my laptop used to run really fast but lately its running so slowly and not doing much. i can tell there's something on my comp casuing this but it just doesn't fully remove whatever i try.
Here's my logfile, i followed the instructions.
Ad-Aware SE Build 1.05
Logfile Created on:08 May 2005 16:41:50
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R43 06.05.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adintelligence.AproposToolbar(TAC index:5):11 total references
ClickSpring(TAC index:6):2 total references
DyFuCA(TAC index:3):2 total references
Other(TAC index:5):5 total references
PeopleOnPage(TAC index:9):23 total references
SideFind(TAC index:5):5 total references
Tracking Cookie(TAC index:3):8 total references
WindUpdates(TAC index:8):25 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R43 06.05.2005
Internal build : 50
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 467649 Bytes
Total size : 1414672 Bytes
Signature data size : 1383852 Bytes
Reference data size : 30308 Bytes
Signatures total : 39494
Fingerprints total : 847
Fingerprints size : 28739 Bytes
Target categories : 15
Target families : 663
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:46 %
Total physical memory:523248 kb
Available physical memory:239744 kb
Total page file size:1279460 kb
Available on page file:1017804 kb
Total virtual memory:2097024 kb
Available virtual memory:2047968 kb
OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)
Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Play sound at scan completion if scan locates critical objects
08-05-2005 16:41:50 - Scan started. (Full System Scan)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
ModuleName : \SystemRoot\System32\smss.exe
Command Line : n/a
ProcessID : 528
ThreadCreationTime : 08-05-2005 15:36:32
BasePriority : Normal
#:2 [csrss.exe]
ModuleName : \??\C:\WINDOWS\system32\csrss.exe
Command Line : C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestTh
ProcessID : 576
ThreadCreationTime : 08-05-2005 15:36:35
BasePriority : Normal
#:3 [winlogon.exe]
ModuleName : \??\C:\WINDOWS\system32\winlogon.exe
Command Line : winlogon.exe
ProcessID : 604
ThreadCreationTime : 08-05-2005 15:36:37
BasePriority : High
#:4 [services.exe]
ModuleName : C:\WINDOWS\system32\services.exe
Command Line : C:\WINDOWS\system32\services.exe
ProcessID : 648
ThreadCreationTime : 08-05-2005 15:36:37
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
ModuleName : C:\WINDOWS\system32\lsass.exe
Command Line : C:\WINDOWS\system32\lsass.exe
ProcessID : 660
ThreadCreationTime : 08-05-2005 15:36:37
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [ati2evxx.exe]
ModuleName : C:\WINDOWS\system32\Ati2evxx.exe
Command Line : C:\WINDOWS\system32\Ati2evxx.exe
ProcessID : 804
ThreadCreationTime : 08-05-2005 15:36:39
BasePriority : Normal
#:7 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k DcomLaunch
ProcessID : 816
ThreadCreationTime : 08-05-2005 15:36:39
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost -k rpcss
ProcessID : 920
ThreadCreationTime : 08-05-2005 15:36:41
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k netsvcs
ProcessID : 956
ThreadCreationTime : 08-05-2005 15:36:41
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k NetworkService
ProcessID : 1064
ThreadCreationTime : 08-05-2005 15:36:42
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [svchost.exe]
ModuleName : C:\WINDOWS\system32\svchost.exe
Command Line : C:\WINDOWS\system32\svchost.exe -k LocalService
ProcessID : 1140
ThreadCreationTime : 08-05-2005 15:36:42
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:12 [spoolsv.exe]
ModuleName : C:\WINDOWS\system32\spoolsv.exe
Command Line : C:\WINDOWS\system32\spoolsv.exe
ProcessID : 1320
ThreadCreationTime : 08-05-2005 15:36:45
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:13 [aolacsd.exe]
ModuleName : C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
