And there for my laptop was very fast compared with now.
Hope you could help me thanks
Ad-Aware SE Build 1.05
Logfile Created on:donderdag 28 april 2005 20:05:55
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R41 25.04.2005
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙?
References detected during the scan:
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙?
180Solutions(TAC index:6):4 total references
DyFuCA(TAC index:3):15 total references
Other(TAC index:5):1 total references
Possible Browser Hijack attempt(TAC index:3):3 total references
Tracking Cookie(TAC index:3):16 total references
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙?
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R8 13.09.2004
Internal build : 12
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 344723 Bytes
Total size : 1092481 Bytes
Signature data size : 1068971 Bytes
Reference data size : 22998 Bytes
Signatures total : 30122
Fingerprints total : 154
Fingerprints size : 7129 Bytes
Target categories : 15
Target families : 560
28-4-2005 20:00:31 Performing WebUpdate...
Installing Update...
Definitions File Loaded:
Reference Number : SE1R41 25.04.2005
Internal build : 48
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 462131 Bytes
Total size : 1397647 Bytes
Signature data size : 1367126 Bytes
Reference data size : 30009 Bytes
Signatures total : 39003
Fingerprints total : 816
Fingerprints size : 28835 Bytes
Target categories : 15
Target families : 650
28-4-2005 20:01:28 Success
Update successfully downloaded and installed.
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:47 %
Total physical memory:523248 kb
Available physical memory:240916 kb
Total page file size:1275812 kb
Available on page file:978892 kb
Total virtual memory:2097024 kb
Available virtual memory:2035468 kb
OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)
Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Don't log streams smaller than 0 Bytes
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects
28-4-2005 20:05:55 - Scan started. (Full System Scan)
Listing running processes
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙
#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 636
ThreadCreationTime : 28-4-2005 16:47:33
BasePriority : Normal
#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 700
ThreadCreationTime : 28-4-2005 16:47:34
BasePriority : Normal
#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 724
ThreadCreationTime : 28-4-2005 16:47:35
BasePriority : High
#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 768
ThreadCreationTime : 28-4-2005 16:47:35
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Besturingssysteem MicrosoftR WindowsR
CompanyName : Microsoft Corporation
FileDescription : Services en controllertoepassingen
InternalName : services.exe
LegalCopyright : c Microsoft Corporation. Alle rechten voorbehouden.
OriginalFilename : services.exe
#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 780
ThreadCreationTime : 28-4-2005 16:47:35
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftR WindowsR Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : c Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch
ProcessID : 920
ThreadCreationTime : 28-4-2005 16:47:36
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftR WindowsR Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : c Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 984
ThreadCreationTime : 28-4-2005 16:47:36
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftR WindowsR Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : c Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 1024
ThreadCreationTime : 28-4-2005 16:47:36
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftR WindowsR Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : c Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k NetworkService
ProcessID : 1092
ThreadCreationTime : 28-4-2005 16:47:36
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftR WindowsR Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : c Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k LocalService
ProcessID : 1180
ThreadCreationTime : 28-4-2005 16:47:37
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftR WindowsR Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : c Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1384
ThreadCreationTime : 28-4-2005 16:47:37
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Besturingssysteem MicrosoftR WindowsR
CompanyName : Microsoft Corporation
FileDescription : Windows Verkenner
InternalName : explorer
LegalCopyright : c Microsoft Corporation. Alle rechten voorbehouden.
OriginalFilename : EXPLORER.EXE
#:12 [ccsetmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
Command Line : n/a
ProcessID : 1528
ThreadCreationTime : 28-4-2005 16:47:37
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Settings Manager Service
InternalName : ccSetMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccSetMgr.exe
#:13 [sndsrvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
Command Line : n/a
ProcessID : 1544
ThreadCreationTime : 28-4-2005 16:47:37
BasePriority : Normal
FileVersion : 5.4.4.17
ProductVersion : 5.4
ProductName : Symantec Security Drivers
CompanyName : Symantec Corporation
FileDescription : Network Driver Service
InternalName : SndSrvc
LegalCopyright : Copyright 2002, 2003, 2004 Symantec Corporation
OriginalFilename : SndSrvc.exe
#:14 [spbbcsvc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
Command Line : n/a
ProcessID : 1556
ThreadCreationTime : 28-4-2005 16:47:37
BasePriority : Normal
FileVersion : 1,0,1,47
ProductVersion : 1,0,1,47
ProductName : SPBBC
CompanyName : Symantec Corporation
FileDescription : SPBBC Service
InternalName : SPBBCSvc
LegalCopyright : Copyright © 2004 Symantec Corporation. All rights reserved.
