Basically, today I got home and my computer was slower than usual. I instantly thought it was spyware, so I proceeded to use my Ad-aware SE.
I got the usual old definitions message, and proceeded to update it. However, when it was completing the download, power went out around here, and probably some important files got damaged.
Now, when I finally could turn the computer on, I tried to update again. Then, I got this message:
[quote]
Error connecting to Server.
Please retry updating at another time.
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Ad-Aware SE Resolved/Inactive Issues
While I can obviously update the definitions manually by using method 2 in the topic "Ad-Aware Definition Update Problems", I don't simply want to update them: I want to fully solve this issue, and get my Ad-Aware application to its usual 2-click update.
I've already tried the following things:
- Uninstalling and then reinstalling Ad-Aware SE (I get the exact same problem as before);
- Disabling my firewall;
- Ensure that I am indeed connected online.
Any ideas on how to fix it?
See here first: Make sure you have the latest Version of Adaware
http://www.lavasoftsupport.com/index.php?showtopic=1163
If you do have Adaware SE v. 1.06
The definition file on your system might be corrupted. To check, locate the directory “C:\program files\lavasoft\Ad-Aware SE\ folder�. Delete the files “defs.ref� and “def.ref.old� and try again.
http://www.lavasoftsupport.com/index.php?showtopic=1163
If you do have Adaware SE v. 1.06
The definition file on your system might be corrupted. To check, locate the directory “C:\program files\lavasoft\Ad-Aware SE\ folder�. Delete the files “defs.ref� and “def.ref.old� and try again.
Hey.
I'm using Build 1.06r1. If I try to do that (and I did, just forgot to mention it here), and delete the two files (I just had "defs.ref" in there, no previous copy of it), then I'll click Ad-Aware.exe and I get this message, WHILE THE PROGRAM IS STILL LOADING:
[quote]
Error while loading the Ad-Aware definitions file.
<!--Quo######d--></div><!--QuoteEEnd-->
I click the Ok button, it finished loading and I see this:
http://img87.imageshack.us/img87/738/adlu9.jpg
When clicking the "Check for Updates Now" button, I get exactly the same problem (i.e., the same error message) as in my first post.
Anything else I can try to solve this, please?
Edit by CalamityJane: Added your screenshot as a .gif attachment here
I'm using Build 1.06r1. If I try to do that (and I did, just forgot to mention it here), and delete the two files (I just had "defs.ref" in there, no previous copy of it), then I'll click Ad-Aware.exe and I get this message, WHILE THE PROGRAM IS STILL LOADING:
[quote]
Error while loading the Ad-Aware definitions file.
<!--Quo######d--></div><!--QuoteEEnd-->
I click the Ok button, it finished loading and I see this:
http://img87.imageshack.us/img87/738/adlu9.jpg
When clicking the "Check for Updates Now" button, I get exactly the same problem (i.e., the same error message) as in my first post.
Anything else I can try to solve this, please?
Edit by CalamityJane: Added your screenshot as a .gif attachment here
Try downloading the definitions manually from
http://updates.ls-servers.com/public/defs.zip
Choose to *save* the file,to this directory where you have adaware installed in your Programs folder:
{usually} C:\Program Files\Lavasoft\Ad-Aware SE Personal
When you have downloaded the definition file, go to "Settings" -> "General", and click the "Using Definition File" button. Then browse to the file to open the one you downloaded.
Edit: corrected download updates URL
http://updates.ls-servers.com/public/defs.zip
Choose to *save* the file,to this directory where you have adaware installed in your Programs folder:
{usually} C:\Program Files\Lavasoft\Ad-Aware SE Personal
When you have downloaded the definition file, go to "Settings" -> "General", and click the "Using Definition File" button. Then browse to the file to open the one you downloaded.
Edit: corrected download updates URL
Hi.
I downloaded them from your first link (the second link wasn't even working for me), and did everything you tell me. When opening the program, it then complains that "The definitions are 49 days old, and if I wanted to check for updates. I obviously click "OK", "Connect", and it takes me to the exact same error that I've reported before.
I tried to update from the link that LJ SteveJ gave in one of the pinned topics ( it was http://update.ls-servers.com/public/defs.zip ), but the link was currently broken.
While I could obviously update my definitions manually each time I want, that is not my problem; what I wanted is to fix my error, the one that is stopping me from updating "normally". Anyone knows how to do it, please?
P.S.-> In an unrelated note, this forum has a glitch, as the tags ( [ quote ] , and others) seem to become broken (as seen when LS CalamityJane edited my last post) and substituted by a strange coding. I hope someone can fix it...
I downloaded them from your first link (the second link wasn't even working for me), and did everything you tell me. When opening the program, it then complains that "The definitions are 49 days old, and if I wanted to check for updates. I obviously click "OK", "Connect", and it takes me to the exact same error that I've reported before.
I tried to update from the link that LJ SteveJ gave in one of the pinned topics ( it was http://update.ls-servers.com/public/defs.zip ), but the link was currently broken.
While I could obviously update my definitions manually each time I want, that is not my problem; what I wanted is to fix my error, the one that is stopping me from updating "normally". Anyone knows how to do it, please?
P.S.-> In an unrelated note, this forum has a glitch, as the tags ( [ quote ] , and others) seem to become broken (as seen when LS CalamityJane edited my last post) and substituted by a strange coding. I hope someone can fix it...
Since you originally suspected malware, why don't we make sure it's not being caused by that.
Could you please use the free diagnostic tool: HijackThis
to make a log I can review.
Instructions on creating a HijackThis Log
http://www.lavasoftsupport.com/index.php?showtopic=216
Could you please use the free diagnostic tool: HijackThis
to make a log I can review.