Command Line : "C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe"
ProcessID : 1412
ThreadCreationTime : 08-05-2005 15:36:46
BasePriority : Normal
#:14 [ati2evxx.exe]
ModuleName : C:\WINDOWS\system32\Ati2evxx.exe
Command Line : Ati2evxx.exe -Client
ProcessID : 1484
ThreadCreationTime : 08-05-2005 15:36:47
BasePriority : Normal
#:15 [explorer.exe]
ModuleName : C:\WINDOWS\Explorer.EXE
Command Line : C:\WINDOWS\Explorer.EXE
ProcessID : 1584
ThreadCreationTime : 08-05-2005 15:36:48
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:16 [avgamsvr.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
ProcessID : 1708
ThreadCreationTime : 08-05-2005 15:36:49
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE
#:17 [avgupsvc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
Command Line : C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
ProcessID : 1848
ThreadCreationTime : 08-05-2005 15:36:51
BasePriority : Normal
FileVersion : 7,1,0,285
ProductVersion : 7.1.0.285
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2004, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE
#:18 [wdfmgr.exe]
ModuleName : C:\WINDOWS\system32\wdfmgr.exe
Command Line : C:\WINDOWS\system32\wdfmgr.exe
ProcessID : 1920
ThreadCreationTime : 08-05-2005 15:36:51
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:19 [vzfw.exe]
ModuleName : C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
Command Line : "C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe"
ProcessID : 1996
ThreadCreationTime : 08-05-2005 15:36:52
BasePriority : Normal
#:20 [spmgr.exe]
ModuleName : C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
Command Line : "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
ProcessID : 204
ThreadCreationTime : 08-05-2005 15:36:54
BasePriority : Normal
FileVersion : 1.3.01.06110
ProductVersion : 1.3.01
ProductName : Sony Power Management
CompanyName : Sony Corporation
FileDescription : SPM Module
LegalCopyright : © Sony Corporation. All rights reserved.
#:21 [datala~1.exe]
ModuleName : C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
Command Line : "C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE"
ProcessID : 224
ThreadCreationTime : 08-05-2005 15:36:54
BasePriority : Normal
FileVersion : 5, 0, 2, 561
ProductVersion : 5, 0
ProductName : Nokia PC Suite
CompanyName : Nokia Mobile Phones Ltd.
FileDescription : DataLayer 2.0 Module
InternalName : DataLayer 2.0
LegalCopyright : Copyright © 2004. Nokia. All rights reserved.
OriginalFilename : DataLayer.exe
#:22 [atiptaxx.exe]
ModuleName : C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
Command Line : "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
ProcessID : 208
ThreadCreationTime : 08-05-2005 15:36:54
BasePriority : Normal
FileVersion : 6.14.10.5115
ProductVersion : 6.14.10.5115
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright © 1998-2004 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe
#:23 [apoint.exe]
ModuleName : C:\Program Files\Apoint\Apoint.exe
Command Line : "C:\Program Files\Apoint\Apoint.exe"
ProcessID : 244
ThreadCreationTime : 08-05-2005 15:36:55
BasePriority : Normal
FileVersion : 5.5.7.136
ProductVersion : 5.5.7.136
ProductName : Alps Pointing-device Driver
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver
InternalName : Alps Pointing-device Driver
LegalCopyright : Copyright © 1999-2003 Alps Electric Co., Ltd.
OriginalFilename : Apoint.exe
#:24 [aoldial.exe]
ModuleName : C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
Command Line : "C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"
ProcessID : 284
ThreadCreationTime : 08-05-2005 15:36:55
BasePriority : Normal
FileVersion : 2.6.6.3.UK.53
ProductVersion : 2.6.6.3.UK.53
ProductName : AOL Connectivity Service
CompanyName : America Online, Inc
FileDescription : AOL Connectivity Service Dialer
LegalCopyright : Copyright © 2003 America Online, Inc.