OriginalFilename : SPBBCSvc.exe
#:15 [ccevtmgr.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
Command Line : n/a
ProcessID : 1608
ThreadCreationTime : 28-4-2005 16:47:38
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec Event Manager Service
InternalName : ccEvtMgr
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccEvtMgr.exe
#:16 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1764
ThreadCreationTime : 28-4-2005 16:47:38
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftR WindowsR Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : c Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:17 [navapsvc.exe]
ModuleName : C:\Program Files\Norton AntiVirus\navapsvc.exe
Command Line : n/a
ProcessID : 1916
ThreadCreationTime : 28-4-2005 16:47:38
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Service
InternalName : NAVAPSVC
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright c 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NAVAPSVC.EXE
#:18 [npfmntor.exe]
ModuleName : C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
Command Line : n/a
ProcessID : 1964
ThreadCreationTime : 28-4-2005 16:47:39
BasePriority : Normal
FileVersion : 11.0.9.16
ProductVersion : 11.0.9
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Firewall Install Monitor
InternalName : NPFMonitor
LegalCopyright : Norton AntiVirus 2005 for Windows 98/ME/2000/XP Copyright c 2004 Symantec Corporation. All rights reserved.
OriginalFilename : NPFMonitor.EXE
#:19 [apoint.exe]
ModuleName : C:\Program Files\Apoint2K\Apoint.exe
Command Line : "C:\Program Files\Apoint2K\Apoint.exe"
ProcessID : 1972
ThreadCreationTime : 28-4-2005 16:47:39
BasePriority : Normal
FileVersion : 5.3.10.177
ProductVersion : 5.3.10.177
ProductName : Alps Pointing-device Driver
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver
InternalName : Alps Pointing-device Driver
LegalCopyright : Copyright © 1999-2003 Alps Electric Co., Ltd.
OriginalFilename : Apoint.exe
#:20 [nvsvc32.exe]
ModuleName : C:\WINDOWS\system32\nvsvc32.exe
Command Line : C:\WINDOWS\system32\nvsvc32.exe
ProcessID : 2008
ThreadCreationTime : 28-4-2005 16:47:39
BasePriority : Normal
FileVersion : 6.14.10.4716
ProductVersion : 6.14.10.4716
ProductName : NVIDIA Driver Helper Service, Version 47.16
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 47.16
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe
#:21 [agrsmmsg.exe]
ModuleName : C:\WINDOWS\AGRSMMSG.exe
Command Line : "C:\WINDOWS\AGRSMMSG.exe"
ProcessID : 2020
ThreadCreationTime : 28-4-2005 16:47:39
BasePriority : Normal
FileVersion : 2.1.41.10 2.1.41.10 06/29/2004 09:06:35
ProductVersion : 2.1.41.10 2.1.41.10 06/29/2004 09:06:35
ProductName : Agere SoftModem Messaging Applet
CompanyName : Agere Systems
FileDescription : SoftModem Messaging Applet
InternalName : smdmstat.exe
LegalCopyright : Copyright c Agere Systems 1998-2000
OriginalFilename : smdmstat.exe
#:22 [smagent.exe]
ModuleName : C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Command Line : "C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe"
ProcessID : 236
ThreadCreationTime : 28-4-2005 16:47:39
BasePriority : Normal
FileVersion : 3, 2, 6, 0
ProductVersion : 3, 2, 6, 0
ProductName : SoundMAX service agent
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX service agent component
InternalName : SMAgent
LegalCopyright : Copyright c 2002
OriginalFilename : SMAgent.exe
#:23 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k imgsvc
ProcessID : 340
ThreadCreationTime : 28-4-2005 16:47:39
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftR WindowsR Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : c Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:24 [jusched.exe]
ModuleName : C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
Command Line : "C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe"
ProcessID : 400
ThreadCreationTime : 28-4-2005 16:47:39
BasePriority : Normal
#:25 [apntex.exe]
ModuleName : C:\Program Files\Apoint2K\Apntex.exe
Command Line : "Apntex.exe"
ProcessID : 432
ThreadCreationTime : 28-4-2005 16:47:39
BasePriority : Normal
FileVersion : 5.0.1.15
ProductVersion : 5.0.1.15
ProductName : Alps Pointing-device Driver for Windows NT/2000/XP
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver for Windows NT/2000/XP
InternalName : Alps Pointing-device Driver for Windows NT/2000/XP
LegalCopyright : Copyright © 1998-2003 Alps Electric Co., Ltd.