Instructions on creating a HijackThis Log
http://www.lavasoftsupport.com/index.php?showtopic=216
Here is my log:
QUOTE
Logfile of HijackThis v1.99.1
Scan saved at 21:31:16, on 19-07-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\DAP\DAP.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Programas\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Programas\Gmail Notifier\gnotify.exe
C:\Programas\Ficheiros comuns\soft602\pdfSaver.exe
C:\Programas\Java\jre1.5.0_06\bin\jusched.exe
C:\Programas\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\MSN Messenger\MsnMsgr.Exe
C:\Programas\Netcount\Netcount.exe
C:\Programas\3M PSNLite\PsnLite.exe
C:\PROGRA~1\3MPSNL~1\PSNGive.exe
C:\Programas\Avast4\aswUpdSv.exe
C:\Programas\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programas\VMware Workstation\vmware-authd.exe
C:\Programas\Ficheiros comuns\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Programas\Avast4\ashMaiSv.exe
C:\Programas\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programas\Internet Explorer\IEXPLORE.EXE
C:\Programas\WinRAR\WinRAR.exe
C:\DOCUME~1\ADMINI~1\DEFINI~1\Temp\Rar$EX04.875\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Programas\DAP\DAPIEBar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\WINDOWS\Downloaded Program Files\googlenav.dll
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programas\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programas\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [602PC SUITE PDF Saver] "C:\Programas\Ficheiros comuns\soft602\pdfSaver.exe"
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programas\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programas\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Netcount] C:\Programas\Netcount\Netcount.exe 0
O4 - Global Startup: Microsoft Office.lnk = C:\Programas\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Programas\3M PSNLite\PsnLite.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Panda ActiveScan - {653D93AF-C741-4e5e-8C1B-59BA43F93E16} - http://www.pandasoftware.com/activescan (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {2A0DED63-24F3-4FD6-BEC4-58F8E1F0C205} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/pt-PT/big/1...g/GoogleNav.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{28CAFF9E-11C6-45A8-AF8B-E6342ECDE791}: NameServer = 194.65.100.117
O17 - HKLM\System\CS1\Services\Tcpip\..\{28CAFF9E-11C6-45A8-AF8B-E6342ECDE791}: NameServer = 194.65.100.117
O17 - HKLM\System\CS2\Services\Tcpip\..\{28CAFF9E-11C6-45A8-AF8B-E6342ECDE791}: NameServer = 194.65.100.117
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O19 - User stylesheet: (file missing)
O20 - Winlogon Notify: rasntr - rasntr.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programas\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programas\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programas\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programas\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Programas\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Programas\Ficheiros comuns\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
Scan saved at 21:31:16, on 19-07-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\DAP\DAP.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Programas\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Programas\Gmail Notifier\gnotify.exe
C:\Programas\Ficheiros comuns\soft602\pdfSaver.exe
C:\Programas\Java\jre1.5.0_06\bin\jusched.exe
C:\Programas\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\MSN Messenger\MsnMsgr.Exe
C:\Programas\Netcount\Netcount.exe
C:\Programas\3M PSNLite\PsnLite.exe
C:\PROGRA~1\3MPSNL~1\PSNGive.exe
C:\Programas\Avast4\aswUpdSv.exe
C:\Programas\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programas\VMware Workstation\vmware-authd.exe
C:\Programas\Ficheiros comuns\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Programas\Avast4\ashMaiSv.exe
C:\Programas\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programas\Internet Explorer\IEXPLORE.EXE
C:\Programas\WinRAR\WinRAR.exe
C:\DOCUME~1\ADMINI~1\DEFINI~1\Temp\Rar$EX04.875\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Programas\DAP\DAPIEBar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\WINDOWS\Downloaded Program Files\googlenav.dll
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programas\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programas\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [602PC SUITE PDF Saver] "C:\Programas\Ficheiros comuns\soft602\pdfSaver.exe"
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programas\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programas\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Netcount] C:\Programas\Netcount\Netcount.exe 0
O4 - Global Startup: Microsoft Office.lnk = C:\Programas\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Programas\3M PSNLite\PsnLite.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Panda ActiveScan - {653D93AF-C741-4e5e-8C1B-59BA43F93E16} - http://www.pandasoftware.com/activescan (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {2A0DED63-24F3-4FD6-BEC4-58F8E1F0C205} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/pt-PT/big/1...g/GoogleNav.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{28CAFF9E-11C6-45A8-AF8B-E6342ECDE791}: NameServer = 194.65.100.117
O17 - HKLM\System\CS1\Services\Tcpip\..\{28CAFF9E-11C6-45A8-AF8B-E6342ECDE791}: NameServer = 194.65.100.117
O17 - HKLM\System\CS2\Services\Tcpip\..\{28CAFF9E-11C6-45A8-AF8B-E6342ECDE791}: NameServer = 194.65.100.117
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O19 - User stylesheet: (file missing)
O20 - Winlogon Notify: rasntr - rasntr.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programas\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programas\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programas\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programas\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Programas\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Programas\Ficheiros comuns\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
C:\DOCUME~1\ADMINI~1\DEFINI~1\Temp\Rar$EX04.875\HijackThis.exe
You are running HijackThis straight from the compressed folder. You must extract the HijackThis.exe to it's own folder.
Please make a new folder to put your HijackThis.exe into. Anywhere on your hard drive is fine other than your Desktop or the Temp folder. We suggest you use something like "C:\Program Files\HijackThis" but feel free to use any name. See here for specific instructions and screen shots to help:
http://russelltexas.com/malware/createhjtfolder.htm
This is to ensure it makes the necessary backups for recovery if needed.
Unzip/decompress the HijackThis.zip file and extract the contents (HijackThis.exe) to the new folder you made.
One extra step I would like for you to do please. Go to the new HijackThis folder and rightclick on HijackThis.exe. rename the file to: HJT.exe When finished, then doubleclick on HJT.exe to run it to produce a log. Post the new log back here please.
You are running HijackThis straight from the compressed folder. You must extract the HijackThis.exe to it's own folder.
Please make a new folder to put your HijackThis.exe into. Anywhere on your hard drive is fine other than your Desktop or the Temp folder. We suggest you use something like "C:\Program Files\HijackThis" but feel free to use any name. See here for specific instructions and screen shots to help:
http://russelltexas.com/malware/createhjtfolder.htm
This is to ensure it makes the necessary backups for recovery if needed.
Unzip/decompress the HijackThis.zip file and extract the contents (HijackThis.exe) to the new folder you made.
One extra step I would like for you to do please. Go to the new HijackThis folder and rightclick on HijackThis.exe. rename the file to: HJT.exe When finished, then doubleclick on HJT.exe to run it to produce a log. Post the new log back here please.
Thanks for your help, here comes the new log.
QUOTE
Logfile of HijackThis v1.99.1
Scan saved at 22:58:02, on 19-07-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\DAP\DAP.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Programas\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Programas\Gmail Notifier\gnotify.exe
C:\Programas\Ficheiros comuns\soft602\pdfSaver.exe
C:\Programas\Java\jre1.5.0_06\bin\jusched.exe
C:\Programas\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\MSN Messenger\MsnMsgr.Exe
C:\Programas\Netcount\Netcount.exe
C:\Programas\3M PSNLite\PsnLite.exe
C:\PROGRA~1\3MPSNL~1\PSNGive.exe
C:\Programas\Avast4\aswUpdSv.exe
C:\Programas\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programas\VMware Workstation\vmware-authd.exe
C:\Programas\Ficheiros comuns\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Programas\Avast4\ashMaiSv.exe
C:\Programas\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programas\Internet Explorer\iexplore.exe
C:\Programas\Hijack This\HJT.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Programas\DAP\DAPIEBar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\WINDOWS\Downloaded Program Files\googlenav.dll
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programas\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programas\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [602PC SUITE PDF Saver] "C:\Programas\Ficheiros comuns\soft602\pdfSaver.exe"
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programas\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programas\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Netcount] C:\Programas\Netcount\Netcount.exe 0
