Lavasoft Ad-aware Personal Build 6.181 Logfile created on :Wednesday, 11 May 2005 10:26:41 PM Created with Ad-aware Personal, free for private use. Using reference-file :01R347 26.10.2004 ______________________________________________________ Reffile status: ========================= Reference file loaded: Reference Number : 01R217 08.09.2003 Internal build : 107 File location : C:\Program Files\Ad-aware 6\reflist.ref Total size : 574398 Bytes Signature data size : 563299 Bytes Reference data size : 11035 Bytes Signatures total : 12937 Target categories : 10 Target families : 267 11-05-2005 10:13:15 PM Performing Webupdate... Installing Update... Reference file loaded: Reference Number : 01R347 26.10.2004 Internal build : 281 File location : C:\Program Files\Ad-aware 6\reflist.ref Total size : 1379284 Bytes Signature data size : 1356739 Bytes Reference data size : 22481 Bytes Signatures total : 29961 Target categories : 10 Target families : 587 11-05-2005 10:18:14 PM Success. Update successfully downlodaded and installed. Memory + processor status: ========================== Number of processors : 1 Processor architecture : Intel Pentium IV Memory available:22 % Total physical memory:261664 kb Available physical memory:55288 kb Total page file size:633428 kb Available on page file:361660 kb Total virtual memory:2097024 kb Available virtual memory:2042632 kb OS: Ad-aware Settings ========================= Set : Activate in-depth scan (Recommended) Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep scan registry Set : Scan my IE Favorites for banned URLs Set : Scan within archives Set : Scan my Hosts file Extended Ad-aware Settings ========================= Set : Unload recognized processes during scanning Set : Include basic Ad-aware settings in logfile Set : Include additional Ad-aware settings in logfile Set : Let windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Always back up reference file, before updating Set : Play sound if scan produced a result 11-05-2005 10:26:41 PM - Scan started. (Smart mode) Listing running processes ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ #:1 [smss.exe] FilePath : \SystemRoot\System32\ ThreadCreationTime : 11-05-2005 9:36:50 AM BasePriority : Normal #:2 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ThreadCreationTime : 11-05-2005 9:36:53 AM BasePriority : High #:3 [services.exe] FilePath : C:\WINDOWS\system32\ ThreadCreationTime : 11-05-2005 9:36:53 AM BasePriority : Normal FileSize : 99 KB FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 CompanyName : Microsoft Corporation FileDescription : Services and Controller app InternalName : services.exe OriginalFilename : services.exe ProductName : Microsoft Created on : 23/08/2001 12:00:00 PM Last accessed : 11/05/2005 12:05:12 PM Last modified : 23/08/2001 12:00:00 PM #:4 [lsass.exe] FilePath : C:\WINDOWS\system32\ ThreadCreationTime : 11-05-2005 9:36:53 AM BasePriority : Normal FileSize : 11 KB FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe OriginalFilename : lsass.exe ProductName : Microsoft Created on : 28/08/2002 5:11:26 PM Last accessed : 11/05/2005 12:05:12 PM Last modified : 28/08/2002 5:11:26 PM #:5 [svchost.exe] FilePath : C:\WINDOWS\system32\ ThreadCreationTime : 11-05-2005 9:36:54 AM BasePriority : Normal FileSize : 12 KB FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe OriginalFilename : svchost.exe ProductName : Microsoft Created on : 23/08/2001 12:00:00 PM Last accessed : 11/05/2005 12:29:42 PM Last modified : 23/08/2001 12:00:00 PM #:6 [svchost.exe] FilePath : C:\WINDOWS\System32\ ThreadCreationTime : 11-05-2005 9:36:54 AM BasePriority : Normal FileSize : 12 KB FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe OriginalFilename : svchost.exe ProductName : Microsoft Created on : 23/08/2001 12:00:00 PM Last accessed : 11/05/2005 12:29:42 PM Last modified : 23/08/2001 12:00:00 PM #:7 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ThreadCreationTime : 11-05-2005 9:36:56 AM BasePriority : Normal FileSize : 50 KB FileVersion : 5.1.2600.0 (XPClient.010817-1148) ProductVersion : 5.1.2600.0 CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe OriginalFilename : spoolsv.exe ProductName : Microsoft Created on : 23/08/2001 12:00:00 PM Last accessed : 11/05/2005 12:05:12 PM Last modified : 23/08/2001 12:00:00 PM #:8 [pcctlcom.exe] FilePath : C:\PROGRA~1\TRENDM~1\INTERN~1\ ThreadCreationTime : 11-05-2005 9:36:56 AM BasePriority : Normal FileSize : 844 KB FileVersion : 12.10.0.1034 ProductVersion : 12.10.0 Copyright : Copyright (C) 1995-2004 Trend Micro Incorporated. All rights reserved. CompanyName : Trend Micro Incorporated. FileDescription : PcCtlCom Module InternalName : PcCtlCom OriginalFilename : PcCtlCom.EXE ProductName : Trend Micro Internet Security Created on : 15/09/2004 9:47:52 AM Last accessed : 11/05/2005 12:05:12 PM Last modified : 11/01/2005 7:08:52 AM #:9 [tmntsrv.exe] FilePath : C:\PROGRA~1\TRENDM~1\INTERN~1\ ThreadCreationTime : 11-05-2005 9:36:57 AM BasePriority : Normal FileSize : 280 KB FileVersion : 12.10.0.1034 ProductVersion : 12.10.0 Copyright : Copyright (C) 1995-2004 Trend Micro Incorporated. All rights reserved. CompanyName : Trend Micro Incorporated. FileDescription : Tmntsrv InternalName : Tmntsrv OriginalFilename : Tmntsrv.exe ProductName : Trend Micro Internet Security Created on : 29/04/2005 1:20:11 PM Last accessed : 11/05/2005 12:05:12 PM Last modified : 11/01/2005 7:17:42 AM #:10 [tmpfw.exe] FilePath : C:\PROGRA~1\TRENDM~1\INTERN~1\ ThreadCreationTime : 11-05-2005 9:36:59 AM BasePriority : Normal FileSize : 572 KB FileVersion : 2.0.0.1125 ProductVersion : 1.0.0 Copyright : Copyright (C) 2001-2004 Trend Micro Inc. All rights reserved. CompanyName : Trend Micro Inc. FileDescription : TmPfw InternalName : TmPfw OriginalFilename : TmPfw.exe ProductName : Trend Network Security Component 1.0 Created on : 15/09/2004 7:03:02 AM Last accessed : 11/05/2005 12:05:12 PM Last modified : 18/01/2005 10:37:00 AM #:11 [explorer.exe] FilePath : C:\WINDOWS\ ThreadCreationTime : 11-05-2005 9:41:25 AM BasePriority : Normal FileSize : 980 KB FileVersion : 6.00.2800.1106 (xpsp1.020828-1920) ProductVersion : 6.00.2800.1106 CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer OriginalFilename : EXPLORER.EXE ProductName : Microsoft Created on : 28/08/2002 5:11:24 PM Last accessed : 11/05/2005 12:18:28 PM Last modified : 28/08/2002 5:11:24 PM #:12 [popuper.exe] FilePath : C:\WINDOWS\ ThreadCreationTime : 11-05-2005 9:41:29 AM BasePriority : Normal FileSize : 17 KB FileVersion : 1, 0, 0, 217 ProductVersion : 1, 0, 0, 217 Copyright : Copyright (C) 2005 FileDescription : Popuper Application InternalName : Popuper OriginalFilename : Popuper.exe ProductName : Popuper Application Created on : 2/05/2005 6:24:53 AM Last accessed : 11/05/2005 12:05:12 PM Last modified : 7/05/2005 10:01:51 AM #:13 [msole32.exe] FilePath : C:\WINDOWS\System32\ ThreadCreationTime : 