OriginalFilename : ApntEx.exe
#:26 [ituneshelper.exe]
ModuleName : C:\Program Files\iTunes\iTunesHelper.exe
Command Line : "C:\Program Files\iTunes\iTunesHelper.exe"
ProcessID : 448
ThreadCreationTime : 28-4-2005 16:47:40
BasePriority : Normal
FileVersion : 4.6.0.15
ProductVersion : 4.6.0.15
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper-module
InternalName : iTunesHelper
LegalCopyright : c 2003-2004 Apple Computer, Inc. Alle rechten voorbehouden.
OriginalFilename : iTunesHelper.exe
#:27 [symwsc.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Command Line : n/a
ProcessID : 528
ThreadCreationTime : 28-4-2005 16:47:40
BasePriority : Normal
FileVersion : 2005.1.2.20
ProductVersion : 2005.1
ProductName : Norton Security Center
CompanyName : Symantec Corporation
FileDescription : Norton Security Center Service
InternalName : SymWSC.exe
LegalCopyright : Copyright © 1997-2004 Symantec Corporation
OriginalFilename : SymWSC.exe
#:28 [conime.exe]
ModuleName : C:\WINDOWS\system32\conime.exe
Command Line : C:\WINDOWS\system32\conime.exe
ProcessID : 564
ThreadCreationTime : 28-4-2005 16:47:40
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftR WindowsR Operating System
CompanyName : Microsoft Corporation
FileDescription : Console IME
InternalName : Console
LegalCopyright : c Microsoft Corporation. All rights reserved.
OriginalFilename : CONIME.EXE
#:29 [ccapp.exe]
ModuleName : C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Command Line : n/a
ProcessID : 580
ThreadCreationTime : 28-4-2005 16:47:40
BasePriority : Normal
FileVersion : 103.0.3.8
ProductVersion : 103.0.3.8
ProductName : Client and Host Security Platform
CompanyName : Symantec Corporation
FileDescription : Symantec User Session
InternalName : ccApp
LegalCopyright : Copyright © 2000-2004 Symantec Corporation. All rights reserved.