O4 - Global Startup: Microsoft Office.lnk = C:\Programas\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Programas\3M PSNLite\PsnLite.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Panda ActiveScan - {653D93AF-C741-4e5e-8C1B-59BA43F93E16} - http://www.pandasoftware.com/activescan (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {2A0DED63-24F3-4FD6-BEC4-58F8E1F0C205} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/pt-PT/big/1...g/GoogleNav.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{28CAFF9E-11C6-45A8-AF8B-E6342ECDE791}: NameServer = 194.65.100.117
O17 - HKLM\System\CS1\Services\Tcpip\..\{28CAFF9E-11C6-45A8-AF8B-E6342ECDE791}: NameServer = 194.65.100.117
O17 - HKLM\System\CS2\Services\Tcpip\..\{28CAFF9E-11C6-45A8-AF8B-E6342ECDE791}: NameServer = 194.65.100.117
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O19 - User stylesheet: (file missing)
O20 - Winlogon Notify: rasntr - rasntr.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programas\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programas\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programas\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programas\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Programas\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Programas\Ficheiros comuns\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
Scan saved at 22:58:02, on 19-07-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\DAP\DAP.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Programas\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Programas\Gmail Notifier\gnotify.exe
C:\Programas\Ficheiros comuns\soft602\pdfSaver.exe
C:\Programas\Java\jre1.5.0_06\bin\jusched.exe
C:\Programas\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\MSN Messenger\MsnMsgr.Exe
C:\Programas\Netcount\Netcount.exe
C:\Programas\3M PSNLite\PsnLite.exe
C:\PROGRA~1\3MPSNL~1\PSNGive.exe
C:\Programas\Avast4\aswUpdSv.exe
C:\Programas\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programas\VMware Workstation\vmware-authd.exe
C:\Programas\Ficheiros comuns\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Programas\Avast4\ashMaiSv.exe
C:\Programas\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programas\Internet Explorer\iexplore.exe
C:\Programas\Hijack This\HJT.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Programas\DAP\DAPIEBar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\WINDOWS\Downloaded Program Files\googlenav.dll
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programas\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programas\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [602PC SUITE PDF Saver] "C:\Programas\Ficheiros comuns\soft602\pdfSaver.exe"
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programas\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programas\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Netcount] C:\Programas\Netcount\Netcount.exe 0
O4 - Global Startup: Microsoft Office.lnk = C:\Programas\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Programas\3M PSNLite\PsnLite.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Panda ActiveScan - {653D93AF-C741-4e5e-8C1B-59BA43F93E16} - http://www.pandasoftware.com/activescan (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {2A0DED63-24F3-4FD6-BEC4-58F8E1F0C205} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/pt-PT/big/1...g/GoogleNav.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{28CAFF9E-11C6-45A8-AF8B-E6342ECDE791}: NameServer = 194.65.100.117
O17 - HKLM\System\CS1\Services\Tcpip\..\{28CAFF9E-11C6-45A8-AF8B-E6342ECDE791}: NameServer = 194.65.100.117
O17 - HKLM\System\CS2\Services\Tcpip\..\{28CAFF9E-11C6-45A8-AF8B-E6342ECDE791}: NameServer = 194.65.100.117
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O19 - User stylesheet: (file missing)
O20 - Winlogon Notify: rasntr - rasntr.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programas\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programas\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programas\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programas\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Programas\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Programas\Ficheiros comuns\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
Very good!
But no evidence of any active malware problems.
There are two leftovers in the registry you can fix with HijackThis.
Open HijackThis and do a *system scan only*
Checkmark these two entries, then press the *fix checked* button
O19 - User stylesheet: (file missing)
O20 - Winlogon Notify: rasntr - rasntr.dll (file missing)
Close HijackThis.
..........................
I wonder if it could be your firewall interferring?
Could you try this please.
Open your control Panel and turn ON the XP windows firewall.
Then Rightclick on ZoneAlarm icon in the tray beside the clock. Choose *Shutdown ZoneAlarm*.
Try to update Adaware again. Let me know if that works.
When you reboot ZoneAlarm will be active again, so be sure you turn off the Windows firewall after you reboot.
Or you can restart ZoneAlarm from the Program menu and then turn off the XP firewall (just be sure you don't have both running at once)
But no evidence of any active malware problems.
There are two leftovers in the registry you can fix with HijackThis.
Open HijackThis and do a *system scan only*
Checkmark these two entries, then press the *fix checked* button
O19 - User stylesheet: (file missing)
O20 - Winlogon Notify: rasntr - rasntr.dll (file missing)
Close HijackThis.
..........................
I wonder if it could be your firewall interferring?
Could you try this please.
Open your control Panel and turn ON the XP windows firewall.
Then Rightclick on ZoneAlarm icon in the tray beside the clock. Choose *Shutdown ZoneAlarm*.
Try to update Adaware again. Let me know if that works.
When you reboot ZoneAlarm will be active again, so be sure you turn off the Windows firewall after you reboot.
Or you can restart ZoneAlarm from the Program menu and then turn off the XP firewall (just be sure you don't have both running at once)
Thanks for fixing my log! 
About the firewall, that was one of the very first things I've tried, and when trying it *again*, the same problem occurs. I even checked for the program's access (Ad-aware was allowed in all of them), but I keep on having the problem AND even found that I am not the only one, check this out: http://www.mcse.ms/archive118-2004-12-1283274.html , it seems to be from a person with the exact same problem.
However, I still don't know what to do!
Personally, I think that the place where the download url is may be damaged, but I have no clue on how to check it...
About the firewall, that was one of the very first things I've tried, and when trying it *again*, the same problem occurs. I even checked for the program's access (Ad-aware was allowed in all of them), but I keep on having the problem AND even found that I am not the only one, check this out: http://www.mcse.ms/archive118-2004-12-1283274.html , it seems to be from a person with the exact same problem.
However, I still don't know what to do!
Personally, I think that the place where the download url is may be damaged, but I have no clue on how to check it...
Longshot here but as a long time ZoneAlarm user, I have found that when ZoneAlarm is not shut down properly (as your case, a power outage or a system crash), it will create .tmp files in the following folder that can cause later problems with it's properly functioning. It is ok to clean out those .tmp files here:
C:\WINDOWS\Internet Logs <---delete any .tmp files in that folder
I sometimes found ZA acting weird unless I clean those out periodically.
Let me know if that resolves the problem. We can investigate other things, but I suspect firewall or DNS issues may be the problem - not your program, especially if you have uninstalled/reinstalled Ad-Aware SE
C:\WINDOWS\Internet Logs <---delete any .tmp files in that folder
I sometimes found ZA acting weird unless I clean those out periodically.
Let me know if that resolves the problem. We can investigate other things, but I suspect firewall or DNS issues may be the problem - not your program, especially if you have uninstalled/reinstalled Ad-Aware SE
Deleted them, safely restarted, tried to disable the Firewall again (as you had told me in the previous message of yours) and I still get the same error.
You have some proxy settings in place? (Note: This could be another security software using those settings)
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
Have you installed any new software about the time of the incident with the Power Outage?
I'll give you the instructions from the fax on errors retrieving updates. In your case it is connection related.
AD-AWARE SE PERSONAL, AD-AWARE SE PLUS AND AD-AWARE SE PROFESSIONAL
Q I cannot perform web update of the definition file after upgrading to Build 1.06 (Error retrieving update).
A This problem may be caused by any of the following:
* The definition file on your system might be corrupted. To check, locate the directory “C:\program files\lavasoft\Ad-Aware SE\ folder�. Delete the files “defs.ref� and “def.ref.old� and try again.
* If the update halts after only five percent of it is processed, your firewall is most likely preventing the update. To correct, disable the firewall for the duration of the update or configure the firewall to allow requests from Ad-Aware to pass through.
* Web update confirmation dialogs are suppressed. To correct:
o Open Ad-Aware.
o Click on the “Ad-Aware Configuration Window� icon.
o Click on “Tweak�.
o Click on “WebUpdate Settings� to expand it.
o Deselect “Suppress WebUpdate confirmation dialogs�.
