Hello. I haven't run a scan in two years due to having to reinstall the new product. I had Ad-Aware 6 previously. PC has been acting funny lately, not wanting to boot up, but got it working now and did a virus scan and is clean. I ran the SE scan and have this scan log.
1. Do I quarantine all entries after this scan, even the negligible risk items? There are a bunch of "MRU List Object Recognized!"
2. The registry scan found an alexa object and tracking cookie. May I quarantine these also?
3. Once quarantined is there a way to permanently remove them?
Any help would be appreciated. Thanks!
Here is scan log:
Ad-Aware SE Build 1.06r1
Logfile Created on:Saturday, June 24, 2006 1:41:38 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R112 15.06.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Alexa(TAC index:5):1 total references
MRU List(TAC index:0):25 total references
Tracking Cookie(TAC index:3):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
6/24/2006 1:41:38 AM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\WINDOWS\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : .DEFAULT\software\adobe\acrobat reader\5.0\avgeneral\crecentfiles
Description : list of recently used files in adobe reader
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last cd record path used in microsoft windows media player
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\9.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\9.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\prnportsmru
Description : list of recently used printer ports in the microsoft windows operating system
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [KERNEL32.DLL]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4279217845
Threads : 4
Priority : High
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
LegalCopyright : Copyright © Microsoft Corp. 1991-2000
OriginalFilename : KERNEL32.DLL
#:2 [MSGSRV32.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294960857
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
LegalCopyright : Copyright © Microsoft Corp. 1992-1998
OriginalFilename : MSGSRV32.EXE
#:3 [mmtask.tsk]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294919921
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft Windows
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
LegalCopyright : Copyright © Microsoft Corp. 1991-2000
OriginalFilename : mmtask.tsk
#:4 [MPREXE.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294933677
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
LegalCopyright : Copyright © Microsoft Corp. 1993-2000
OriginalFilename : MPREXE.EXE
#:5 [MSTASK.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294873913
Threads : 2
Priority : Normal
FileVersion : 4.71.2721.1
ProductVersion : 4.71.2721.1
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright © Microsoft Corp. 2000
OriginalFilename : mstask.exe
#:6 [SSDPSRV.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294870537
Threads : 4
Priority : Normal
FileVersion : 4.90.3003.0
ProductVersion : 4.90.3003.0
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : SSDP Service on Windows Millennium
InternalName : ssdpsrv.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-2000
OriginalFilename : ssdpsrv.exe
#:7 [KB891711.EXE]
FilePath : C:\WINDOWS\SYSTEM\KB891711\
ProcessID : 4294899697
Threads : 1
Priority : Normal
FileVersion : 4.10.2223
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows KB891711 component
InternalName : KB891711
LegalCopyright : Copyright © Microsoft Corp. 1991-2005
OriginalFilename : KB891711.EXE
#:8 [DEFWATCH.EXE]
FilePath : C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\
ProcessID : 4294896773
Threads : 2
Priority : Normal
FileVersion : 8.00.00.9374
ProductVersion : 8.00.00.9374
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Virus Definition Daemon
InternalName : DefWatch
LegalCopyright : Copyright © 1998 Symantec Corporation
OriginalFilename : DefWatch.exe
#:9 [RTVSCN95.EXE]
FilePath : C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\
ProcessID : 4294851793
Threads : 35
Priority : Normal
FileVersion : 8.00.00.9374
ProductVersion : 8.00.00.9374
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright © Symantec Corporation 1991-2002
#:10 [KB918547.EXE]
FilePath : C:\WINDOWS\SYSTEM\KB918547\
ProcessID : 4294856233
Threads : 1
Priority : Normal
FileVersion : 4.10.2224
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows KB918547 EXE component
InternalName : KB918547
LegalCopyright : Copyright © Microsoft Corp. 1991-2005
OriginalFilename : KB918547.EXE
#:11 [EXPLORER.EXE]
FilePath : C:\WINDOWS\
ProcessID : 4294875677
Threads : 19
Priority : Normal
FileVersion : 5.50.4134.100
ProductVersion : 5.50.4134.100
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-2000
OriginalFilename : EXPLORER.EXE
#:12 [STMGR.EXE]
FilePath : C:\WINDOWS\SYSTEM\RESTORE\
ProcessID : 4294814133
Threads : 5
Priority : Normal
FileVersion : 4.90.0.2533
ProductVersion : 4.90.0.2533
ProductName : Microsoft ® PCHealth
CompanyName : Microsoft Corporation
FileDescription : Microsoft ® PC State Manager
InternalName : StateMgr.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-2000
OriginalFilename : StateMgr.exe
#:13 [TASKMON.EXE]
FilePath : C:\WINDOWS\
ProcessID : 4294785949
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Task Monitor
InternalName : TaskMon
LegalCopyright : Copyright © Microsoft Corp. 1998
OriginalFilename : TASKMON.EXE
#:14 [SYSTRAY.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294782093
Threads : 2
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : System Tray Applet
InternalName : SYSTRAY
LegalCopyright : Copyright © Microsoft Corp. 1993-2000
OriginalFilename : SYSTRAY.EXE
#:15 [WMIEXE.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294752637
Threads : 3
Priority : Normal
FileVersion : 4.90.2452.1
ProductVersion : 4.90.2452.1
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI service exe housing
InternalName : wmiexe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : wmiexe.exe
#:16 [EM_EXEC.EXE]
FilePath : C:\PROGRAM FILES\MOUSEWARE\SYSTEM\
ProcessID : 4294710473
Threads : 2
Priority : Normal
FileVersion : 9.01.78
ProductVersion : 9.01
ProductName : MouseWare
CompanyName : Logitech Inc.
FileDescription : Control Center
InternalName : EM_EXEC
LegalCopyright : Copyright © Logitech Inc. 1987-2000.
LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc.