OriginalFilename : ccApp.exe
#:30 [eabservr.exe]
ModuleName : C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
Command Line : "C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" /Start
ProcessID : 596
ThreadCreationTime : 28-4-2005 16:47:40
BasePriority : Normal
FileVersion : 5, 0, 3, 1
ProductVersion : 5, 0, 3, 1
ProductName : Quick Launch Buttons
CompanyName : Hewlett-Packard
FileDescription : Quick Launch Buttons
InternalName : eabsrvr
LegalCopyright : Copyright c 2001-2003 Hewlett-Packard Company
OriginalFilename : eabsrvr.exe
#:31 [realsched.exe]
ModuleName : C:\Program Files\Common Files\Real\Update_OB\realsched.exe
Command Line : "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
ProcessID : 1220
ThreadCreationTime : 28-4-2005 16:47:41
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright c RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:32 [msgplus.exe]
ModuleName : C:\Program Files\MessengerPlus! 3\MsgPlus.exe
Command Line : "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
ProcessID : 1344
ThreadCreationTime : 28-4-2005 16:47:41
BasePriority : Normal
#:33 [rmctrl.exe]
ModuleName : C:\WINDOWS\system32\rmctrl.exe
Command Line : "C:\WINDOWS\system32\rmctrl.exe"
ProcessID : 1400
ThreadCreationTime : 28-4-2005 16:47:41
BasePriority : Normal
#:34 [ojhjai.exe]
ModuleName : C:\Program Files\Uxgxy\Ojhjai.exe
Command Line : "C:\Program Files\Uxgxy\Ojhjai.exe"
ProcessID : 1512
ThreadCreationTime : 28-4-2005 16:47:41
BasePriority : Normal
#:35 [sstedrp.exe]
ModuleName : C:\Program Files\Eparshy\Sstedrp.exe
Command Line : "C:\Program Files\Eparshy\Sstedrp.exe"
ProcessID : 2060
ThreadCreationTime : 28-4-2005 16:47:41
BasePriority : Normal
#:36 [ctfmon.exe]
ModuleName : C:\WINDOWS\system32\ctfmon.exe
Command Line : "C:\WINDOWS\system32\ctfmon.exe"
ProcessID : 2080
ThreadCreationTime : 28-4-2005 16:47:41
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftR WindowsR Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : c Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:37 [aim.exe]
ModuleName : C:\Program Files\CSIM\aim.exe
Command Line : "C:\Program Files\CSIM\aim.exe" -cnetwait.odl
ProcessID : 2204
ThreadCreationTime : 28-4-2005 16:47:42
BasePriority : Normal
FileVersion : 4.1.2050
ProductVersion : 4.1.2050
ProductName : AOL Instant Messenger (SM)
CompanyName : America Online, Inc.
FileDescription : AOL Instant Messenger (SM)
InternalName : AIM
LegalCopyright : Copyright c 1996-2000 America Online, Inc.
OriginalFilename : AIM.EXE
#:38 [wowom.exe]
ModuleName : C:\PROGRA~1\COMMON~1\wowo\wowom.exe
Command Line : "C:\PROGRA~1\COMMON~1\wowo\wowom.exe"
ProcessID : 2232
ThreadCreationTime : 28-4-2005 16:47:42
BasePriority : Normal
FileVersion : 4, 0, 3, 8
ProductVersion : 4, 0, 3, 8
LegalCopyright : Copyright © 2005
#:39 [rundll32.exe]
ModuleName : C:\WINDOWS\system32\rundll32.exe
Command Line : rundll32 nView.dll,nViewInitialize
ProcessID : 2244
ThreadCreationTime : 28-4-2005 16:47:42
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Besturingssysteem MicrosoftR WindowsR
CompanyName : Microsoft Corporation
FileDescription : Een DLL-bestand als toepassing starten
InternalName : rundll
LegalCopyright : c Microsoft Corporation. Alle rechten voorbehouden.
OriginalFilename : RUNDLL.EXE
#:40 [ipodservice.exe]
ModuleName : C:\Program Files\iPod\bin\iPodService.exe
Command Line : "C:\Program Files\iPod\bin\iPodService.exe"
ProcessID : 2500
ThreadCreationTime : 28-4-2005 16:47:43
BasePriority : Normal
FileVersion : 4.6.0.15
ProductVersion : 4.6.0.15
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService-module
InternalName : iPodService
LegalCopyright : c 2003-2004 Apple Computer, Inc. Alle rechten voorbehouden.
OriginalFilename : iPodService.exe
#:41 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 3168
ThreadCreationTime : 28-4-2005 16:47:51
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : MicrosoftR WindowsR Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : c Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:42 [msnmsgr.exe]
ModuleName : C:\Program Files\MSN Messenger\msnmsgr.exe
Command Line : "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
ProcessID : 312
ThreadCreationTime : 28-4-2005 16:48:15
BasePriority : Normal
FileVersion : 7.0.0777
ProductVersion : 7.0.0777
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright © Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft® is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe
#:43 [iexplore.exe]
ModuleName : C:\Program Files\Internet Explorer\IEXPLORE.EXE
Command Line : "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
ProcessID : 216
ThreadCreationTime : 28-4-2005 17:54:54
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Besturingssysteem MicrosoftR WindowsR
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : c Microsoft Corporation. Alle rechten voorbehouden.