* You have inadvertently turned on the “Use HTTP Proxy� option. To correct:
o Open Ad-Aware.
o Click on the “Integrated WebUpdate Tool� icon.
o Click on “Configure�.
o Deselect the “Use HTTP Proxy� option.
o Try updating the definition file again.
* If none of the above is preventing the update, it is recommended that you try to perform a manual update. Do as follows:
o Close Ad-Aware.
o Download the latest definition file in a ZIP format and save the file to a temporary location.
o Unzip the contents of the file either with your favorite ZIP utility or the built-in support in Windows to the Ad-Aware installation directory, which usually is “C:\Program Files\Lavasoft\Ad-aware SE\�.
o Open Ad-aware.
o Confirm that the latest definition file is installed by checking out the “Initialization Status� in the main program window.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
Have you installed any new software about the time of the incident with the Power Outage?
I'll give you the instructions from the fax on errors retrieving updates. In your case it is connection related.
AD-AWARE SE PERSONAL, AD-AWARE SE PLUS AND AD-AWARE SE PROFESSIONAL
Q I cannot perform web update of the definition file after upgrading to Build 1.06 (Error retrieving update).
A This problem may be caused by any of the following:
* The definition file on your system might be corrupted. To check, locate the directory “C:\program files\lavasoft\Ad-Aware SE\ folder�. Delete the files “defs.ref� and “def.ref.old� and try again.
* If the update halts after only five percent of it is processed, your firewall is most likely preventing the update. To correct, disable the firewall for the duration of the update or configure the firewall to allow requests from Ad-Aware to pass through.
* Web update confirmation dialogs are suppressed. To correct:
o Open Ad-Aware.
o Click on the “Ad-Aware Configuration Window� icon.
o Click on “Tweak�.
o Click on “WebUpdate Settings� to expand it.
o Deselect “Suppress WebUpdate confirmation dialogs�.
* You have inadvertently turned on the “Use HTTP Proxy� option. To correct:
o Open Ad-Aware.
o Click on the “Integrated WebUpdate Tool� icon.
o Click on “Configure�.
o Deselect the “Use HTTP Proxy� option.
o Try updating the definition file again.
* If none of the above is preventing the update, it is recommended that you try to perform a manual update. Do as follows:
o Close Ad-Aware.
o Download the latest definition file in a ZIP format and save the file to a temporary location.
o Unzip the contents of the file either with your favorite ZIP utility or the built-in support in Windows to the Ad-Aware installation directory, which usually is “C:\Program Files\Lavasoft\Ad-aware SE\�.
o Open Ad-aware.
o Confirm that the latest definition file is installed by checking out the “Initialization Status� in the main program window.
Yeah, if I remember correctly, I installed a proxy-like program 2 days before. However, since my update before the power going down was doing fine (it was above 80%, I don't remember the exact number but I remember it was almost completed), I doubt that it can be the cause of the problem. However, I already tried to disable the proxy and tried to update again, but it didn't worked.
About your suggestions, those seem to be the same as in the "Ad-Aware Definition Update Problems" topic, no? Because I've tried that before!
- I deleted the files, as you had already told me to do.
- It doesn't halt at 5%, it doesn't even start!
- The Web update dialogs are not supressed, I mean, the option is off.
- The "Use HTTP Proxy" proxy is off.
- About the manual update, well, that worked. However, that's not my point; apart from updating, I want to fully fix this problem!
About your suggestions, those seem to be the same as in the "Ad-Aware Definition Update Problems" topic, no? Because I've tried that before!
- I deleted the files, as you had already told me to do.
- It doesn't halt at 5%, it doesn't even start!
- The Web update dialogs are not supressed, I mean, the option is off.
- The "Use HTTP Proxy" proxy is off.
- About the manual update, well, that worked. However, that's not my point; apart from updating, I want to fully fix this problem!
QUOTE(Mykas0 @ Jul 20 2006, 09:02 AM) 
- The "Use HTTP Proxy" proxy is off.
Except that you said you did install proxy type software, so it could be a configuration problem.
See this FAQ:
I Am Behind A Proxy Server And Keep Receiving Error Messages When I Attempt To Update My Definition File In Ad-aware Se
http://www.lavasoftsupport.com/index.php?showtopic=29
Yeah, but the proxy is currently turned off, I am connected directly to the web by using a usb modem...
*sigh* running out of ideas, but we'll keep plugging along...
What error message are you getting now when you try to update via the *Check for updates now* link?
Have you run an Adaware scan since you last manually updated? If so, can you post the log from it please? It will give me some info about your system that might be helpful
What error message are you getting now when you try to update via the *Check for updates now* link?
Have you run an Adaware scan since you last manually updated? If so, can you post the log from it please? It will give me some info about your system that might be helpful
The error message is exactly the same I've stated in the first post:
As for logs, using the definitions you've pointed me before (which are 50 days old...), performing a FULL SYSTEM SCAN, they get this log:
The final result was:
MRU List (27 objects)
Tracking Cookie (26 objects)
SpyWareNuckerXT (1 object)
While I was at it, I obviously quarantined all of them. When the "Quarantining Selection" reaches 100%, it seems to freeze.
QUOTE
Error connecting to Server.
Please retry updating at another time.
Please retry updating at another time.
As for logs, using the definitions you've pointed me before (which are 50 days old...), performing a FULL SYSTEM SCAN, they get this log:
QUOTE
Ad-Aware SE Build 1.06r1
Logfile Created on:quinta-feira, 20 de Julho de 2006 22:00:17
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R110 31.05.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):27 total references
SpyWareNukerXT(TAC index:3):1 total references
Tracking Cookie(TAC index:3):26 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
20-07-2006 22:00:17 - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\Administrador\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\Administrador\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\google\navclient\1.1\history
Description : list of recently used search terms in the google toolbar
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\office\10.0\common\general
Description : list of recently used symbols in microsoft office
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 552
ThreadCreationTime : 20-07-2006 20:54:09
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 632
ThreadCreationTime : 20-07-2006 20:54:11
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 660
ThreadCreationTime : 20-07-2006 20:54:13
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 704
ThreadCreationTime : 20-07-2006 20:54:13
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Aplicação de serviços e controlo
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Todos os direitos reservados.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 724
ThreadCreationTime : 20-07-2006 20:54:13
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [ati2evxx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 884
ThreadCreationTime : 20-07-2006 20:54:13
BasePriority : Normal
FileVersion : 6.14.10.4117
ProductVersion : 6.14.10.4117
ProductName : ATI External Event Utility for WindowsNT and Windows9X
CompanyName : ATI Technologies Inc.
FileDescription : ATI External Event Utility EXE Module
InternalName : ATI2EVXX.EXE
LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
OriginalFilename : ATI2EVXX.EXE
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 912
ThreadCreationTime : 20-07-2006 20:54:13
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 968
ThreadCreationTime : 20-07-2006 20:54:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1312
ThreadCreationTime : 20-07-2006 20:54:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1412
ThreadCreationTime : 20-07-2006 20:54:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1480
ThreadCreationTime : 20-07-2006 20:54:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:12 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1660
ThreadCreationTime : 20-07-2006 20:54:15
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:13 [ati2evxx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1888
ThreadCreationTime : 20-07-2006 20:54:23
BasePriority : Normal
FileVersion : 6.14.10.4117
ProductVersion : 6.14.10.4117
ProductName : ATI External Event Utility for WindowsNT and Windows9X
CompanyName : ATI Technologies Inc.