OriginalFilename : AOLDial.exe
#:25 [aolsp scheduler.exe]
ModuleName : C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
Command Line : "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
ProcessID : 352
ThreadCreationTime : 08-05-2005 15:36:56
BasePriority : Normal
FileVersion : 1, 0, 0, 73
ProductVersion : 1, 0, 0, 73
ProductName : AOLSP Scheduler
FileDescription : AOLSP Scheduler
InternalName : AOLSP Scheduler
LegalCopyright : Copyright © America Online, Inc. 2004
OriginalFilename : AOLSP Scheduler.exe
#:26 [mediaacck.exe]
ModuleName : C:\Program Files\Media Access\MediaAccK.exe
Command Line : "C:\Program Files\Media Access\MediaAccK.exe"
ProcessID : 440
ThreadCreationTime : 08-05-2005 15:36:58
BasePriority : Normal
#:27 [mediaaccess.exe]
ModuleName : C:\Program Files\Media Access\MediaAccess.exe
Command Line : "C:\Program Files\Media Access\MediaAccess.exe"
ProcessID : 456
ThreadCreationTime : 08-05-2005 15:36:59
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : LoaderX Module
FileDescription : LoaderX Module
InternalName : LoaderX
LegalCopyright : Copyright 2005
OriginalFilename : LoaderX.EXE
#:28 [jusched.exe]
ModuleName : C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
Command Line : "C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe"
ProcessID : 464
ThreadCreationTime : 08-05-2005 15:36:59
BasePriority : Normal
#:29 [trayap~1.exe]
ModuleName : C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
Command Line : "C:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE"
ProcessID : 832
ThreadCreationTime : 08-05-2005 15:37:01
BasePriority : Normal
FileVersion : 1, 0, 0, 22
ProductVersion : 1, 0, 0, 0
ProductName : Nokia Tray Application
FileDescription : Nokia Tray Application
InternalName : Nokia Tray Application
LegalCopyright : Copyright © 2001 - 2004 Nokia. All Rights Reserved.
OriginalFilename : TrayApplication.EXE
#:30 [servic~1.exe]
ModuleName : C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
Command Line : C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE -Embedding
ProcessID : 1040
ThreadCreationTime : 08-05-2005 15:37:01
BasePriority : Normal
FileVersion : 6, 0, 9, 0
ProductVersion : 6.0
ProductName : Nokia Connectivity Library
CompanyName : Nokia.
FileDescription : ServiceLayer Module
InternalName : ServiceLayer
LegalCopyright : Copyright © 2002-2004 Nokia. All Rights Reserved.
OriginalFilename : ServiceLayer.exe
#:31 [hkserv.exe]
ModuleName : C:\Program Files\Sony\HotKey Utility\HKserv.exe
Command Line : "C:\Program Files\Sony\HotKey Utility\HKserv.exe"
ProcessID : 1048
ThreadCreationTime : 08-05-2005 15:37:01
BasePriority : Normal
#:32 [xacte.exe]
ModuleName : C:\WINDOWS\system32\xacte.exe
Command Line : "C:\WINDOWS\system32\xacte.exe"
ProcessID : 1128
ThreadCreationTime : 08-05-2005 15:37:02
BasePriority : Normal
#:33 [apntex.exe]
ModuleName : C:\Program Files\Apoint\Apntex.exe
Command Line : "Apntex.exe"
ProcessID : 1184
ThreadCreationTime : 08-05-2005 15:37:02
BasePriority : Normal
FileVersion : 5.0.1.15
ProductVersion : 5.0.1.15
ProductName : Alps Pointing-device Driver for Windows NT/2000/XP
CompanyName : Alps Electric Co., Ltd.
FileDescription : Alps Pointing-device Driver for Windows NT/2000/XP
InternalName : Alps Pointing-device Driver for Windows NT/2000/XP
LegalCopyright : Copyright © 1998-2003 Alps Electric Co., Ltd.
OriginalFilename : ApntEx.exe
#:34 [avgcc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" /STARTUP
ProcessID : 1204
ThreadCreationTime : 08-05-2005 15:37:03
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE
#:35 [hkwnd.exe]
ModuleName : C:\Program Files\Sony\HotKey Utility\HKWnd.exe
Command Line : "C:\Program Files\Sony\HotKey Utility\HKWnd.exe"
ProcessID : 1224
ThreadCreationTime : 08-05-2005 15:37:03
BasePriority : Normal
#:36 [avgemc.exe]
ModuleName : C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
Command Line : "C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe"
ProcessID : 1248
ThreadCreationTime : 08-05-2005 15:37:04
BasePriority : Normal
FileVersion : 7,1,0,307
ProductVersion : 7.1.0.307
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG E-Mail Scanner
InternalName : avgemc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgemc.exe
#:37 [shto.exe]
ModuleName : C:\Documents and Settings\Mehreen\Application Data\shto.exe
Command Line : "C:\Documents and Settings\Mehreen\Application Data\shto.exe"
ProcessID : 1152
ThreadCreationTime : 08-05-2005 15:37:05
BasePriority : Normal
#:38 [wsnefilt.exe]
ModuleName : C:\WINDOWS\system32\wsnefilt.exe
Command Line : "C:\WINDOWS\system32\wsnefilt.exe"
ProcessID : 1528