OriginalFilename : IEXPLORE.EXE
#:44 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 2928
ThreadCreationTime : 28-4-2005 17:56:18
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright c Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙
New critical objects: 0
Objects found so far: 0
Started registry scan
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙
DyFuCA Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-788260910-2639547155-3174122331-1007\software\ist
DyFuCA Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-788260910-2639547155-3174122331-1007\software\ist
Value : NeverISTsvc
DyFuCA Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\avenue media
Registry Scan result:
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙
New critical objects: 3
Objects found so far: 3
Started deep registry scan
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙
Possible Browser Hijack attempt : {E6A3C1E2-F792-483E-9133-596215172BE9} (http://runonce.msn.c...tacceptlang.cab)
Possible Browser Hijack attempt Object Recognized!
Type : Regkey
Data :
Category : Vulnerability
Comment : Possible Browser Hijack attempt : http://runonce.msn.c...tacceptlang.cab
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E6A3C1E2-F792-483E-9133-596215172BE9}
Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data :
Category : Vulnerability
Comment : Possible Browser Hijack attempt : http://runonce.msn.c...tacceptlang.cab
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E6A3C1E2-F792-483E-9133-596215172BE9}
Value : SystemComponent
Possible Browser Hijack attempt Object Recognized!
Type : RegValue
Data :
Category : Vulnerability
Comment : Possible Browser Hijack attempt : http://runonce.msn.c...tacceptlang.cab
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E6A3C1E2-F792-483E-9133-596215172BE9}
Value : Installer
Deep registry scan result:
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙
New critical objects: 3
Objects found so far: 6
Started Tracking Cookie scan
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : carpie@mediaplex[1].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:[email protected]/
Expires : 22-6-2009 2:00:00
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : carpie@doubleclick[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 28-4-2005 12:48:36
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : carpie@hitbox[1].txt
Category : Data Miner
Comment : Hits:21
Value : Cookie:[email protected]/
Expires : 28-4-2006 19:00:28
LastSync : Hits:21
UseCount : 0
Hits : 21
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : carpie@dbbsrv[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 30-11-2006 10:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : carpie@adrevolver[2].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:[email protected]/adrevolver/
Expires : 26-12-2007 8:48:28
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 29-4-2005 11:51:12
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:[email protected]/
Expires : 17-4-2015 21:33:50
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][2].txt
Category : Data Miner
Comment : Hits:10
Value : Cookie:[email protected]/
Expires : 28-4-2006 19:00:28
LastSync : Hits:10
UseCount : 0
Hits : 10
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : carpie@webads[1].txt
Category : Data Miner
Comment : Hits:28
Value : Cookie:[email protected]/
Expires : 1-3-2012 2:00:00
LastSync : Hits:28
UseCount : 0
Hits : 28
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : carpie@beweb[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 1-2-2007 2:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : carpie@statcounter[2].txt
Category : Data Miner
Comment : Hits:15
Value : Cookie:[email protected]/
Expires : 10-4-2010 19:29:46
LastSync : Hits:15
UseCount : 0
Hits : 15
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : carpie@estat[1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:[email protected]/
Expires : 29-3-2015 13:06:36
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : carpie@cgi-bin[2].txt
Category : Data Miner
Comment : Hits:7
Value : Cookie:[email protected]/cgi-bin
Expires : 12-4-2015 23:07:34
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : carpie@qsrch[2].txt
Category : Data Miner
Comment : Hits:7
Value : Cookie:[email protected]/
Expires : 3-5-2005 11:03:08
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : carpie@atdmt[2].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:[email protected]/
Expires : 27-4-2010 2:00:00
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : carpie@kliks[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 26-4-2005 16:48:10
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking cookie scan result:
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙
New critical objects: 16
Objects found so far: 22
Deep scanning and examining files (C:)
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙
180Solutions Object Recognized!