FileDescription : ATI External Event Utility EXE Module
InternalName : ATI2EVXX.EXE
LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
OriginalFilename : ATI2EVXX.EXE
#:14 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1964
ThreadCreationTime : 20-07-2006 20:54:23
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorador do Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Todos os direitos reservados.
OriginalFilename : EXPLORER.EXE
#:15 [aswupdsv.exe]
FilePath : C:\Programas\Avast4\
ProcessID : 328
ThreadCreationTime : 20-07-2006 20:54:24
BasePriority : Normal
#:16 [ashserv.exe]
FilePath : C:\Programas\Avast4\
ProcessID : 376
ThreadCreationTime : 20-07-2006 20:54:24
BasePriority : High
FileVersion : 4, 7, 844, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright © 2006 ALWIL Software
OriginalFilename : aswServ.exe
#:17 [dap.exe]
FilePath : C:\PROGRA~1\DAP\
ProcessID : 412
ThreadCreationTime : 20-07-2006 20:54:25
BasePriority : Normal
FileVersion : 7, 4, 0, 1
ProductVersion : 7, 4, 0, 1
ProductName : Download Accelerator Plus
CompanyName : Speedbit Ltd.
FileDescription : Download Accelerator Plus
InternalName : DAP
LegalCopyright : Copyright © 1999 - 2005 Speedbit Ltd.
OriginalFilename : DAP.EXE
Comments : 59
#:18 [alcxmntr.exe]
FilePath : C:\WINDOWS\
ProcessID : 420
ThreadCreationTime : 20-07-2006 20:54:25
BasePriority : Normal
FileVersion : 1.5
ProductVersion : 1.5
ProductName : Realtek Audio - Event Monitor
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Audio - Event Monitor
InternalName : Alcxmntr
LegalCopyright : Copyright © 2004 Realtek Semiconductor Corp.
OriginalFilename : Alcxmntr.exe
#:19 [acrotray.exe]
FilePath : C:\Programas\Adobe\Acrobat 7.0\Distillr\
ProcessID : 428
ThreadCreationTime : 20-07-2006 20:54:25
BasePriority : Normal
FileVersion : 6.0.1.2004121400
ProductVersion : 6.0.1.2004121400
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
LegalCopyright : Copyright 1984-2004 Adobe Systems Incorporated and its licensors. All rights reserved.
OriginalFilename : AcroTray.exe
#:20 [ashdisp.exe]
FilePath : C:\PROGRA~1\Avast4\
ProcessID : 468
ThreadCreationTime : 20-07-2006 20:54:26
BasePriority : Normal
FileVersion : 5, 0, 0, 0
ProductVersion : 5, 0, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! service GUI component
InternalName : aswDisp
LegalCopyright : Copyright © 2006 ALWIL Software
OriginalFilename : aswDisp.exe
#:21 [gnotify.exe]
FilePath : C:\Programas\Gmail Notifier\
ProcessID : 504
ThreadCreationTime : 20-07-2006 20:54:26
BasePriority : Normal
FileVersion : 1.0.25.0
ProductVersion : 1.0.25.0
ProductName : Gmail
CompanyName : Google Inc.
FileDescription : Gmail Notifier
LegalCopyright : Copyright © Google Inc. 2004-2005
OriginalFilename : gnotify.exe
#:22 [pdfsaver.exe]
FilePath : C:\Programas\Ficheiros comuns\soft602\
ProcessID : 516
ThreadCreationTime : 20-07-2006 20:54:27
BasePriority : Normal
#:23 [cisvc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 572
ThreadCreationTime : 20-07-2006 20:54:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Content Index service
InternalName : cisvc.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : cisvc.exe
#:24 [jusched.exe]
FilePath : C:\Programas\Java\jre1.5.0_06\bin\
ProcessID : 316
ThreadCreationTime : 20-07-2006 20:54:27
BasePriority : Normal
#:25 [zlclient.exe]
FilePath : C:\Programas\ZoneAlarm\
ProcessID : 640
ThreadCreationTime : 20-07-2006 20:54:27
BasePriority : Normal
FileVersion : 6.1.744.001
ProductVersion : 6.1.744.001
ProductName : Zone Labs Client
CompanyName : Zone Labs, LLC
FileDescription : Zone Labs Client
InternalName : zlclient
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : zlclient.exe
#:26 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 792
ThreadCreationTime : 20-07-2006 20:54:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:27 [msnmsgr.exe]
FilePath : C:\Programas\MSN Messenger\
ProcessID : 1012
ThreadCreationTime : 20-07-2006 20:54:28
BasePriority : Normal
FileVersion : 8.0.0792.00
ProductVersion : 8.0.0792
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr.exe
LegalCopyright : Copyright © Microsoft Corporation. All rights reserved.
OriginalFilename : msnmsgr.exe
#:28 [netcount.exe]
FilePath : C:\Programas\Netcount\
ProcessID : 1028
ThreadCreationTime : 20-07-2006 20:54:28
BasePriority : Normal
FileVersion : v1.66
ProductVersion : v1.66
ProductName : Netcount
CompanyName : Pedro Lucas
FileDescription : Netcount Application
InternalName : Netcount
LegalCopyright : Copyright © Pedro Lucas and Politecnico di Torino 2005
LegalTrademarks : Netcabo ; Netvisão ; SAPO ; Telepac ; Oninet ; Novis ; Via Networks ; Teleweb ; Tvtel
OriginalFilename : Netcount.EXE
Comments : No comments
#:29 [psnlite.exe]
FilePath : C:\Programas\3M PSNLite\
ProcessID : 1600
ThreadCreationTime : 20-07-2006 20:54:29
BasePriority : Normal
FileVersion : 3, 1, 1, 1073
ProductVersion : 3, 1, 1, 1073
ProductName : Post-it® Software Notes Lite
CompanyName : 3M
FileDescription : Post-it® Software Notes: System
InternalName : PSN
LegalCopyright : © 1995-2004 3M Company. All Rights Reserved.
LegalTrademarks : "Post-it" and canary yellow are a registered trademarks of 3M.
OriginalFilename : PSN2VIEW.EXE
#:30 [psngive.exe]
FilePath : C:\PROGRA~1\3MPSNL~1\
ProcessID : 1824
ThreadCreationTime : 20-07-2006 20:54:30
BasePriority : Normal
FileVersion : 3, 1, 2, 2073
ProductVersion : 3, 1, 2, 2073
ProductName : Post-it® Software Notes
CompanyName : 3M
FileDescription : Post-it® Software Notes: GiveNote
InternalName : PSN
LegalCopyright : © 1995-2004 3M Company. All Rights Reserved.
LegalTrademarks : "Post-it" and canary yellow are a registered trademarks of 3M.
OriginalFilename : PSN.EXE
#:31 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1840
ThreadCreationTime : 20-07-2006 20:54:36
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:32 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2032
ThreadCreationTime : 20-07-2006 20:54:36
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:33 [vmware-authd.exe]
FilePath : C:\Programas\VMware Workstation\
ProcessID : 2084
ThreadCreationTime : 20-07-2006 20:54:37
BasePriority : Normal
FileVersion : 5.5.1 build-19175
ProductVersion : 5.5.1 build-19175
ProductName : VMware Workstation
CompanyName : VMware, Inc.