OriginalFilename : EM_EXEC.CPP
Comments : Created by the MouseWare Team
#:17 [VPTRAY.EXE]
FilePath : C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\
ProcessID : 4294716765
Threads : 2
Priority : Normal
FileVersion : 8.00.00.9374
ProductVersion : 8.00.00.9374
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright © Symantec Corporation 1991-2002
#:18 [RNAAPP.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294609617
Threads : 2
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Dial-Up Networking Application
InternalName : RNAAPP
LegalCopyright : Copyright © Microsoft Corp. 1992-1996
OriginalFilename : RNAAPP.EXE
#:19 [TAPISRV.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294618149
Threads : 6
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Microsoft® Windows™ Telephony Server
InternalName : Telephony Service
LegalCopyright : Copyright © Microsoft Corp. 1994-1998
OriginalFilename : TAPISRV.EXE
#:20 [DDHELP.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294585657
Threads : 2
Priority : Realtime
FileVersion : 4.07.01.3000
ProductVersion : 4.07.01.3000
ProductName : Microsoft® DirectX for Windows® 95 and 98
CompanyName : Microsoft Corporation
FileDescription : Microsoft DirectX Helper
InternalName : DDHelp.exe
LegalCopyright : Copyright © Microsoft Corp. 1994-2000
OriginalFilename : DDHelp.exe
#:21 [SPOOL32.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294462217
Threads : 2
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler Sub System Process
InternalName : spool32
LegalCopyright : Copyright © Microsoft Corp. 1994 - 1998
OriginalFilename : spool32.exe
#:22 [UNREGAAW.EXE]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
ProcessID : 4294171993
Threads : 1
Priority : Normal
#:23 [UNWISE.EXE]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
ProcessID : 4195708597
Threads : 1
Priority : Normal
#:24 [UNREGAAW.EXE]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
ProcessID : 4195705309
Threads : 1
Priority : Normal
#:25 [UNREGAAW.EXE]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
ProcessID : 4195708085
Threads : 1
Priority : Normal
#:26 [UNWISE.EXE]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
ProcessID : 4195653197
Threads : 1
Priority : Normal
#:27 [UNREGAAW.EXE]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\
ProcessID : 4195650741
Threads : 1
Priority : Normal
#:28 [STIMON.EXE]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4195661457
Threads : 5
Priority : Normal
FileVersion : 4.90.3000.1
ProductVersion : 4.90.3000.1
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Still Image Devices Monitor
InternalName : STIMON
LegalCopyright : Copyright © Microsoft Corp. 1981-2000
OriginalFilename : STIMON.EXE
#:29 [AD-AWARE.EXE]
FilePath : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\
ProcessID : 4294590977
Threads : 3
Priority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
#:30 [HH.EXE]
FilePath : C:\WINDOWS\
ProcessID : 4294350921
Threads : 4
Priority : Normal
FileVersion : 5.2.3790.309 (srv03_gdr.050413-1540)
ProductVersion : 5.2.3790.309
ProductName : HTML Help
CompanyName : Microsoft Corporation
FileDescription : Microsoft® HTML Help Executable
InternalName : HH 1.41
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : HH.exe
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 25
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Alexa Object Recognized!
Type : RegValue
Data :
TAC Rating : 5
Category : Data Miner
Comment : "{c95fe080-8f5d-11d2-a20b-00aa003c157a}"
Rootkey : HKEY_USERS
Object : .DEFAULT\software\microsoft\internet explorer\extensions\cmdmapping
Value : {c95fe080-8f5d-11d2-a20b-00aa003c157a}
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 26
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 26
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : default@apmebf[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:default@apmebf.com/
Expires : 6/21/2011 12:17:42 PM
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 27
Disk Scan Result for c:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
2 entries scanned.
New critical objects:0
Objects found so far: 27
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27
1:51:18 AM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:09:39.300
Objects scanned:68976
Objects identified:2
Objects ignored:0
New critical objects:2
Full Version: Critical objects found
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Ad-Aware SE Resolved/Inactive Issues
TexanGuy,
Alexa Is the "What's related links" feature in the “Internet Explorer� toolbar.
You can add it to the Ignore list if you want to keep it.
Alexa technology does use a 'web crawler'“ that records the information found on WebPages accessed when the 'What's related feature' is being used in Internet Explorer“.
It is safe to remove BUT if you update/restore/reinstall Internet Explorer then Alexa will return!
Please can you download
“Host File Reader“
save it say on your desktop and take a look at your Hosts file. If you are not familiar with the Hosts file entries just click the reset default button at the “Host File Reader�
Then can you clear out your cache folder ie: temporary internet folder There are some free programs that you can use that will do that for you if needed like
CCleaner
(Note in CCleaner: go to >options > advanced > Uncheck "Only delete files in Windows Temp folders older than 48 hours"). but see CCleaner Set up
also in the settup of CCleaner The LS Staff would perfuer if you un-tick (un-check) "Utilities" (i.e., Ad-Aware, ewido and other security program logs.)at leat till your pc is clean of spyware/malware
now use the WebUpDate
(to make sure you are upto date) if you want to clean your PC then scan by doing a "Full Scan" then and once the scan has finished
mark and remove the items then Reboot (ie: Re-start your PC)
Then re-scan doing a "Full Scan" and then post your logfile here by using the Add-Reply Feature .
GRAFX
Alexa Is the "What's related links" feature in the “Internet Explorer� toolbar.
You can add it to the Ignore list if you want to keep it.
Alexa technology does use a 'web crawler'“ that records the information found on WebPages accessed when the 'What's related feature' is being used in Internet Explorer“.
It is safe to remove BUT if you update/restore/reinstall Internet Explorer then Alexa will return!
