loader\ ProcessID : 2156 ThreadCreationTime : 10-05-2005 17:42:33 BasePriority : Normal FileVersion : 2.0.1E ProductVersion : 2.0.1E ProductName : Photo Loader CompanyName : CASIO COMPUTER CO.,LTD. FileDescription : Watcher for Photo Loader InternalName : Plauto LegalCopyright : Copyright (C) 2001 CASIO COMPUTER CO., LTD OriginalFilename : PLAUTO.EXE #:41 [snagit32.exe] FilePath : C:\Program Files\TechSmith\SnagIt 7\ ProcessID : 2416 ThreadCreationTime : 10-05-2005 17:42:37 BasePriority : Normal #:42 [tschelp.exe] FilePath : C:\Program Files\TechSmith\SnagIt 7\ ProcessID : 2712 ThreadCreationTime : 10-05-2005 17:42:40 BasePriority : Normal FileVersion : 1.0.0 ProductVersion : 1, 0, 0, 0 CompanyName : TechSmith Corporation FileDescription : TechSmith HTML Help Helper InternalName : TechSmith HTML Help Helper LegalCopyright : Copyright © 2002-2005 TechSmith Corp. All rights reserved. OriginalFilename : TscHelp.exe #:43 [wuauclt.exe] FilePath : C:\windows\System32\ ProcessID : 3792 ThreadCreationTime : 10-05-2005 17:43:20 BasePriority : Normal FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04) ProductVersion : 5.4.3790.2182 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Automatic Updates InternalName : wuauclt.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : wuauclt.exe #:44 [iexplore.exe] FilePath : C:\Program Files\Internet Explorer\ ProcessID : 1736 ThreadCreationTime : 10-05-2005 17:44:28 BasePriority : Normal FileVersion : 6.00.2600.0000 (xpclient.010817-1148) ProductVersion : 6.00.2600.0000 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : iexplore LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : IEXPLORE.EXE #:45 [shnlog.exe] FilePath : C:\windows\System32\ ProcessID : 2660 ThreadCreationTime : 10-05-2005 17:47:50 BasePriority : Normal ProductVersion : 1.7 #:46 [intmon.exe] FilePath : C:\windows\System32\ ProcessID : 2748 ThreadCreationTime : 10-05-2005 17:48:05 BasePriority : Normal #:47 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\ ProcessID : 3732 ThreadCreationTime : 10-05-2005 17:55:42 BasePriority : Normal FileVersion : 6.2.0.206 ProductVersion : VI.Second Edition ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» CommonName Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{1e1b2878-88ff-11d2-8d96-d7acac95951f} CommonName Object Recognized! Type : RegValue Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : interface\{1e1b2878-88ff-11d2-8d96-d7acac95951f} Value : CommonName Object Recognized! Type : Regkey Data : Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : typelib\{1e1b286c-88ff-11d2-8d96-d7acac95951f} Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 3 Objects found so far: 3 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 18:59:23 Scan stopped by user Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:03:04.985 Objects scanned:59982 Objects identified:3 Objects ignored:0 New critical objects:3