FileDescription : VMware Authorization Service
InternalName : vmauthd
LegalCopyright : Copyright © 1998-2005 VMware, Inc.
OriginalFilename : vmware-authd.exe
#:34 [vmount2.exe]
FilePath : C:\Programas\Ficheiros comuns\VMware\VMware Virtual Image Editing\
ProcessID : 2108
ThreadCreationTime : 20-07-2006 20:54:37
BasePriority : Normal
FileVersion : 5.5.1 build-19175
ProductVersion : 5.5.1 build-19175
ProductName : VMware Workstation
CompanyName : VMware, Inc.
FileDescription : virtual disk mount service
InternalName : vmount
LegalCopyright : Copyright © 1998-2005 VMware, Inc.
OriginalFilename : vmount2.EXE
#:35 [vmnat.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2132
ThreadCreationTime : 20-07-2006 20:54:38
BasePriority : Normal
FileVersion : 5.5.1 build-19175
ProductVersion : 5.5.1 build-19175
ProductName : VMware Workstation
CompanyName : VMware, Inc.
FileDescription : VMware NAT Service
InternalName : vmnat
LegalCopyright : Copyright © 1998-2005 VMware, Inc.
OriginalFilename : vmnat.exe
#:36 [vsmon.exe]
FilePath : C:\WINDOWS\SYSTEM32\ZONELABS\
ProcessID : 2148
ThreadCreationTime : 20-07-2006 20:54:38
BasePriority : Normal
FileVersion : 6.1.744.001
ProductVersion : 6.1.744.001
ProductName : TrueVector Service
CompanyName : Zone Labs, LLC
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : vsmon.exe
#:37 [vmnetdhcp.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2276
ThreadCreationTime : 20-07-2006 20:54:39
BasePriority : Normal
FileVersion : 5.5.1 build-19175
ProductVersion : 5.5.1 build-19175
ProductName : VMware Workstation
CompanyName : VMware, Inc.
FileDescription : VMware VMnet DHCP service
InternalName : vmnetdhcp
LegalCopyright : Copyright © 1998-2005 VMware, Inc.
OriginalFilename : vmnetdhcp.exe
Comments : VMware port to Windows NT of ISC v2.0 DHCP server; tailored exclusively for use with VMnet devices
#:38 [wmiprvse.exe]
FilePath : C:\WINDOWS\system32\wbem\
ProcessID : 3280
ThreadCreationTime : 20-07-2006 20:54:45
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe
#:39 [ashmaisv.exe]
FilePath : C:\Programas\Avast4\
ProcessID : 3312
ThreadCreationTime : 20-07-2006 20:54:45
BasePriority : Normal
#:40 [ashwebsv.exe]
FilePath : C:\Programas\Avast4\
ProcessID : 3596
ThreadCreationTime : 20-07-2006 20:54:45
BasePriority : Normal
#:41 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2440
ThreadCreationTime : 20-07-2006 20:54:46
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:42 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 908
ThreadCreationTime : 20-07-2006 20:54:48
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:43 [iexplore.exe]
FilePath : C:\Programas\Internet Explorer\
ProcessID : 404
ThreadCreationTime : 20-07-2006 20:55:32
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Todos os direitos reservados.
OriginalFilename : IEXPLORE.EXE
#:44 [ad-aware.exe]
FilePath : C:\Programas\Ad-Aware SE Personal\
ProcessID : 2472
ThreadCreationTime : 20-07-2006 20:56:58
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
#:45 [iexplore.exe]
FilePath : C:\Programas\Internet Explorer\
ProcessID : 3592
ThreadCreationTime : 20-07-2006 20:58:11
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Todos os direitos reservados.
OriginalFilename : IEXPLORE.EXE
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@trafficmp[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@trafficmp[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@bfast[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@bfast[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@2o7[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@cgi-bin[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@cgi-bin[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@mediaplex[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@real[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@real[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@cgi-bin[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@cgi-bin[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@questionmarket[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@questionmarket[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@weborama[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@advertising[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@tripod[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@tripod[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@www.smartadserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@www.smartadserver[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@adserv.sapo[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@adserv.sapo[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@realmedia[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@hitbox[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@ads.pointroll[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@ads.pointroll[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@cgi-bin[4].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@cgi-bin[4].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@valueclick.ne[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@valueclick.ne[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@ehg-gamespot.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@ehg-gamespot.hitbox[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@edge.ru4[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@edge.ru4[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@tradedoubler[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@tradedoubler[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@adtech[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@statcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@statcounter[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@bravenet[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@bravenet[2].txt
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 24
Objects found so far: 51
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
SpyWareNukerXT Object Recognized!
Type : File
Data : pshook11.sys
TAC Rating : 3
Category : Misc
Comment :
Object : C:\WINDOWS\SYSTEM32\DRIVERS\
FileVersion : 5.2.3639.0
ProductVersion : 5.2.3639.0
ProductName : Anti-Virus Engine
CompanyName : TrekBlue, LLC
FileDescription : Process Hooks Driver
InternalName : pshook.sys
LegalCopyright : Copyright 2005 TrekBlue
OriginalFilename : pshook.sys
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Definições locais\Temp\Cookies\administrador@weborama[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@adserv.sapo[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Definições locais\Temp\Cookies\administrador@adserv.sapo[2].txt
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 54
Deep scanning and examining files (F:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for F:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 54
Deep scanning and examining files (K:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for K:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 54
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
2 entries scanned.
New critical objects:0
Objects found so far: 54
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 54
22:04:43 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:04:25.922
Objects scanned:152638
Objects identified:27
Objects ignored:0
New critical objects:27
Logfile Created on:quinta-feira, 20 de Julho de 2006 22:00:17
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R110 31.05.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):27 total references
SpyWareNukerXT(TAC index:3):1 total references
Tracking Cookie(TAC index:3):26 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
20-07-2006 22:00:17 - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\Administrador\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\Administrador\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\google\navclient\1.1\history
Description : list of recently used search terms in the google toolbar
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\office\10.0\common\general
Description : list of recently used symbols in microsoft office
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 552
ThreadCreationTime : 20-07-2006 20:54:09
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 632
ThreadCreationTime : 20-07-2006 20:54:11
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 660
ThreadCreationTime : 20-07-2006 20:54:13
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 704
ThreadCreationTime : 20-07-2006 20:54:13
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Aplicação de serviços e controlo
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Todos os direitos reservados.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 724
ThreadCreationTime : 20-07-2006 20:54:13
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [ati2evxx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 884
ThreadCreationTime : 20-07-2006 20:54:13
BasePriority : Normal
FileVersion : 6.14.10.4117
ProductVersion : 6.14.10.4117
ProductName : ATI External Event Utility for WindowsNT and Windows9X
CompanyName : ATI Technologies Inc.
FileDescription : ATI External Event Utility EXE Module
InternalName : ATI2EVXX.EXE
LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
OriginalFilename : ATI2EVXX.EXE
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 912
ThreadCreationTime : 20-07-2006 20:54:13
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 968
ThreadCreationTime : 20-07-2006 20:54:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1312
ThreadCreationTime : 20-07-2006 20:54:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1412
ThreadCreationTime : 20-07-2006 20:54:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1480
ThreadCreationTime : 20-07-2006 20:54:14
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:12 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1660
ThreadCreationTime : 20-07-2006 20:54:15
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:13 [ati2evxx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1888
ThreadCreationTime : 20-07-2006 20:54:23
BasePriority : Normal
FileVersion : 6.14.10.4117
ProductVersion : 6.14.10.4117
ProductName : ATI External Event Utility for WindowsNT and Windows9X
CompanyName : ATI Technologies Inc.