Please can you download
“Host File Reader“
save it say on your desktop and take a look at your Hosts file. If you are not familiar with the Hosts file entries just click the reset default button at the “Host File Reader�
Then can you clear out your cache folder ie: temporary internet folder There are some free programs that you can use that will do that for you if needed like
CCleaner
(Note in CCleaner: go to >options > advanced > Uncheck "Only delete files in Windows Temp folders older than 48 hours"). but see CCleaner Set up
also in the settup of CCleaner The LS Staff would perfuer if you un-tick (un-check) "Utilities" (i.e., Ad-Aware, ewido and other security program logs.)at leat till your pc is clean of spyware/malware
now use the WebUpDate
(to make sure you are upto date) if you want to clean your PC then scan by doing a "Full Scan" then and once the scan has finished
mark and remove the items then Reboot (ie: Re-start your PC)
Then re-scan doing a "Full Scan" and then post your logfile here by using the Add-Reply Feature .
GRAFX
Thank you so much GRAFX! 
That CCleaner looks like a great tool. I use selective startup since I have deselected items that start on startup that take up CPU. It looks like this might help remove those.
I ran the host file reader software and found:
Found host in c:\Windows\hosts
216.65.115.190 search.msn.com
216.65.115.190 auto.search.msn.com
I then used the reset button which reset it to the sample host file with comments and
127.0.0.1 local host
127.0.0.2
ran CCleaner and did changes you requested. In the Cleaner Section under the "WINDOWS" tab The "ADVANCED" checkbox was unchecked, so I left it as unchecked.
Did a webupdate and ran system scan.
What do I do about the MRU objects?
What about the Running Processes? Are they all necessary? How do I remove them?
Thank you!
Here is the log file:
Ad-Aware SE Build 1.06r1
Logfile Created on:Sunday, June 25, 2006 8:58:00 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R112 15.06.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):11 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Create log file for removal operations
Set : Include module list in log file
Set : Include alternate data stream details in log file
Set : Use gridlines in results lists
Set : Show detail tooltips in results lists
Set : Create and save WebUpdate log file
Set : Dump details about unhandled exceptions to disk
Set : Play sound at scan completion if scan locates critical objects
6-25-2006 8:58:00 AM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\WINDOWS\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last cd record path used in microsoft windows media player
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\9.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\9.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [KERNEL32.DLL]
ModuleName : C:\WINDOWS\SYSTEM\KERNEL32.DLL
Command Line : n/a
ProcessID : 4279217725
Threads : 4
Priority : High
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
LegalCopyright : Copyright © Microsoft Corp. 1991-2000
OriginalFilename : KERNEL32.DLL
Scanning Module:C:\WINDOWS\SYSTEM\I81X329X.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\USER32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\GDI32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\ADVAPI32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\KERNEL32.DLL...
#:2 [MSGSRV32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MSGSRV32.EXE
Command Line : n/a
ProcessID : 4294960721
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
LegalCopyright : Copyright © Microsoft Corp. 1992-1998
OriginalFilename : MSGSRV32.EXE
Scanning Module:C:\WINDOWS\SYSTEM\MPR.DLL...
#:3 [mmtask.tsk]
ModuleName : C:\WINDOWS\SYSTEM\mmtask.tsk
Command Line : n/a
ProcessID : 4294919801
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft Windows
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
LegalCopyright : Copyright © Microsoft Corp. 1991-2000
OriginalFilename : mmtask.tsk
#:4 [MPREXE.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MPREXE.EXE
Command Line : C:\WINDOWS\SYSTEM\MPREXE.EXE
ProcessID : 4294933541
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
LegalCopyright : Copyright © Microsoft Corp. 1993-2000
OriginalFilename : MPREXE.EXE
Scanning Module:C:\WINDOWS\SYSTEM\MSNP32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSNET32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MPREXE.EXE...
Scanning Module:C:\WINDOWS\SYSTEM\MPRSERV.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSPWL32.DLL...
#:5 [MSTASK.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MSTASK.EXE
Command Line : mstask.exe
ProcessID : 4294874025
Threads : 2
Priority : Normal
FileVersion : 4.71.2721.1
ProductVersion : 4.71.2721.1
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright © Microsoft Corp. 2000
OriginalFilename : mstask.exe
Scanning Module:C:\WINDOWS\SYSTEM\OLE32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSIDLE.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSTASK.EXE...
Scanning Module:C:\WINDOWS\SYSTEM\SHELL32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\COMCTL32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SHLWAPI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSVCRT.DLL...
#:6 [SSDPSRV.EXE]
ModuleName : C:\WINDOWS\SYSTEM\SSDPSRV.EXE
Command Line : C:\WINDOWS\SYSTEM\ssdpsrv.exe
ProcessID : 4294870733
Threads : 4
Priority : Normal
FileVersion : 4.90.3003.0
ProductVersion : 4.90.3003.0
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : SSDP Service on Windows Millennium
InternalName : ssdpsrv.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-2000
OriginalFilename : ssdpsrv.exe
Scanning Module:C:\WINDOWS\SYSTEM\MSAFD.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SSDPSRV.EXE...
Scanning Module:C:\WINDOWS\SYSTEM\WS2_32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\RASAPI32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\WSOCK32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSWSOCK.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SECUR32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SVRAPI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\TAPI32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\RPCRT4.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\NETAPI32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\NETBIOS.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\WS2HELP.DLL...
#:7 [KB891711.EXE]
ModuleName : C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
Command Line : n/a
ProcessID : 4294898889
Threads : 1
Priority : Normal
FileVersion : 4.10.2223
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows KB891711 component
InternalName : KB891711
LegalCopyright : Copyright © Microsoft Corp. 1991-2005
OriginalFilename : KB891711.EXE
#:8 [DEFWATCH.EXE]
ModuleName : C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\DEFWATCH.EXE
Command Line : C:\PROGRA~1\SYMANT~1\SYMANT~1\defwatch.exe
ProcessID : 4294840577
Threads : 2
Priority : Normal
FileVersion : 8.00.00.9374
ProductVersion : 8.00.00.9374
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Virus Definition Daemon
InternalName : DefWatch
LegalCopyright : Copyright © 1998 Symantec Corporation
OriginalFilename : DefWatch.exe
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\DEFWATCH.EXE...