ThreadCreationTime : 08-05-2005 15:37:07
BasePriority : Normal
#:39 [aoltray.exe]
ModuleName : C:\Program Files\AOL 9.0\aoltray.exe
Command Line : "C:\Program Files\AOL 9.0\aoltray.exe" -check
ProcessID : 1748
ThreadCreationTime : 08-05-2005 15:37:15
BasePriority : Normal
FileVersion : 9.00.001
ProductVersion : 9.00.001
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : AOL Tray Icon
InternalName : AolTray
LegalCopyright : Copyright © America Online, Inc. 1999 - 2004
#:40 [wmiprvse.exe]
ModuleName : C:\WINDOWS\system32\wbem\wmiprvse.exe
Command Line : C:\WINDOWS\system32\wbem\wmiprvse.exe -Embedding
ProcessID : 2356
ThreadCreationTime : 08-05-2005 15:37:29
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe
#:41 [alg.exe]
ModuleName : C:\WINDOWS\System32\alg.exe
Command Line : C:\WINDOWS\System32\alg.exe
ProcessID : 2828
ThreadCreationTime : 08-05-2005 15:37:43
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:42 [wuauclt.exe]
ModuleName : C:\WINDOWS\system32\wuauclt.exe
Command Line : "C:\WINDOWS\system32\wuauclt.exe" /RunStoreAsComServer Local\[3bc]SUSDS23e44776eee8964bb506e757638b5bcb
ProcessID : 3292
ThreadCreationTime : 08-05-2005 15:37:54
BasePriority : Normal
FileVersion : 5.4.3790.2182 built by: srv03_rtm(ntvbl04)
ProductVersion : 5.4.3790.2182
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Automatic Updates
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wuauclt.exe
#:43 [svchost.exe]
ModuleName : C:\WINDOWS\System32\svchost.exe
Command Line : C:\WINDOWS\System32\svchost.exe -k HTTPFilter
ProcessID : 3548
ThreadCreationTime : 08-05-2005 15:38:03
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:44 [iexplore.exe]
ModuleName : C:\Program Files\Internet Explorer\iexplore.exe
Command Line : "C:\Program Files\Internet Explorer\iexplore.exe"
ProcessID : 3892
ThreadCreationTime : 08-05-2005 15:38:21
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE
#:45 [cxtpls.exe]
ModuleName : C:\Program Files\CxtPls\CxtPls.exe
Command Line : "C:\Program Files\CxtPls\CxtPls.exe" -Embedding
ProcessID : 3948
ThreadCreationTime : 08-05-2005 15:38:24
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Ads
CompanyName : Apropos Media
FileDescription : Internet Explorer
InternalName : Ads.
LegalCopyright : Copyright © 2003
OriginalFilename : SysAI.exe
#:46 [??oolsv.exe]
ModuleName : C:\WINDOWS\system32\??oolsv.exe
Command Line : C:\WINDOWS\system32\??oolsv.exe
ProcessID : 4060
ThreadCreationTime : 08-05-2005 15:38:26
BasePriority : Normal
#:47 [ad-aware.exe]
ModuleName : C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe"
ProcessID : 1972
ThreadCreationTime : 08-05-2005 15:38:57
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adintelligence.AproposToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{016235be-59d4-4ceb-add5-e2378282a1d9}
Adintelligence.AproposToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{b548b7d8-3d03-4aed-a6a1-4251fad00c10}
Adintelligence.AproposToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{b548b7d8-3d03-4aed-a6a1-4251fad00c10}
Value :
Adintelligence.AproposToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{b99a727f-0782-4a71-bcc2-6e1e66414904}
Adintelligence.AproposToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{b99a727f-0782-4a71-bcc2-6e1e66414904}
Value :
WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{1e5f0d38-214b-4085-ad2a-d2290e6a2d2c}
WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{1e5f0d38-214b-4085-ad2a-d2290e6a2d2c}
Value :
WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{1e5f0d38-214b-4085-ad2a-d2290e6a2d2c}
Value : AppID
WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9}
WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9}
Value :
WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : mediaaccess.installer
WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : mediaaccess.installer
Value :
WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{15696ae2-6ea4-47f4-bea6-a3d32693efc7}
DyFuCA Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3542067661-1520808359-2463141992-1005\software\ist
DyFuCA Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3542067661-1520808359-2463141992-1005\software\ist
Value : NeverISTsvc
PeopleOnPage Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-3542067661-1520808359-2463141992-1005\software\apropos
Adintelligence.AproposToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\explorer\browser helper objects\{016235be-59d4-4ceb-add5-e2378282a1d9}
Adintelligence.AproposToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\aproposclient
Adintelligence.AproposToolbar Object Recognized!