FileDescription : ATI External Event Utility EXE Module
InternalName : ATI2EVXX.EXE
LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
OriginalFilename : ATI2EVXX.EXE
#:14 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1964
ThreadCreationTime : 20-07-2006 20:54:23
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorador do Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Todos os direitos reservados.
OriginalFilename : EXPLORER.EXE
#:15 [aswupdsv.exe]
FilePath : C:\Programas\Avast4\
ProcessID : 328
ThreadCreationTime : 20-07-2006 20:54:24
BasePriority : Normal
#:16 [ashserv.exe]
FilePath : C:\Programas\Avast4\
ProcessID : 376
ThreadCreationTime : 20-07-2006 20:54:24
BasePriority : High
FileVersion : 4, 7, 844, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright © 2006 ALWIL Software
OriginalFilename : aswServ.exe
#:17 [dap.exe]
FilePath : C:\PROGRA~1\DAP\
ProcessID : 412
ThreadCreationTime : 20-07-2006 20:54:25
BasePriority : Normal
FileVersion : 7, 4, 0, 1
ProductVersion : 7, 4, 0, 1
ProductName : Download Accelerator Plus
CompanyName : Speedbit Ltd.
FileDescription : Download Accelerator Plus
InternalName : DAP
LegalCopyright : Copyright © 1999 - 2005 Speedbit Ltd.
OriginalFilename : DAP.EXE
Comments : 59
#:18 [alcxmntr.exe]
FilePath : C:\WINDOWS\
ProcessID : 420
ThreadCreationTime : 20-07-2006 20:54:25
BasePriority : Normal
FileVersion : 1.5
ProductVersion : 1.5
ProductName : Realtek Audio - Event Monitor
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Audio - Event Monitor
InternalName : Alcxmntr
LegalCopyright : Copyright © 2004 Realtek Semiconductor Corp.
OriginalFilename : Alcxmntr.exe
#:19 [acrotray.exe]
FilePath : C:\Programas\Adobe\Acrobat 7.0\Distillr\
ProcessID : 428
ThreadCreationTime : 20-07-2006 20:54:25
BasePriority : Normal
FileVersion : 6.0.1.2004121400
ProductVersion : 6.0.1.2004121400
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
LegalCopyright : Copyright 1984-2004 Adobe Systems Incorporated and its licensors. All rights reserved.
OriginalFilename : AcroTray.exe
#:20 [ashdisp.exe]
FilePath : C:\PROGRA~1\Avast4\
ProcessID : 468
ThreadCreationTime : 20-07-2006 20:54:26
BasePriority : Normal
FileVersion : 5, 0, 0, 0
ProductVersion : 5, 0, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! service GUI component
InternalName : aswDisp
LegalCopyright : Copyright © 2006 ALWIL Software
OriginalFilename : aswDisp.exe
#:21 [gnotify.exe]
FilePath : C:\Programas\Gmail Notifier\
ProcessID : 504
ThreadCreationTime : 20-07-2006 20:54:26
BasePriority : Normal
FileVersion : 1.0.25.0
ProductVersion : 1.0.25.0
ProductName : Gmail
CompanyName : Google Inc.
FileDescription : Gmail Notifier
LegalCopyright : Copyright © Google Inc. 2004-2005
OriginalFilename : gnotify.exe
#:22 [pdfsaver.exe]
FilePath : C:\Programas\Ficheiros comuns\soft602\
ProcessID : 516
ThreadCreationTime : 20-07-2006 20:54:27
BasePriority : Normal
#:23 [cisvc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 572
ThreadCreationTime : 20-07-2006 20:54:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Content Index service
InternalName : cisvc.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : cisvc.exe
#:24 [jusched.exe]
FilePath : C:\Programas\Java\jre1.5.0_06\bin\
ProcessID : 316
ThreadCreationTime : 20-07-2006 20:54:27
BasePriority : Normal
#:25 [zlclient.exe]
FilePath : C:\Programas\ZoneAlarm\
ProcessID : 640
ThreadCreationTime : 20-07-2006 20:54:27
BasePriority : Normal
FileVersion : 6.1.744.001
ProductVersion : 6.1.744.001
ProductName : Zone Labs Client
CompanyName : Zone Labs, LLC
FileDescription : Zone Labs Client
InternalName : zlclient
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : zlclient.exe
#:26 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 792
ThreadCreationTime : 20-07-2006 20:54:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:27 [msnmsgr.exe]
FilePath : C:\Programas\MSN Messenger\
ProcessID : 1012
ThreadCreationTime : 20-07-2006 20:54:28
BasePriority : Normal
FileVersion : 8.0.0792.00
ProductVersion : 8.0.0792
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr.exe
LegalCopyright : Copyright © Microsoft Corporation. All rights reserved.
OriginalFilename : msnmsgr.exe
#:28 [netcount.exe]
FilePath : C:\Programas\Netcount\
ProcessID : 1028
ThreadCreationTime : 20-07-2006 20:54:28
BasePriority : Normal
FileVersion : v1.66
ProductVersion : v1.66
ProductName : Netcount
CompanyName : Pedro Lucas
FileDescription : Netcount Application
InternalName : Netcount
LegalCopyright : Copyright © Pedro Lucas and Politecnico di Torino 2005
LegalTrademarks : Netcabo ; Netvisão ; SAPO ; Telepac ; Oninet ; Novis ; Via Networks ; Teleweb ; Tvtel
OriginalFilename : Netcount.EXE
Comments : No comments
#:29 [psnlite.exe]
FilePath : C:\Programas\3M PSNLite\
ProcessID : 1600
ThreadCreationTime : 20-07-2006 20:54:29
BasePriority : Normal
FileVersion : 3, 1, 1, 1073
ProductVersion : 3, 1, 1, 1073
ProductName : Post-it® Software Notes Lite
CompanyName : 3M
FileDescription : Post-it® Software Notes: System
InternalName : PSN
LegalCopyright : © 1995-2004 3M Company. All Rights Reserved.
LegalTrademarks : "Post-it" and canary yellow are a registered trademarks of 3M.
OriginalFilename : PSN2VIEW.EXE
#:30 [psngive.exe]
FilePath : C:\PROGRA~1\3MPSNL~1\
ProcessID : 1824
ThreadCreationTime : 20-07-2006 20:54:30
BasePriority : Normal
FileVersion : 3, 1, 2, 2073
ProductVersion : 3, 1, 2, 2073
ProductName : Post-it® Software Notes
CompanyName : 3M
FileDescription : Post-it® Software Notes: GiveNote
InternalName : PSN
LegalCopyright : © 1995-2004 3M Company. All Rights Reserved.
LegalTrademarks : "Post-it" and canary yellow are a registered trademarks of 3M.