#:9 [RTVSCN95.EXE]
ModuleName : C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\RTVSCN95.EXE
Command Line : C:\PROGRA~1\SYMANT~1\SYMANT~1\rtvscn95.exe
ProcessID : 4294852521
Threads : 35
Priority : Normal
FileVersion : 8.00.00.9374
ProductVersion : 8.00.00.9374
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright © Symantec Corporation 1991-2002
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\VPMSECE.DLL...
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\NAVAP32.DLL...
Scanning Module:C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\VIRUSDEFS\20060621.024\NAVENG32.DLL...
Scanning Module:C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\VIRUSDEFS\20060621.024\NAVEX32A.DLL...
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\NAVAPI32.DLL...
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\I2LDVP3.DLL...
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\RTVSCN95.EXE...
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\NAVLU.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MFC42.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\WINMM.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\CTL3D32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\CBA.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\PDS.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSGSYS.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\NTS.DLL...
#:10 [KB918547.EXE]
ModuleName : C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
Command Line : n/a
ProcessID : 4294808893
Threads : 1
Priority : Normal
FileVersion : 4.10.2224
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows KB918547 EXE component
InternalName : KB918547
LegalCopyright : Copyright © Microsoft Corp. 1991-2005
OriginalFilename : KB918547.EXE
#:11 [EXPLORER.EXE]
ModuleName : C:\WINDOWS\EXPLORER.EXE
Command Line : C:\WINDOWS\Explorer.exe
ProcessID : 4294805981
Threads : 19
Priority : Normal
FileVersion : 5.50.4134.100
ProductVersion : 5.50.4134.100
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-2000
OriginalFilename : EXPLORER.EXE
Scanning Module:C:\WINDOWS\SYSTEM\MLANG.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSADP32.ACM...
Scanning Module:C:\WINDOWS\SYSTEM\BROWSELC.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SYNCUI.DLL...
Scanning Module:C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SSC\VPSHELL2.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SHDOCLC.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\DOCPROP2.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\AVIFIL32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSACM32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\CRTDLL.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSVFW32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\WOW32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\DCIMAN32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\ES.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\CFGMGR32.DLL...
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\LGMOUSHK.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SENS.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\ESTIER2.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\ESSHARED.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\LINKINFO.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\UPNP.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\URLMON.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\VERSION.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\IPHLPAPI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\DHCPCSVC.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\ICMP.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\NTDLL.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\WININET.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SSDPAPI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\AUHOOK.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\UPNPUI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\OLEAUT32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\WEBCHECK.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\ACTXPRXY.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MYDOCS.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\BROWSEUI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SHDOCVW.DLL...
Scanning Module:C:\WINDOWS\EXPLORER.EXE...
#:12 [STMGR.EXE]
ModuleName : C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
Command Line : C:\WINDOWS\System\Restore\StMgr.exe
ProcessID : 4294813661
Threads : 5
Priority : Normal
FileVersion : 4.90.0.2533
ProductVersion : 4.90.0.2533
ProductName : Microsoft ® PCHealth
CompanyName : Microsoft Corporation
FileDescription : Microsoft ® PC State Manager
InternalName : StateMgr.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-2000
OriginalFilename : StateMgr.exe
Scanning Module:C:\WINDOWS\SYSTEM\RSAENH.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE...
Scanning Module:C:\WINDOWS\SYSTEM\IMM32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SMGR.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SFPDLL.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\WINTRUST.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\IMAGEHLP.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\CRYPT32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSASN1.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\CABINET.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\ATRACE.DLL...
#:13 [TASKMON.EXE]
ModuleName : C:\WINDOWS\TASKMON.EXE
Command Line : "C:\WINDOWS\taskmon.exe"
ProcessID : 4294786997
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Task Monitor
InternalName : TaskMon
LegalCopyright : Copyright © Microsoft Corp. 1998
OriginalFilename : TASKMON.EXE
Scanning Module:C:\WINDOWS\TASKMON.EXE...
#:14 [SYSTRAY.EXE]
ModuleName : C:\WINDOWS\SYSTEM\SYSTRAY.EXE
Command Line : "C:\WINDOWS\SYSTEM\SysTray.Exe"
ProcessID : 4294789417
Threads : 2
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : System Tray Applet
InternalName : SYSTRAY
LegalCopyright : Copyright © Microsoft Corp. 1993-2000
OriginalFilename : SYSTRAY.EXE
Scanning Module:C:\WINDOWS\SYSTEM\SYSTRAY.EXE...
Scanning Module:C:\WINDOWS\SYSTEM\WMI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\BATMETER.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\POWRPROF.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SETUPAPI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\WINSPOOL.DRV...
Scanning Module:C:\WINDOWS\SYSTEM\LZ32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\COMDLG32.DLL...
#:15 [EM_EXEC.EXE]
ModuleName : C:\PROGRAM FILES\MOUSEWARE\SYSTEM\EM_EXEC.EXE
Command Line : "C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE"
ProcessID : 4294761521
Threads : 2
Priority : Normal
FileVersion : 9.01.78
ProductVersion : 9.01
ProductName : MouseWare
CompanyName : Logitech Inc.
FileDescription : Control Center
InternalName : EM_EXEC
LegalCopyright : Copyright © Logitech Inc. 1987-2000.
LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc.
OriginalFilename : EM_EXEC.CPP
Comments : Created by the MouseWare Team
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\CCMSGHK.DLL...
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\DEVICES.DLL...
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\CCSTMGLB.DLL...
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\CCRESGLB.DLL...
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\CCUSTOM.DLL...
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\CCRESRCE.DLL...
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\EM_EXEC.EXE...
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\EVENTEX.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\COMNCTR.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\LOGILANG.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MFC30.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSVCRT20.DLL...
#:16 [VPTRAY.EXE]
ModuleName : C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\VPTRAY.EXE
Command Line : "C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe"
ProcessID : 4294767225
Threads : 2
Priority : Normal
FileVersion : 8.00.00.9374
ProductVersion : 8.00.00.9374
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright © Symantec Corporation 1991-2002
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\CLISCAN.DLL...