Type : RegValue
Data :
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\aproposclient
Value : UninstallString
PeopleOnPage Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\apropos
PeopleOnPage Object Recognized!
Type : Regkey
Data :
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\envolo
PeopleOnPage Object Recognized!
Type : Regkey
Data : e_uninstall.log
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\autoupdate
PeopleOnPage Object Recognized!
Type : RegValue
Data : e_uninstall.log
Category : Data Miner
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\autoupdate
Value : UninstallString
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 23
Objects found so far: 23
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 23
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mehreen@tribalfusion[2].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:[email protected]/
Expires : 01-01-2038 01:00:00
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mehreen@oinadserve[1].txt
Category : Data Miner
Comment : Hits:43
Value : Cookie:[email protected]/
Expires : 01-01-2021 01:00:00
LastSync : Hits:43
UseCount : 0
Hits : 43
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:[email protected]/
Expires : 03-05-2009 23:52:58
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [email protected][1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 05-05-2005 23:53:34
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mehreen@cgi-bin[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/cgi-bin
Expires : 28-02-2015 01:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mehreen@revenue[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 10-06-2022 06:05:42
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mehreen@casalemedia[1].txt
Category : Data Miner
Comment : Hits:10
Value : Cookie:[email protected]/
Expires : 29-04-2006 10:38:34
LastSync : Hits:10
UseCount : 0
Hits : 10
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mehreen@tripod[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:[email protected]/
Expires : 06-05-2006 18:51:52
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 8
Objects found so far: 31
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
PeopleOnPage Object Recognized!
Type : File
Data : auto_update_install.exe
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Mehreen\Local Settings\Temp\AutoUpdate0\
SideFind Object Recognized!
Type : File
Data : sidefind.exe
Category : Malware
Comment :
Object : C:\Documents and Settings\Mehreen\Local Settings\Temp\
WindUpdates Object Recognized!
Type : File
Data : temp.frDA6C
Category : Malware
Comment :
Object : C:\Documents and Settings\Mehreen\Local Settings\Temp\
PeopleOnPage Object Recognized!
Type : File
Data : AutoUpdaterInstaller[1].exe
Category : Data Miner
Comment :
Object : C:\Documents and Settings\Mehreen\Local Settings\Temporary Internet Files\Content.IE5\8PQBOP67\
WindUpdates Object Recognized!
Type : File
Data : A0001138.vxd
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{6076EFF1-E55A-41E4-913C-71A8429DE858}\RP2\
WindUpdates Object Recognized!
Type : File
Data : A0001171.vxd
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{6076EFF1-E55A-41E4-913C-71A8429DE858}\RP2\
ClickSpring Object Recognized!
Type : File
Data : A0001263.exe
Category : Malware
Comment :
Object : C:\System Volume Information\_restore{6076EFF1-E55A-41E4-913C-71A8429DE858}\RP2\
WindUpdates Object Recognized!
Type : File
Data : ide21201.vxd
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 39
Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 39
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 39
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adintelligence.AproposToolbar Object Recognized!
Type : Regkey
Data :
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\autoloader
Adintelligence.AproposToolbar Object Recognized!
Type : Folder
Category : Misc
Comment :
Object : C:\Program Files\AutoUpdate
Adintelligence.AproposToolbar Object Recognized!
Type : File
Data : libexpat.dll
Category : Misc
Comment :
Object : C:\Program Files\autoupdate\
WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\loaderx.exe
WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\loaderx.exe
Value : AppID
WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{735c5a0c-f79f-47a1-8ca1-2a2e482662a8}
WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : appid\{735c5a0c-f79f-47a1-8ca1-2a2e482662a8}
Value :
WindUpdates Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\media access
WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\media access
Value : UninstallString
WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\uninstall\media access
Value : DisplayName
WindUpdates Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\windows\currentversion\run
Value : Media Access
WindUpdates Object Recognized!
