Logfile created: 2/17/2012 21:43:20 Ad-Aware version: 9.6.0 Extended engine: 3 Extended engine version: 3.1.2770 User performing scan: fulcort *********************** Definitions database information *********************** Lavasoft definition file: 150.723 Genotype definition file version: 2012/02/13 12:34:34 Extended engine definition file: 11550.0 ******************************** Scan results: ********************************* Scan profile name: Full Scan (ID: full) Objects scanned: 97291 Objects detected: 7 Type Detected ========================== Processes.......: 0 Registry entries: 0 Hostfile entries: 0 Files...........: 7 Folders.........: 0 LSPs............: 0 Cookies.........: 0 Browser hijacks.: 0 MRU objects.....: 0 Quarantined items: Description: c:\windows\assembly\gac_32\desktop.ini Family Name: Trojan.Win32.Generic!BT Engine: 3 Clean status: Reboot required Item ID: 1 Family ID: 0 MD5: FC8DA91F71B2BB29E258E3D81521B78 Description: c:\windows\assembly\gac_64\desktop.ini Family Name: Trojan.Win32.Generic!BT Engine: 3 Clean status: Reboot required Item ID: 1 Family ID: 0 MD5: 532F7A6F5A5A4A71CACC18DE74B834D8 Description: c:\windows\assembly\tmp\u\000000cb.@ Family Name: Trojan.Win32.Generic!BT Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: fe025e8778d66459f3519b8f0199e92c Description: c:\windows\assembly\tmp\u\000000cf.@ Family Name: Trojan.Win32.Generic!BT Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: 641d61902ae96341113c5c023984b719 Description: c:\windows\assembly\tmp\u\800000c0.@ Family Name: Trojan.Win32.Generic!BT Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: c062ec90da29d6c8782f09909c6c9e1f Description: c:\windows\assembly\tmp\u\800000cb.@ Family Name: Trojan.Win32.Generic!BT Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: 30131a7e34cff124c4148f511d486b9a Description: c:\windows\assembly\tmp\u\800000cf.@ Family Name: Trojan.Win32.Generic!BT Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: c933adfc290398c091d0a77a66c69355 Scan and cleaning complete: Finished correctly after 7802 seconds *********************************** Settings *********************************** Scan profile: ID: full, enabled:1, value: Full Scan ID: folderstoscan, enabled:1, value: C:\ ID: useantivirus, enabled:1, value: true ID: sections, enabled:1 ID: scancriticalareas, enabled:1, value: true ID: scanrunningapps, enabled:1, value: true ID: scanregistry, enabled:1, value: true ID: scanlsp, enabled:1, value: true ID: scanads, enabled:1, value: true ID: scanhostsfile, enabled:1, value: true ID: scanmru, enabled:1, value: true ID: scanbrowserhijacks, enabled:1, value: true ID: scantrackingcookies, enabled:1, value: true ID: closebrowsers, enabled:1, value: false ID: filescanningoptions, enabled:1 ID: archives, enabled:1, value: true ID: onlyexecutables, enabled:1, value: false ID: skiplargerthan, enabled:1, value: 20480 ID: scanrootkits, enabled:1, value: true ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict ID: usespywareheuristics, enabled:1, value: true Scan global: ID: global, enabled:1 ID: addtocontextmenu, enabled:1, value: true ID: playsoundoninfection, enabled:1, value: false ID: soundfile, enabled:0, value: N/A Scheduled scan settings: Update settings: ID: updates, enabled:1 ID: launchthreatworksafterscan, enabled:1, value: silently, domain: normal,off,silently ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall ID: schedules, enabled:1, value: true ID: updatedaily1, enabled:1, value: Daily 1 ID: time, enabled:1, value: Fri Feb 17 21:37:00 2012 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily2, enabled:1, value: Daily 2 ID: time, enabled:1, value: Fri Feb 17 03:37:00 2012 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily3, enabled:1, value: Daily 3 ID: time, enabled:1, value: Fri Feb 17 09:37:00 2012 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updatedaily4, enabled:1, value: Daily 4 ID: time, enabled:1, value: Fri Feb 17 15:37:00 2012 ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: false ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: false ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false ID: updateweekly1, enabled:1, value: Weekly ID: time, enabled:1, value: Fri Feb 17 21:37:00 2012 ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly ID: weekdays, enabled:1 ID: monday, enabled:1, value: true ID: tuesday, enabled:1, value: false ID: wednesday, enabled:1, value: false ID: thursday, enabled:1, value: false ID: friday, enabled:1, value: true ID: saturday, enabled:1, value: false ID: sunday, enabled:1, value: false ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31 ID: scanprofile, enabled:1, value: ID: auto_deal_with_infections, enabled:1, value: false