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\CLIPROXY.DLL...
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\VPTRAY.EXE...
#:17 [WMIEXE.EXE]
ModuleName : C:\WINDOWS\SYSTEM\WMIEXE.EXE
Command Line : WmiExe WMI_fffd4b39
ProcessID : 4294674977
Threads : 3
Priority : Normal
FileVersion : 4.90.2452.1
ProductVersion : 4.90.2452.1
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI service exe housing
InternalName : wmiexe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : wmiexe.exe
Scanning Module:C:\WINDOWS\SYSTEM\WMIEXE.EXE...
Scanning Module:C:\WINDOWS\SYSTEM\WMICORE.DLL...
#:18 [RNAAPP.EXE]
ModuleName : C:\WINDOWS\SYSTEM\RNAAPP.EXE
Command Line : rnaapp.exe -l
ProcessID : 4294608833
Threads : 2
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Dial-Up Networking Application
InternalName : RNAAPP
LegalCopyright : Copyright © Microsoft Corp. 1992-1996
OriginalFilename : RNAAPP.EXE
Scanning Module:C:\WINDOWS\SYSTEM\RNAAPP.EXE...
#:19 [TAPISRV.EXE]
ModuleName : C:\WINDOWS\SYSTEM\TAPISRV.EXE
Command Line : tapisrv.exe
ProcessID : 4294617353
Threads : 5
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Microsoft® Windows™ Telephony Server
InternalName : Telephony Service
LegalCopyright : Copyright © Microsoft Corp. 1994-1998
OriginalFilename : TAPISRV.EXE
Scanning Module:C:\WINDOWS\SYSTEM\TSP3216L.TSP...
Scanning Module:C:\WINDOWS\SYSTEM\DIGEST.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SCHANNEL.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSNSSPC.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSAPSSPC.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSVCRT40.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\TAPISRV.EXE...
#:20 [SPOOL32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\SPOOL32.EXE
Command Line : C:\WINDOWS\SYSTEM\spool32.exe
ProcessID : 4294729617
Threads : 2
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler Sub System Process
InternalName : spool32
LegalCopyright : Copyright © Microsoft Corp. 1994 - 1998
OriginalFilename : spool32.exe
Scanning Module:C:\WINDOWS\SYSTEM\MSPP32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\USBMON.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SPOOL32.EXE...
Scanning Module:C:\WINDOWS\SYSTEM\SPOOLSS.DLL...
#:21 [AD-AWARE.EXE]
ModuleName : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\AD-AWARE.EXE
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\AD-AWARE.EXE"
ProcessID : 4294782229
Threads : 2
Priority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Scanning Module:C:\WINDOWS\SYSTEM\RICHED32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\RICHED20.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SHFOLDER.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\OLEPRO32.DLL...
Scanning Module:C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\AD-AWARE.EXE...
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Deep scanning and examining files (c:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for c:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 11
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
9:06:54 AM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:08:53.490
Objects scanned:67200
Objects identified:0
Objects ignored:0
New critical objects:0
That CCleaner looks like a great tool. I use selective startup since I have deselected items that start on startup that take up CPU. It looks like this might help remove those.I ran the host file reader software and found:
Found host in c:\Windows\hosts
216.65.115.190 search.msn.com
216.65.115.190 auto.search.msn.com
I then used the reset button which reset it to the sample host file with comments and
127.0.0.1 local host
127.0.0.2
ran CCleaner and did changes you requested. In the Cleaner Section under the "WINDOWS" tab The "ADVANCED" checkbox was unchecked, so I left it as unchecked.
Did a webupdate and ran system scan.
What do I do about the MRU objects?
What about the Running Processes? Are they all necessary? How do I remove them?
Thank you!
Here is the log file:
Ad-Aware SE Build 1.06r1
Logfile Created on:Sunday, June 25, 2006 8:58:00 AM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R112 15.06.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):11 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Obtain command line of scanned processes
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Create log file for removal operations
Set : Include module list in log file
Set : Include alternate data stream details in log file
Set : Use gridlines in results lists
Set : Show detail tooltips in results lists
Set : Create and save WebUpdate log file
Set : Dump details about unhandled exceptions to disk
Set : Play sound at scan completion if scan locates critical objects
6-25-2006 8:58:00 AM - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\WINDOWS\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\mediaplayer\preferences
Description : last cd record path used in microsoft windows media player
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\9.0\common\open find\microsoft word\settings\open\file name mru
Description : list of recent documents opened by microsoft word
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\office\9.0\common\open find\microsoft word\settings\save as\file name mru
Description : list of recent documents saved by microsoft word
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [KERNEL32.DLL]
ModuleName : C:\WINDOWS\SYSTEM\KERNEL32.DLL
Command Line : n/a
ProcessID : 4279217725
Threads : 4
Priority : High
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Win32 Kernel core component
InternalName : KERNEL32
LegalCopyright : Copyright © Microsoft Corp. 1991-2000
OriginalFilename : KERNEL32.DLL
Scanning Module:C:\WINDOWS\SYSTEM\I81X329X.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\USER32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\GDI32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\ADVAPI32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\KERNEL32.DLL...
#:2 [MSGSRV32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MSGSRV32.EXE
Command Line : n/a
ProcessID : 4294960721
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows 32-bit VxD Message Server
InternalName : MSGSRV32
LegalCopyright : Copyright © Microsoft Corp. 1992-1998
OriginalFilename : MSGSRV32.EXE
Scanning Module:C:\WINDOWS\SYSTEM\MPR.DLL...
#:3 [mmtask.tsk]
ModuleName : C:\WINDOWS\SYSTEM\mmtask.tsk
Command Line : n/a
ProcessID : 4294919801
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft Windows
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
LegalCopyright : Copyright © Microsoft Corp. 1991-2000
OriginalFilename : mmtask.tsk
#:4 [MPREXE.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MPREXE.EXE
Command Line : C:\WINDOWS\SYSTEM\MPREXE.EXE
ProcessID : 4294933541
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
LegalCopyright : Copyright © Microsoft Corp. 1993-2000
OriginalFilename : MPREXE.EXE
Scanning Module:C:\WINDOWS\SYSTEM\MSNP32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSNET32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MPREXE.EXE...