11-05-2005 9:41:29 AM BasePriority : Normal FileSize : 8 KB Created on : 2/05/2005 6:25:19 AM Last accessed : 11/05/2005 12:38:31 PM Last modified : 2/05/2005 6:25:19 AM #:14 [pccguide.exe] FilePath : C:\Program Files\Trend Micro\Internet Security 2005\ ThreadCreationTime : 11-05-2005 9:41:31 AM BasePriority : Normal FileSize : 796 KB FileVersion : 12.10.0.1014 ProductVersion : 12.10.0 Copyright : Copyright (C) 1995-2004 Trend Micro Incorporated. All rights reserved. CompanyName : Trend Micro Incorporated. FileDescription : PCCGuide InternalName : PCCGuide OriginalFilename : PCCGuide ProductName : Trend Micro Internet Security Created on : 15/09/2004 9:48:22 AM Last accessed : 11/05/2005 12:48:53 PM Last modified : 30/11/2004 8:36:34 AM #:15 [msnappau.exe] FilePath : C:\Program Files\MSN Apps\Updater\01.02.3000.1001\en-us\ ThreadCreationTime : 11-05-2005 9:41:34 AM BasePriority : Normal FileSize : 84 KB FileVersion : 01.02.3000.1001 ProductVersion : 01.02.3000.1001 Copyright : Copyright CompanyName : Microsoft Corporation FileDescription : MSN Updater InternalName : msnappau.exe OriginalFilename : msnappau.exe ProductName : MSN Updater Created on : 28/04/2005 10:50:18 PM Last accessed : 11/05/2005 12:05:12 PM Last modified : 13/08/2004 8:11:26 AM #:16 [iexplore.exe] FilePath : C:\Program Files\Internet Explorer\ ThreadCreationTime : 11-05-2005 11:28:53 AM BasePriority : Normal FileSize : 89 KB FileVersion : 6.00.2800.1106 (xpsp1.020828-1920) ProductVersion : 6.00.2800.1106 CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : iexplore OriginalFilename : IEXPLORE.EXE ProductName : Microsoft Created on : 12/06/2004 11:35:42 AM Last accessed : 11/05/2005 12:23:49 PM Last modified : 17/06/2004 11:08:05 AM #:17 [wuauclt.exe] FilePath : C:\WINDOWS\System32\ ThreadCreationTime : 11-05-2005 11:29:09 AM BasePriority : Normal FileSize : 111 KB FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04) ProductVersion : 5.4.3790.2182 CompanyName : Microsoft Corporation FileDescription : Automatic Updates InternalName : wuauclt.exe OriginalFilename : wuauclt.exe ProductName : Microsoft Created on : 28/04/2005 3:58:43 AM Last accessed : 11/05/2005 12:30:55 PM Last modified : 3/08/2004 4:32:20 AM #:18 [tmproxy.exe] FilePath : C:\PROGRA~1\TRENDM~1\INTERN~1\ ThreadCreationTime : 11-05-2005 11:42:04 AM BasePriority : Normal FileSize : 184 KB FileVersion : 1.0.0.1125 ProductVersion : 1.0.0 Copyright : Copyright (C) 2001-2004 Trend Micro Inc. All rights reserved. CompanyName : Trend Micro Inc. FileDescription : TmProxy.exe InternalName : TmProxy.exe OriginalFilename : TmProxy.exe ProductName : Trend Micro Network Security Components 1.0 Created on : 15/09/2004 7:04:02 AM Last accessed : 11/05/2005 12:48:54 PM Last modified : 18/01/2005 10:38:02 AM #:19 [iexplore.exe] FilePath : C:\Program Files\Internet Explorer\ ThreadCreationTime : 11-05-2005 11:43:40 AM BasePriority : Normal FileSize : 89 KB FileVersion : 6.00.2800.1106 (xpsp1.020828-1920) ProductVersion : 6.00.2800.1106 CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : iexplore OriginalFilename : IEXPLORE.EXE ProductName : Microsoft Created on : 12/06/2004 11:35:42 AM Last accessed : 11/05/2005 12:23:49 PM Last modified : 17/06/2004 11:08:05 AM #:20 [intmonp.exe] FilePath : C:\WINDOWS\System32\ ThreadCreationTime : 11-05-2005 11:56:07 AM BasePriority : Normal FileSize : 2 KB Created on : 2/05/2005 6:24:53 AM Last accessed : 11/05/2005 12:56:41 PM Last modified : 