Appearance settings: ID: appearance, enabled:1 ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource ID: showtrayicon, enabled:1, value: true ID: autoentertainmentmode, enabled:1, value: true ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple ID: language, enabled:1, value: en, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language Realtime protection settings: ID: realtime, enabled:1 ID: layers, enabled:1 ID: useantivirus, enabled:1, value: true ID: usespywareheuristics, enabled:1, value: true ID: maintainbackup, enabled:1, value: true ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant ID: modules, enabled:1 ID: processprotection, enabled:0, value: true ID: onaccessprotection, enabled:0, value: true ID: registryprotection, enabled:0, value: true ID: networkprotection, enabled:0, value: true ****************************** System information ****************************** Computer name: FULCORT-PC Processor name: AMD Turion Dual-Core RM-70 Processor identifier: AMD64 Family 17 Model 3 Stepping 1 Processor speed: ~2000MHZ Raw info: processorarchitecture 9, processortype 8664, processorlevel 17, processor revision 769, number of processors 2, processor features: [MMX,SSE,SSE2,SSE3,3DNow] Physical memory available: 2320007168 bytes Physical memory total: 2951139328 bytes Virtual memory available: 1878937600 bytes Virtual memory total: 2147352576 bytes Memory load: 21% Microsoft Service Pack 1 (build 7601) Windows startup mode: Running processes: PID: 252 name: C:\Windows\System32\smss.exe owner: SYSTEM domain: NT AUTHORITY PID: 348 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: NT AUTHORITY PID: 388 name: C:\Windows\System32\wininit.exe owner: SYSTEM domain: NT AUTHORITY PID: 396 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: NT AUTHORITY PID: 476 name: C:\Windows\System32\winlogon.exe owner: SYSTEM domain: NT AUTHORITY PID: 512 name: C:\Windows\System32\services.exe owner: SYSTEM domain: NT AUTHORITY PID: 528 name: C:\Windows\System32\lsass.exe owner: SYSTEM domain: NT AUTHORITY PID: 536 name: C:\Windows\System32\lsm.exe owner: SYSTEM domain: NT AUTHORITY PID: 648 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY PID: 724 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY PID: 780 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY PID: 892 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY PID: 928 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY PID: 972 name: C:\Windows\System32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY PID: 1008 name: C:\Windows\System32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY PID: 400 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT AUTHORITY PID: 1164 name: C:\Windows\explorer.exe owner: fulcort domain: fulcort-PC PID: 1240 name: C:\Windows\System32\ctfmon.exe owner: fulcort domain: fulcort-PC PID: 1336 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEM domain: NT AUTHORITY PID: 1420 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SYSTEM domain: NT AUTHORITY PID: 1564 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe owner: fulcort domain: fulcort-PC PID: 1816 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe owner: SYSTEM domain: NT AUTHORITY PID: 1872 name: C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-Aware.exe owner: fulcort domain: fulcort-PC Startup items: Name: WebCheck imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED} Name: imagepath: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini Bootexecute items: Name: imagepath: autocheck autochk * Name: imagepath: lsdelete Running services: Name: CryptSvc displayname: Cryptographic Services Name: DcomLaunch displayname: DCOM Server Process Launcher Name: Dhcp displayname: DHCP Client Name: Dnscache displayname: DNS Client Name: EapHost displayname: Extensible Authentication Protocol Name: eventlog displayname: Windows Event Log Name: KeyIso displayname: CNG Key Isolation Name: LanmanWorkstation displayname: Workstation Name: Lavasoft Ad-Aware Service displayname: Lavasoft Ad-Aware Service Name: lmhosts displayname: TCP/IP NetBIOS Helper Name: Netman displayname: Network Connections Name: netprofm displayname: Network List Service Name: NlaSvc displayname: Network Location Awareness Name: nsi displayname: Network Store Interface Service Name: PlugPlay displayname: Plug and Play Name: Power displayname: Power Name: ProfSvc displayname: User Profile Service Name: RpcEptMapper displayname: RPC Endpoint Mapper Name: RpcSs displayname: Remote Procedure Call (RPC) Name: Winmgmt displayname: Windows Management Instrumentation Name: Wlansvc displayname: WLAN AutoConfig Name: wudfsvc displayname: Windows Driver Foundation - User-mode Driver Framework