Scanning Module:C:\WINDOWS\SYSTEM\MPRSERV.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSPWL32.DLL...
#:5 [MSTASK.EXE]
ModuleName : C:\WINDOWS\SYSTEM\MSTASK.EXE
Command Line : mstask.exe
ProcessID : 4294874025
Threads : 2
Priority : Normal
FileVersion : 4.71.2721.1
ProductVersion : 4.71.2721.1
ProductName : Microsoft® Windows® Task Scheduler
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
LegalCopyright : Copyright © Microsoft Corp. 2000
OriginalFilename : mstask.exe
Scanning Module:C:\WINDOWS\SYSTEM\OLE32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSIDLE.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSTASK.EXE...
Scanning Module:C:\WINDOWS\SYSTEM\SHELL32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\COMCTL32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SHLWAPI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSVCRT.DLL...
#:6 [SSDPSRV.EXE]
ModuleName : C:\WINDOWS\SYSTEM\SSDPSRV.EXE
Command Line : C:\WINDOWS\SYSTEM\ssdpsrv.exe
ProcessID : 4294870733
Threads : 4
Priority : Normal
FileVersion : 4.90.3003.0
ProductVersion : 4.90.3003.0
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : SSDP Service on Windows Millennium
InternalName : ssdpsrv.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-2000
OriginalFilename : ssdpsrv.exe
Scanning Module:C:\WINDOWS\SYSTEM\MSAFD.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SSDPSRV.EXE...
Scanning Module:C:\WINDOWS\SYSTEM\WS2_32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\RASAPI32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\WSOCK32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSWSOCK.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SECUR32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SVRAPI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\TAPI32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\RPCRT4.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\NETAPI32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\NETBIOS.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\WS2HELP.DLL...
#:7 [KB891711.EXE]
ModuleName : C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
Command Line : n/a
ProcessID : 4294898889
Threads : 1
Priority : Normal
FileVersion : 4.10.2223
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows KB891711 component
InternalName : KB891711
LegalCopyright : Copyright © Microsoft Corp. 1991-2005
OriginalFilename : KB891711.EXE
#:8 [DEFWATCH.EXE]
ModuleName : C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\DEFWATCH.EXE
Command Line : C:\PROGRA~1\SYMANT~1\SYMANT~1\defwatch.exe
ProcessID : 4294840577
Threads : 2
Priority : Normal
FileVersion : 8.00.00.9374
ProductVersion : 8.00.00.9374
ProductName : Norton AntiVirus
CompanyName : Symantec Corporation
FileDescription : Virus Definition Daemon
InternalName : DefWatch
LegalCopyright : Copyright © 1998 Symantec Corporation
OriginalFilename : DefWatch.exe
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\DEFWATCH.EXE...
#:9 [RTVSCN95.EXE]
ModuleName : C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\RTVSCN95.EXE
Command Line : C:\PROGRA~1\SYMANT~1\SYMANT~1\rtvscn95.exe
ProcessID : 4294852521
Threads : 35
Priority : Normal
FileVersion : 8.00.00.9374
ProductVersion : 8.00.00.9374
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright © Symantec Corporation 1991-2002
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\VPMSECE.DLL...
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\NAVAP32.DLL...
Scanning Module:C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\VIRUSDEFS\20060621.024\NAVENG32.DLL...
Scanning Module:C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\VIRUSDEFS\20060621.024\NAVEX32A.DLL...
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\NAVAPI32.DLL...
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\I2LDVP3.DLL...
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\RTVSCN95.EXE...
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\NAVLU.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MFC42.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\WINMM.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\CTL3D32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\CBA.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\PDS.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSGSYS.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\NTS.DLL...
#:10 [KB918547.EXE]
ModuleName : C:\WINDOWS\SYSTEM\KB918547\KB918547.EXE
Command Line : n/a
ProcessID : 4294808893
Threads : 1
Priority : Normal
FileVersion : 4.10.2224
ProductVersion : 4.10.2222
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows KB918547 EXE component
InternalName : KB918547
LegalCopyright : Copyright © Microsoft Corp. 1991-2005
OriginalFilename : KB918547.EXE
#:11 [EXPLORER.EXE]
ModuleName : C:\WINDOWS\EXPLORER.EXE
Command Line : C:\WINDOWS\Explorer.exe
ProcessID : 4294805981
Threads : 19
Priority : Normal
FileVersion : 5.50.4134.100
ProductVersion : 5.50.4134.100
ProductName : Microsoft® Windows ® 2000 Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : Copyright © Microsoft Corp. 1981-2000
OriginalFilename : EXPLORER.EXE
Scanning Module:C:\WINDOWS\SYSTEM\MLANG.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSADP32.ACM...
Scanning Module:C:\WINDOWS\SYSTEM\BROWSELC.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SYNCUI.DLL...
Scanning Module:C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SSC\VPSHELL2.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SHDOCLC.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\DOCPROP2.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\AVIFIL32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSACM32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\CRTDLL.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSVFW32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\WOW32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\DCIMAN32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\ES.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\CFGMGR32.DLL...
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\LGMOUSHK.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SENS.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\ESTIER2.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\ESSHARED.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\LINKINFO.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\UPNP.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\URLMON.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\VERSION.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\IPHLPAPI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\DHCPCSVC.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\ICMP.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\NTDLL.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\WININET.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SSDPAPI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\AUHOOK.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\UPNPUI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\OLEAUT32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\WEBCHECK.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\ACTXPRXY.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MYDOCS.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\BROWSEUI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SHDOCVW.DLL...
Scanning Module:C:\WINDOWS\EXPLORER.EXE...
