Ad-Aware SE Build 1.06r1
Logfile Created on:03 September 2005 21:04:48
Using definitions file:SE1R64 31.08.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Possible Browser Hijack attempt(TAC index:3):1 total references
Tracking Cookie(TAC index:3):10 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R64 31.08.2005
Internal build : 75
File location : C:\PROGRA~1\Lavasoft\Ad-Aware SE Professional\defs.ref
File size : 515324 Bytes
Total size : 1551493 Bytes
Signature data size : 1518382 Bytes
Reference data size : 32599 Bytes
Signatures total : 43181
CSI Fingerprints total : 1032
CSI data size : 36709 Bytes
Target categories : 15
Target families : 740
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:72 %
Total physical memory:523760 kb
Available physical memory:374312 kb
Total page file size:1569000 kb
Available on page file:1481724 kb
Total virtual memory:2097024 kb
Available virtual memory:2035324 kb
OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)
Ad-Aware SE Settings
===========================
Set : Move deleted files to Recycle Bin
Set : Safe mode (always request confirmation)
Set : Don't log streams smaller than 0 Bytes
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Ignore spanned files when scanning cab archives
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Block pop-ups aggressively
Set : Automatically select problematic objects in results lists
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Show splash screen
Set : Backup current definitions file before updating
Set : Play sound at scan completion if scan locates critical objects
03-09-2005 21:04:48 - Scan started. (Full System Scan)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 156
ThreadCreationTime : 03-09-2005 19:57:57
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 204
ThreadCreationTime : 03-09-2005 19:58:15
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 228
ThreadCreationTime : 03-09-2005 19:58:19
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 272
ThreadCreationTime : 03-09-2005 19:58:24
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 284
ThreadCreationTime : 03-09-2005 19:58:24
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 436
ThreadCreationTime : 03-09-2005 19:58:29
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 496
ThreadCreationTime : 03-09-2005 19:58:31
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 560
ThreadCreationTime : 03-09-2005 19:58:34
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [wrsssdk.exe]
FilePath : C:\Program Files\Webroot\Spy Sweeper\
ProcessID : 620
ThreadCreationTime : 03-09-2005 19:58:35
BasePriority : Normal
FileVersion : 1,0,4,289
ProductVersion : 1, 0
ProductName : Spy Sweeper SDK
CompanyName : Webroot Software, Inc.
FileDescription : Spy Sweeper SDK
LegalCopyright : Copyright © 2002 - 2004, All Rights Reserved.
LegalTrademarks : Spy Sweeper is a trademark of Webroot Software, Inc.
OriginalFilename : SpySweeper.exe
#:10 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 828
ThreadCreationTime : 03-09-2005 19:58:58
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:11 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Professional\
ProcessID : 956
ThreadCreationTime : 03-09-2005 19:59:33
BasePriority : Normal
FileVersion : 6.2.0.238
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
#:12 [notepad.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 964
ThreadCreationTime : 03-09-2005 19:59:35
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Notepad
InternalName : Notepad
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : NOTEPAD.EXE
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dom@statcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:
[email protected]/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dom@apmebf[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:
[email protected]/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : dom@realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:
[email protected]/
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:
[email protected]/
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 4
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : angelina@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Angelina\Cookies\angelina@atdmt[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : angelina@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Angelina\Cookies\angelina@doubleclick[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe@advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Joe\Cookies\joe@advertising[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Joe\Cookies\joe@atdmt[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : joe@doubleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Joe\Cookies\joe@doubleclick[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data :
[email protected][2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Joe\Cookies\
[email protected][2].txt
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 10
Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 10
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 10
Possible Browser Hijack attempt Object Recognized!
Type : File
Data : Keygens.url
TAC Rating : 3
Category : Misc
Comment : Problematic URL discovered:
http://keygen.us/ Object : C:\Documents and Settings\Dom\Favorites\
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
21:21:08 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:16:19.875
Objects scanned:185870
Objects identified:11
Objects ignored:0
New critical objects:11
Thanks!