Ad-Aware SE Build 1.06r1 Logfile Created on:lundi 2 avril 2007 18:49:50 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R163 26.03.2007 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» MRU List(TAC index:0):10 total references Tracking Cookie(TAC index:3):5 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Search for low-risk threats Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan within archives Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 02-04-2007 18:49:50 - Scan started. (Full System Scan) MRU List Object Recognized! Location: : C:\Documents and Settings\Kung\recent Description : list of recently opened documents MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-2596645128-1903362386-3007208594-1006\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-2596645128-1903362386-3007208594-1006\software\microsoft\internet explorer\typedurls Description : list of recently entered addresses in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-2596645128-1903362386-3007208594-1006\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-2596645128-1903362386-3007208594-1006\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-2596645128-1903362386-3007208594-1006\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : S-1-5-21-2596645128-1903362386-3007208594-1006\software\microsoft\windows media\wmsdk\general Description : windows media sdk Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 140 ThreadCreationTime : 02-04-2007 02:56:55 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 188 ThreadCreationTime : 02-04-2007 02:57:21 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 212 ThreadCreationTime : 02-04-2007 02:57:26 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 256 ThreadCreationTime : 02-04-2007 02:57:35 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Système d'exploitation Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Applications Services et Contrôleur InternalName : services.exe LegalCopyright : © Microsoft Corporation. Tous droits réservés. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 268 ThreadCreationTime : 02-04-2007 02:57:35 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 416 ThreadCreationTime : 02-04-2007 02:57:41 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 480 ThreadCreationTime : 02-04-2007 02:57:45 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 536 ThreadCreationTime : 02-04-2007 02:57:47 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 848 ThreadCreationTime : 02-04-2007 02:58:38 BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Système d'exploitation Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Explorateur Windows InternalName : explorer LegalCopyright : © Microsoft Corporation. Tous droits réservés. OriginalFilename : EXPLORER.EXE #:10 [spysweeper.exe] FilePath : C:\Program Files\Webroot\Spy Sweeper\ ProcessID : 1400 ThreadCreationTime : 02-04-2007 08:02:39 BasePriority : Normal FileVersion : 3,3,2,2609 ProductVersion : 3, 3 ProductName : Spy Sweeper SDK CompanyName : Webroot Software, Inc. FileDescription : Spy Sweeper Engine LegalCopyright : Copyright (C) 2002 - 2007, All Rights Reserved. LegalTrademarks : Spy Sweeper is a trademark of Webroot Software, Inc. OriginalFilename : SpySweeper.exe #:11 [ctfmon.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1624 ThreadCreationTime : 02-04-2007 08:04:17 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON.EXE #:12 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\ ProcessID : 732 ThreadCreationTime : 02-04-2007 10:49:39 BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 10 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 10 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 10 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : kung@weborama[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:24 Value : Cookie:kung@weborama.fr/ Expires : 02-06-2007 23:55:58 LastSync : Hits:24 UseCount : 0 Hits : 24 Tracking Cookie Object Recognized! Type : IECache Entry Data : kung@sonyeurope.112.2o7[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:2 Value : Cookie:kung@sonyeurope.112.2o7.net/ Expires : 30-03-2012 22:10:08 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : kung@bs.serving-sys[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:2 Value : Cookie:kung@bs.serving-sys.com/ Expires : 01-01-2038 06:00:00 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : kung@www.smartadserver[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:14 Value : Cookie:kung@www.smartadserver.com/ Expires : 28-03-2027 00:55:52 LastSync : Hits:14 UseCount : 0 Hits : 14 Tracking Cookie Object Recognized! Type : IECache Entry Data : kung@serving-sys[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:25 Value : Cookie:kung@serving-sys.com/ Expires : 01-01-2038 06:00:00 LastSync : Hits:25 UseCount : 0 Hits : 25 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 5 Objects found so far: 15 Deep scanning and examining files (C:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 15 Deep scanning and examining files (D:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for D:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 15 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 15 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 15 19:20:55 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:31:04.109 Objects scanned:173718 Objects identified:5 Objects ignored:0 New critical objects:5