#:12 [STMGR.EXE]
ModuleName : C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
Command Line : C:\WINDOWS\System\Restore\StMgr.exe
ProcessID : 4294813661
Threads : 5
Priority : Normal
FileVersion : 4.90.0.2533
ProductVersion : 4.90.0.2533
ProductName : Microsoft ® PCHealth
CompanyName : Microsoft Corporation
FileDescription : Microsoft ® PC State Manager
InternalName : StateMgr.exe
LegalCopyright : Copyright © Microsoft Corp. 1981-2000
OriginalFilename : StateMgr.exe
Scanning Module:C:\WINDOWS\SYSTEM\RSAENH.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE...
Scanning Module:C:\WINDOWS\SYSTEM\IMM32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SMGR.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SFPDLL.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\WINTRUST.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\IMAGEHLP.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\CRYPT32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSASN1.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\CABINET.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\ATRACE.DLL...
#:13 [TASKMON.EXE]
ModuleName : C:\WINDOWS\TASKMON.EXE
Command Line : "C:\WINDOWS\taskmon.exe"
ProcessID : 4294786997
Threads : 1
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Task Monitor
InternalName : TaskMon
LegalCopyright : Copyright © Microsoft Corp. 1998
OriginalFilename : TASKMON.EXE
Scanning Module:C:\WINDOWS\TASKMON.EXE...
#:14 [SYSTRAY.EXE]
ModuleName : C:\WINDOWS\SYSTEM\SYSTRAY.EXE
Command Line : "C:\WINDOWS\SYSTEM\SysTray.Exe"
ProcessID : 4294789417
Threads : 2
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : System Tray Applet
InternalName : SYSTRAY
LegalCopyright : Copyright © Microsoft Corp. 1993-2000
OriginalFilename : SYSTRAY.EXE
Scanning Module:C:\WINDOWS\SYSTEM\SYSTRAY.EXE...
Scanning Module:C:\WINDOWS\SYSTEM\WMI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\BATMETER.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\POWRPROF.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SETUPAPI.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\WINSPOOL.DRV...
Scanning Module:C:\WINDOWS\SYSTEM\LZ32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\COMDLG32.DLL...
#:15 [EM_EXEC.EXE]
ModuleName : C:\PROGRAM FILES\MOUSEWARE\SYSTEM\EM_EXEC.EXE
Command Line : "C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE"
ProcessID : 4294761521
Threads : 2
Priority : Normal
FileVersion : 9.01.78
ProductVersion : 9.01
ProductName : MouseWare
CompanyName : Logitech Inc.
FileDescription : Control Center
InternalName : EM_EXEC
LegalCopyright : Copyright © Logitech Inc. 1987-2000.
LegalTrademarks : Logitech® and MouseWare® are registered trademarks of Logitech Inc.
OriginalFilename : EM_EXEC.CPP
Comments : Created by the MouseWare Team
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\CCMSGHK.DLL...
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\DEVICES.DLL...
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\CCSTMGLB.DLL...
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\CCRESGLB.DLL...
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\CCUSTOM.DLL...
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\CCRESRCE.DLL...
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\EM_EXEC.EXE...
Scanning Module:C:\PROGRAM FILES\MOUSEWARE\SYSTEM\EVENTEX.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\COMNCTR.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\LOGILANG.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MFC30.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSVCRT20.DLL...
#:16 [VPTRAY.EXE]
ModuleName : C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\VPTRAY.EXE
Command Line : "C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe"
ProcessID : 4294767225
Threads : 2
Priority : Normal
FileVersion : 8.00.00.9374
ProductVersion : 8.00.00.9374
ProductName : Symantec AntiVirus
CompanyName : Symantec Corporation
FileDescription : Symantec AntiVirus
LegalCopyright : Copyright © Symantec Corporation 1991-2002
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\CLISCAN.DLL...
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\CLIPROXY.DLL...
Scanning Module:C:\PROGRAM FILES\SYMANTEC_CLIENT_SECURITY\SYMANTEC ANTIVIRUS\VPTRAY.EXE...
#:17 [WMIEXE.EXE]
ModuleName : C:\WINDOWS\SYSTEM\WMIEXE.EXE
Command Line : WmiExe WMI_fffd4b39
ProcessID : 4294674977
Threads : 3
Priority : Normal
FileVersion : 4.90.2452.1
ProductVersion : 4.90.2452.1
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI service exe housing
InternalName : wmiexe
LegalCopyright : Copyright © Microsoft Corp. 1981-1999
OriginalFilename : wmiexe.exe
Scanning Module:C:\WINDOWS\SYSTEM\WMIEXE.EXE...
Scanning Module:C:\WINDOWS\SYSTEM\WMICORE.DLL...
#:18 [RNAAPP.EXE]
ModuleName : C:\WINDOWS\SYSTEM\RNAAPP.EXE
Command Line : rnaapp.exe -l
ProcessID : 4294608833
Threads : 2
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Dial-Up Networking Application
InternalName : RNAAPP
LegalCopyright : Copyright © Microsoft Corp. 1992-1996
OriginalFilename : RNAAPP.EXE
Scanning Module:C:\WINDOWS\SYSTEM\RNAAPP.EXE...
#:19 [TAPISRV.EXE]
ModuleName : C:\WINDOWS\SYSTEM\TAPISRV.EXE
Command Line : tapisrv.exe
ProcessID : 4294617353
Threads : 5
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Microsoft® Windows™ Telephony Server
InternalName : Telephony Service
LegalCopyright : Copyright © Microsoft Corp. 1994-1998
OriginalFilename : TAPISRV.EXE
Scanning Module:C:\WINDOWS\SYSTEM\TSP3216L.TSP...
Scanning Module:C:\WINDOWS\SYSTEM\DIGEST.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SCHANNEL.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSNSSPC.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSAPSSPC.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\MSVCRT40.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\TAPISRV.EXE...