Type : Folder
Category : Malware
Comment :
Object : C:\Program Files\Media Access
WindUpdates Object Recognized!
Type : File
Data : Info.txt
Category : Malware
Comment :
Object : C:\Program Files\media access\
WindUpdates Object Recognized!
Type : File
Data : MediaAccC.dll
Category : Malware
Comment :
Object : C:\Program Files\media access\
WindUpdates Object Recognized!
Type : File
Data : MediaAccess.exe
Category : Malware
Comment :
Object : C:\Program Files\media access\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : LoaderX Module
FileDescription : LoaderX Module
InternalName : LoaderX
LegalCopyright : Copyright 2005
OriginalFilename : LoaderX.EXE
WindUpdates Object Recognized!
Type : File
Data : MediaAccK.exe
Category : Malware
Comment :
Object : C:\Program Files\media access\
PeopleOnPage Object Recognized!
Type : Folder
Category : Data Miner
Comment :
Object : C:\DOCUME~1\Mehreen\LOCALS~1\Temp\AutoUpdate0
PeopleOnPage Object Recognized!
Type : File
Data : auto_update_uninstall.exe
Category : Data Miner
Comment :
Object : C:\WINDOWS\system32\
PeopleOnPage Object Recognized!
Type : File
Data : auto_update_uninstall.log
Category : Data Miner
Comment :
Object : C:\WINDOWS\system32\
PeopleOnPage Object Recognized!
Type : File
Data : auto_update_install.exe
Category : Data Miner
Comment :
Object : C:\DOCUME~1\Mehreen\LOCALS~1\Temp\autoupdate0\
PeopleOnPage Object Recognized!
Type : File
Data : setup.inf
Category : Data Miner
Comment :
Object : C:\DOCUME~1\Mehreen\LOCALS~1\Temp\autoupdate0\
PeopleOnPage Object Recognized!
Type : File
Data : ace.dll
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\
FileVersion : 5.1.18
ProductVersion : 5.1.18
ProductName : ACE
FileDescription : ACE
InternalName : ACEDLL
OriginalFilename : ACE.DLL
PeopleOnPage Object Recognized!
Type : File
Data : AI_07-05-2005.log
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\
PeopleOnPage Object Recognized!
Type : File
Data : AI_08-05-2005.log
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\
PeopleOnPage Object Recognized!
Type : File
Data : atl.dll
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\
FileVersion : 3.00.9435
ProductVersion : 6.00.9435
ProductName : Microsoft ® Visual C++
CompanyName : Microsoft Corporation
FileDescription : ATL Module for Windows NT (Unicode)
InternalName : ATL
LegalCopyright : Copyright © Microsoft Corp. 1996-1998
OriginalFilename : ATL.DLL
PeopleOnPage Object Recognized!
Type : File
Data : CxtPls.dll
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\
PeopleOnPage Object Recognized!
Type : File
Data : CxtPls.exe
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : Ads
CompanyName : Apropos Media
FileDescription : Internet Explorer
InternalName : Ads.
LegalCopyright : Copyright © 2003
OriginalFilename : SysAI.exe
PeopleOnPage Object Recognized!
Type : File
Data : data.bin
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\
PeopleOnPage Object Recognized!
Type : File
Data : libexpat.dll
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\
PeopleOnPage Object Recognized!
Type : File
Data : ProxyStub.dll
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\
PeopleOnPage Object Recognized!
Type : File
Data : uninstaller.exe
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\
PeopleOnPage Object Recognized!
Type : File
Data : WinGenerics.dll
Category : Data Miner
Comment :
Object : C:\Program Files\cxtpls\
SideFind Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{339d8aff-0b42-4260-ad82-78ce605a9543}
SideFind Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{339d8aff-0b42-4260-ad82-78ce605a9543}
Value :
SideFind Object Recognized!
Type : Regkey
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a36a5936-cfd9-4b41-86bd-319a1931887f}
SideFind Object Recognized!
Type : RegValue
Data :
Category : Malware
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{a36a5936-cfd9-4b41-86bd-319a1931887f}
Value :
ClickSpring Object Recognized!
Type : File
Data : wnscpcc.exe
Category : Malware
Comment :
Object : C:\WINDOWS\system32\
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 42
Objects found so far: 81
17:23:34 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:41:44.170
Objects scanned:153594
Objects identified:81
Objects ignored:0
New critical objects:81