Type : File
Data : Del2E.tmp
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Carpie\Local Settings\Temp\
FileVersion : 5, 15, 0, 15
ProductVersion : 5, 15, 0, 15
ProductName : Search Assistant
CompanyName : 180solutions, Inc.
FileDescription : Search Assistant
LegalCopyright : Copyright c 2004, 180solutions Inc.
180Solutions Object Recognized!
Type : File
Data : A0000869.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{6DD67A3D-B07F-4376-B7D0-72D7A6198C4E}\RP18\
180Solutions Object Recognized!
Type : File
Data : A0000870.dll
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{6DD67A3D-B07F-4376-B7D0-72D7A6198C4E}\RP18\
180Solutions Object Recognized!
Type : File
Data : A0000871.exe
Category : Data Miner
Comment :
Object : C:\System Volume Information\_restore{6DD67A3D-B07F-4376-B7D0-72D7A6198C4E}\RP18\
FileVersion : 5, 15, 0, 15
ProductVersion : 5, 15, 0, 15
ProductName : Search Assistant
CompanyName : 180solutions, Inc.
FileDescription : Search Assistant
LegalCopyright : Copyright c 2004, 180solutions Inc.
DyFuCA Object Recognized!
Type : File
Data : A0000930.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{6DD67A3D-B07F-4376-B7D0-72D7A6198C4E}\RP21\
FileVersion : 1, 1, 0, 2
ProductVersion : 1, 1, 0, 2
ProductName : 1ST Toolbar
FileDescription : IST T00lbar
InternalName : IST T00lbar
LegalCopyright : Copyright 2004
OriginalFilename : 1stbar.dll
DyFuCA Object Recognized!
Type : File
Data : A0000931.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{6DD67A3D-B07F-4376-B7D0-72D7A6198C4E}\RP21\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : SideFind Module
CompanyName : IST
FileDescription : SideFind Module
InternalName : SideFind
LegalCopyright : Copyright 2004
OriginalFilename : SideFind.DLL
DyFuCA Object Recognized!
Type : File
Data : A0000932.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{6DD67A3D-B07F-4376-B7D0-72D7A6198C4E}\RP21\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : BrowserHelperObject Module
FileDescription : BrowserHelperObject Module
InternalName : BrowserHelperObject
LegalCopyright : Copyright 2003
OriginalFilename : BrowserHelperObject.DLL
DyFuCA Object Recognized!
Type : File
Data : A0000936.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{6DD67A3D-B07F-4376-B7D0-72D7A6198C4E}\RP21\
DyFuCA Object Recognized!
Type : File
Data : A0000937.dll
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{6DD67A3D-B07F-4376-B7D0-72D7A6198C4E}\RP21\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : DyFuCA_BH Module
FileDescription : DyFuCA_BH Module
InternalName : DyFuCA_BH
LegalCopyright : Copyright 2002
OriginalFilename : DyFuCA_BH.DLL
Disk Scan Result for C:\
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙
New critical objects: 0
Objects found so far: 31
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙
Hosts file scan result:
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙
1 entries scanned.
New critical objects:0
Objects found so far: 31
Performing conditional scans...
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙
DyFuCA Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\windows\currentversion\policies\ameopt
DyFuCA Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\rotue
DyFuCA Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\kapabout
DyFuCA Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\kapabout
Value : Comment
DyFuCA Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\kapabout
Value : DComment
DyFuCA Object Recognized!
Type : Folder
Category : Malware
Comment :
Object : C:\Program Files\Internet Optimizer
DyFuCA Object Recognized!
Type : File
Data : wsem303.dll
Category : Malware
Comment :
Object : C:\WINDOWS\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : DyFuCA_BH Module
FileDescription : DyFuCA_BH Module
InternalName : DyFuCA_BH
LegalCopyright : Copyright 2002
OriginalFilename : DyFuCA_BH.DLL
Conditional scan result:
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙
New critical objects: 8
Objects found so far: 39
20:24:29 Scan Complete
Summary Of This Scan
遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙遙
Total scanning time:00:18:34.485
Objects scanned:102354
Objects identified:39
Objects ignored:0
New critical objects:39
Edited by Carpie, 28 April 2005 - 01:47 PM.