11/05/2005 11:56:07 AM #:21 [shnlog.exe] FilePath : C:\WINDOWS\System32\ ThreadCreationTime : 11-05-2005 11:56:16 AM BasePriority : Normal FileSize : 33 KB ProductVersion : 1.7 Created on : 8/05/2005 11:38:11 AM Last accessed : 11/05/2005 12:05:27 PM Last modified : 8/05/2005 11:38:11 AM #:22 [intmon.exe] FilePath : C:\WINDOWS\System32\ ThreadCreationTime : 11-05-2005 12:08:34 PM BasePriority : Normal FileSize : 2 KB Created on : 8/05/2005 11:38:12 AM Last accessed : 11/05/2005 12:09:23 PM Last modified : 11/05/2005 12:08:34 PM #:23 [ad-aware.exe] FilePath : C:\Program Files\Ad-aware 6\ ThreadCreationTime : 11-05-2005 12:40:36 PM BasePriority : Normal FileSize : 668 KB FileVersion : 6.0.1.181 ProductVersion : 6.0.0.0 Copyright : Copyright CompanyName : Lavasoft Sweden FileDescription : Ad-aware 6 core application InternalName : Ad-aware.exe OriginalFilename : Ad-aware.exe ProductName : Lavasoft Ad-aware Plus Created on : 12/06/2004 1:32:08 PM Last accessed : 11/05/2005 12:40:35 PM Last modified : 12/07/2003 12:30:20 PM #:24 [wuauclt.exe] FilePath : C:\WINDOWS\System32\ ThreadCreationTime : 11-05-2005 12:52:57 PM BasePriority : Normal FileSize : 111 KB FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04) ProductVersion : 5.4.3790.2182 CompanyName : Microsoft Corporation FileDescription : Automatic Updates InternalName : wuauclt.exe OriginalFilename : wuauclt.exe ProductName : Microsoft Created on : 28/04/2005 3:58:43 AM Last accessed : 11/05/2005 12:30:55 PM Last modified : 3/08/2004 4:32:20 AM Memory scan result : ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ New objects : 0 Objects found so far: 0 Started registry scan ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Registry scan result : ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ New objects : 0 Objects found so far: 0 Started deep registry scan ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank Possible Browser Hijack attempt Object recognized! Type : RegData Data : "about:blank" Category : Data Miner Comment : Possible browser hijack attempt Rootkey : HKEY_CURRENT_USER Object : Software\Microsoft\Internet Explorer\Main Value : Start Page Data : "about:blank" Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainDefault_Page_URLabout:blank Possible Browser Hijack attempt Object recognized! Type : RegData Data : "about:blank" Category : Data Miner Comment : Possible browser hijack attempt Rootkey : HKEY_CURRENT_USER Object : Software\Microsoft\Internet Explorer\Main Value : Default_Page_URL Data : "about:blank" Deep registry scan result : ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ New objects : 2 Objects found so far: 2 ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Deep scanning and examining files (C:) ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Scanning Hosts file(C:\WINDOWS\System32\drivers\etc\hosts) ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Hosts file scan result: ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ 42 entries scanned. New objects :0 Objects found so far: 2 Performing conditional scans.. ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Conditional scan result: ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ New objects : 0 Objects found so far: 2 10:29:05 PM Scan complete Summary of this scan ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ Total scanning time :00:02:23:672 Objects scanned :42861 Objects identified :2 Objects ignored :0 New objects :2