Ad-Aware SE Build 1.05 Logfile Created on:15 May 2005 13:58:04 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R45 13.05.2005 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» MRU List(TAC index:0):3 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 15-05-2005 13:58:04 - Scan started. (Full System Scan) MRU List Object Recognized! Location: : S-1-5-21-2000478354-1708537768-854245398-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-2000478354-1708537768-854245398-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-2000478354-1708537768-854245398-1004\software\microsoft\windows\currentversion\explorer\runmru Description : mru list for items opened in start | run Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 444 ThreadCreationTime : 15-05-2005 12:52:55 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 500 ThreadCreationTime : 15-05-2005 12:52:59 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 524 ThreadCreationTime : 15-05-2005 12:52:59 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 568 ThreadCreationTime : 15-05-2005 12:53:00 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Services and Controller app InternalName : services.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 580 ThreadCreationTime : 15-05-2005 12:53:00 BasePriority : Normal FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 736 ThreadCreationTime : 15-05-2005 12:53:02 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 808 ThreadCreationTime : 15-05-2005 12:53:02 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 916 ThreadCreationTime : 15-05-2005 12:53:04 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 980 ThreadCreationTime : 15-05-2005 12:53:05 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1144 ThreadCreationTime : 15-05-2005 12:53:08 BasePriority : Normal FileVersion : 5.1.2600.0 (XPClient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:11 [eebsvc.exe] FilePath : C:\Program Files\Common Files\EPSON\EBAPI\ ProcessID : 1264 ThreadCreationTime : 15-05-2005 12:53:15 BasePriority : Normal #:12 [avgamsvr.exe] FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\ ProcessID : 1444 ThreadCreationTime : 15-05-2005 12:53:15 BasePriority : Normal FileVersion : 7,1,0,299 ProductVersion : 7.1.0.299 ProductName : AVG Anti-Virus System CompanyName : GRISOFT, s.r.o. FileDescription : AVG Alert Manager InternalName : avgamsvr LegalCopyright : Copyright © 2004, GRISOFT, s.r.o. OriginalFilename : avgamsvr.EXE #:13 [avgupsvc.exe] FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\ ProcessID : 1456 ThreadCreationTime : 15-05-2005 12:53:15 BasePriority : Normal FileVersion : 7,1,0,285 ProductVersion : 7.1.0.285 ProductName : AVG 7.0 Anti-Virus System CompanyName : GRISOFT, s.r.o. FileDescription : AVG Update Service InternalName : avgupsvc LegalCopyright : Copyright © 2004, GRISOFT, s.r.o. OriginalFilename : avgupdsvc.EXE #:14 [avwupsrv.exe] FilePath : C:\Program Files\AVPersonal\ ProcessID : 1468 ThreadCreationTime : 15-05-2005 12:53:16 BasePriority : Normal FileVersion : 6.06.00.01 ProductVersion : 6.06.00.01 ProductName : AntiVir Update Service for Windows NT CompanyName : H+BEDV Datentechnik GmbH, Germany FileDescription : AntiVir Software Update Service for Windows NT InternalName : AntiVir Update Service LegalCopyright : Copyright © 1998 - 2001 by H+BEDV Datentechnik GmbH LegalTrademarks : AntiVir® is a registered trademark of H+BEDV Datentechnik GmbH, Germany OriginalFilename : AVWUpSrv.exe #:15 [sagent2.exe] FilePath : C:\Program Files\Common Files\EPSON\EBAPI\ ProcessID : 1496 ThreadCreationTime : 15-05-2005 12:53:16 BasePriority : Normal FileVersion : 2, 3, 0, 0 ProductVersion : 1, 0, 0, 0 ProductName : EPSON Bidirectional Printer CompanyName : SEIKO EPSON CORPORATION FileDescription : EPSON Printer Status Agent InternalName : SAgent2 LegalCopyright : Copyright (C) SEIKO EPSON CORP. 2000-2001 OriginalFilename : SAgent2.exe #:16 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1584 ThreadCreationTime : 15-05-2005 12:53:16 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:17 [wdfmgr.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1636 ThreadCreationTime : 15-05-2005 12:53:17 BasePriority : Normal FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act) ProductVersion : 5.2.3790.1230 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows User Mode Driver Manager InternalName : WdfMgr LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : WdfMgr.exe #:18 [wuauclt.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 292 ThreadCreationTime : 15-05-2005 12:54:06 BasePriority : Normal FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04) ProductVersion : 5.4.3790.2182 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Automatic Updates InternalName : wuauclt.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : wuauclt.exe #:19 [taskmgr.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 884 ThreadCreationTime : 15-05-2005 12:55:05 BasePriority : High FileVersion : 5.1.2600.1106 (xpsp1.020828-1920) ProductVersion : 5.1.2600.1106 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows TaskManager InternalName : taskmgr LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : taskmgr.exe #:20 [uwdf.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1620 ThreadCreationTime : 15-05-2005 12:55:57 BasePriority : Normal FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act) ProductVersion : 5.2.3790.1230 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows User-Mode Driver Framework InternalName : uwdf.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : uwdf.exe #:21 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\ ProcessID : 1724 ThreadCreationTime : 15-05-2005 12:57:33 BasePriority : Normal FileVersion : 6.2.0.206 ProductVersion : VI.Second Edition ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 3 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 3 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 3 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 3 Deep scanning and examining files (C:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 3 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 3 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 3 14:13:01 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:14:56.689 Objects scanned:76245 Objects identified:0 Objects ignored:0 New critical objects:0