#:20 [SPOOL32.EXE]
ModuleName : C:\WINDOWS\SYSTEM\SPOOL32.EXE
Command Line : C:\WINDOWS\SYSTEM\spool32.exe
ProcessID : 4294729617
Threads : 2
Priority : Normal
FileVersion : 4.90.3000
ProductVersion : 4.90.3000
ProductName : Microsoft® Windows® Millennium Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler Sub System Process
InternalName : spool32
LegalCopyright : Copyright © Microsoft Corp. 1994 - 1998
OriginalFilename : spool32.exe
Scanning Module:C:\WINDOWS\SYSTEM\MSPP32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\USBMON.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SPOOL32.EXE...
Scanning Module:C:\WINDOWS\SYSTEM\SPOOLSS.DLL...
#:21 [AD-AWARE.EXE]
ModuleName : C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\AD-AWARE.EXE
Command Line : "C:\Program Files\Lavasoft\Ad-Aware SE Personal\AD-AWARE.EXE"
ProcessID : 4294782229
Threads : 2
Priority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Scanning Module:C:\WINDOWS\SYSTEM\RICHED32.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\RICHED20.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\SHFOLDER.DLL...
Scanning Module:C:\WINDOWS\SYSTEM\OLEPRO32.DLL...
Scanning Module:C:\PROGRAM FILES\LAVASOFT\AD-AWARE SE PERSONAL\AD-AWARE.EXE...
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Deep scanning and examining files (c:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for c:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 11
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11
9:06:54 AM Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:08:53.490
Objects scanned:67200
Objects identified:0
Objects ignored:0
New critical objects:0
TexanGuy,
The MRU's are always safe to remove,
you can choose not to scan the MRU before you scan.
to do this open your Ad-aware and click "Start" then un-tick (un-check) the "Search for negligible risk entries" and the "Scan for low risk threats"
As far as your running processes it looks good to me you should see mind more than double yours
GR@PH;<'S
QUOTE
What do I do about the MRU objects
The MRU's are always safe to remove,
you can choose not to scan the MRU before you scan.
to do this open your Ad-aware and click "Start" then un-tick (un-check) the "Search for negligible risk entries" and the "Scan for low risk threats"
As far as your running processes it looks good to me you should see mind more than double yours
GR@PH;<'S
QUOTE(GRAFX @ Jun 25 2006, 03:32 PM) 
As far as your running processes it looks good to me you should see mind more than double yours
something tells me your processor is 10 times as fast as mine!
When my PC was not booting correctly, I ran an online virus scanner by Panda Software. It found a spyware and dialer program. I redid the scan tonight and it still found the same. The report it gave me was:
CODE
Incident Status Location
Dialer:Dialer.BZ Not disinfected C:\WINDOWS\Downloaded Program Files\Dialerdata.dll
Spyware:Spyware/BetterInet Not disinfected C:\WINDOWS\Downloaded Program Files\flash.inf
Dialer:Dialer.BZ Not disinfected C:\WINDOWS\Downloaded Program Files\Dialerdata.dll
Spyware:Spyware/BetterInet Not disinfected C:\WINDOWS\Downloaded Program Files\flash.inf
I looked in that directory for those files, but couldn't find them. Under Windows Explorer options menu, I have it setup to "show hidden files and folders" and have unchecked the "hide file extensions for known file types" and unchecked "hide protected operating system files", yet I can't see the files.
Does Ad-Aware SE detect these type of spyware? Is this just a gimmick by Panda Software trying to get users to buy their software?
Cheers and Thanks!
TexanGuy,
No it is no gimmick I regularly scan with on-line scanners to make sure that the programs I use have not misted any thing
please can you submit your files using the Lavasoft File Submission System so that other security programs can add to there list.
Also can you Submit you files to
the spykiller
Just press new topic, fill in the needed details and just give a link to your posts on the other forum & then press the browse button and then navigate to & select the files on your computer, If there is more than 1 file then press the more attachments button for each extra file and browse and select etc and then when all the files are listed in the windows press Post to upload the files
Do not post HJT logs here as they will not get dealt with
There is a maximum size of 2mb per file and 8mb per post
If you have more than 10 files to upload then please zip them and attach them in one go
You DO NOT need to be a member to upload, anybody can upload the files .
That way Ad-aware may be able to add the items to the next Definition file
After you have done that can you download HijackThis
After you have downloaded it and Unzipped it, doubleclick HijackThis.exe, and hit "Scan".
When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log somewhere, and then can you please post you Logfile in the
HijackThis Logs forum.
Call it some ting like "my HijachThis log" in the Topic Title
and then put "referred by GRAFX" as the Topic Description
Also Please can you include a link to this post for reference
GRAFX
QUOTE
Does Ad-Aware SE detect these type of spyware? Is this just a gimmick by Panda Software trying to get users to buy their software?
No it is no gimmick I regularly scan with on-line scanners to make sure that the programs I use have not misted any thing
please can you submit your files using the Lavasoft File Submission System so that other security programs can add to there list.
Also can you Submit you files to
the spykiller
Just press new topic, fill in the needed details and just give a link to your posts on the other forum & then press the browse button and then navigate to & select the files on your computer, If there is more than 1 file then press the more attachments button for each extra file and browse and select etc and then when all the files are listed in the windows press Post to upload the files
Do not post HJT logs here as they will not get dealt with
There is a maximum size of 2mb per file and 8mb per post
If you have more than 10 files to upload then please zip them and attach them in one go
You DO NOT need to be a member to upload, anybody can upload the files .
That way Ad-aware may be able to add the items to the next Definition file
After you have done that can you download HijackThis
After you have downloaded it and Unzipped it, doubleclick HijackThis.exe, and hit "Scan".
When the scan is finished, the "Scan" button will change into a "Save Log" button.
Press that, save the log somewhere, and then can you please post you Logfile in the
HijackThis Logs forum.
Call it some ting like "my HijachThis log" in the Topic Title
and then put "referred by GRAFX" as the Topic Description
Also Please can you include a link to this post for reference
GRAFX
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.