OriginalFilename : PSN.EXE
#:31 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1840
ThreadCreationTime : 20-07-2006 20:54:36
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:32 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2032
ThreadCreationTime : 20-07-2006 20:54:36
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:33 [vmware-authd.exe]
FilePath : C:\Programas\VMware Workstation\
ProcessID : 2084
ThreadCreationTime : 20-07-2006 20:54:37
BasePriority : Normal
FileVersion : 5.5.1 build-19175
ProductVersion : 5.5.1 build-19175
ProductName : VMware Workstation
CompanyName : VMware, Inc.
FileDescription : VMware Authorization Service
InternalName : vmauthd
LegalCopyright : Copyright © 1998-2005 VMware, Inc.
OriginalFilename : vmware-authd.exe
#:34 [vmount2.exe]
FilePath : C:\Programas\Ficheiros comuns\VMware\VMware Virtual Image Editing\
ProcessID : 2108
ThreadCreationTime : 20-07-2006 20:54:37
BasePriority : Normal
FileVersion : 5.5.1 build-19175
ProductVersion : 5.5.1 build-19175
ProductName : VMware Workstation
CompanyName : VMware, Inc.
FileDescription : virtual disk mount service
InternalName : vmount
LegalCopyright : Copyright © 1998-2005 VMware, Inc.
OriginalFilename : vmount2.EXE
#:35 [vmnat.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2132
ThreadCreationTime : 20-07-2006 20:54:38
BasePriority : Normal
FileVersion : 5.5.1 build-19175
ProductVersion : 5.5.1 build-19175
ProductName : VMware Workstation
CompanyName : VMware, Inc.
FileDescription : VMware NAT Service
InternalName : vmnat
LegalCopyright : Copyright © 1998-2005 VMware, Inc.
OriginalFilename : vmnat.exe
#:36 [vsmon.exe]
FilePath : C:\WINDOWS\SYSTEM32\ZONELABS\
ProcessID : 2148
ThreadCreationTime : 20-07-2006 20:54:38
BasePriority : Normal
FileVersion : 6.1.744.001
ProductVersion : 6.1.744.001
ProductName : TrueVector Service
CompanyName : Zone Labs, LLC
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : vsmon.exe
#:37 [vmnetdhcp.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2276
ThreadCreationTime : 20-07-2006 20:54:39
BasePriority : Normal
FileVersion : 5.5.1 build-19175
ProductVersion : 5.5.1 build-19175
ProductName : VMware Workstation
CompanyName : VMware, Inc.
FileDescription : VMware VMnet DHCP service
InternalName : vmnetdhcp
LegalCopyright : Copyright © 1998-2005 VMware, Inc.
OriginalFilename : vmnetdhcp.exe
Comments : VMware port to Windows NT of ISC v2.0 DHCP server; tailored exclusively for use with VMnet devices
#:38 [wmiprvse.exe]
FilePath : C:\WINDOWS\system32\wbem\
ProcessID : 3280
ThreadCreationTime : 20-07-2006 20:54:45
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe
#:39 [ashmaisv.exe]
FilePath : C:\Programas\Avast4\
ProcessID : 3312
ThreadCreationTime : 20-07-2006 20:54:45
BasePriority : Normal
#:40 [ashwebsv.exe]
FilePath : C:\Programas\Avast4\
ProcessID : 3596
ThreadCreationTime : 20-07-2006 20:54:45
BasePriority : Normal
#:41 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2440
ThreadCreationTime : 20-07-2006 20:54:46
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:42 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 908
ThreadCreationTime : 20-07-2006 20:54:48
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:43 [iexplore.exe]
FilePath : C:\Programas\Internet Explorer\
ProcessID : 404
ThreadCreationTime : 20-07-2006 20:55:32
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Todos os direitos reservados.
OriginalFilename : IEXPLORE.EXE
#:44 [ad-aware.exe]
FilePath : C:\Programas\Ad-Aware SE Personal\
ProcessID : 2472
ThreadCreationTime : 20-07-2006 20:56:58
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
#:45 [iexplore.exe]
FilePath : C:\Programas\Internet Explorer\
ProcessID : 3592
ThreadCreationTime : 20-07-2006 20:58:11
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Todos os direitos reservados.
OriginalFilename : IEXPLORE.EXE
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@trafficmp[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@trafficmp[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@bfast[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@bfast[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@2o7[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@cgi-bin[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@cgi-bin[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@mediaplex[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@real[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@real[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@cgi-bin[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@cgi-bin[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@questionmarket[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@questionmarket[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@weborama[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@advertising[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@advertising[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@tripod[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@tripod[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@www.smartadserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@www.smartadserver[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@adserv.sapo[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@adserv.sapo[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@realmedia[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@hitbox[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@ads.pointroll[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@ads.pointroll[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@cgi-bin[4].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@cgi-bin[4].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@valueclick.ne[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@valueclick.ne[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@ehg-gamespot.hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@ehg-gamespot.hitbox[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@edge.ru4[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@edge.ru4[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@tradedoubler[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@tradedoubler[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@adtech[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@statcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@statcounter[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@bravenet[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Cookies\administrador@bravenet[2].txt
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 24
Objects found so far: 51
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
SpyWareNukerXT Object Recognized!
Type : File
Data : pshook11.sys
TAC Rating : 3
Category : Misc
Comment :
Object : C:\WINDOWS\SYSTEM32\DRIVERS\
FileVersion : 5.2.3639.0
ProductVersion : 5.2.3639.0
ProductName : Anti-Virus Engine
CompanyName : TrekBlue, LLC
FileDescription : Process Hooks Driver
InternalName : pshook.sys
LegalCopyright : Copyright 2005 TrekBlue
OriginalFilename : pshook.sys
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Definições locais\Temp\Cookies\administrador@weborama[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@adserv.sapo[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Definições locais\Temp\Cookies\administrador@adserv.sapo[2].txt
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 54
Deep scanning and examining files (F:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for F:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 54
Deep scanning and examining files (K:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for K:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 54
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
2 entries scanned.
New critical objects:0
Objects found so far: 54
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 54
22:04:43 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:04:25.922
Objects scanned:152638
Objects identified:27
Objects ignored:0
New critical objects:27
The final result was:
MRU List (27 objects)
Tracking Cookie (26 objects)
SpyWareNuckerXT (1 object)
While I was at it, I obviously quarantined all of them. When the "Quarantining Selection" reaches 100%, it seems to freeze.
Alrighty then! I found the problem for the old updates anyway. 
I had an outdated URL...and Steve's link was missing one letter. I have fixed both.
Here is the correct download link:
http://updates.ls-servers.com/public/defs.zip
Remember to
a. Delete both of the old .ref files (defs.ref and defs.ref.old)
b. extract the file from the zip to the folder:
C:\Program Files\Lavasoft\Ad-Aware SE Personal
After installing the updates into the Adaware folder, do a complete system scan in SAFE MODE. Copy the report back here please.
The error reaching the servers through the updater in Adaware is a connection configuration problem on your end. If you are no longer using the proxy software, did you undo the proxy settings and proxy override? These were showing on your HijackThis log posted:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
I had an outdated URL...and Steve's link was missing one letter. I have fixed both.
Here is the correct download link:
http://updates.ls-servers.com/public/defs.zip
Remember to
a. Delete both of the old .ref files (defs.ref and defs.ref.old)
b. extract the file from the zip to the folder:
C:\Program Files\Lavasoft\Ad-Aware SE Personal
After installing the updates into the Adaware folder, do a complete system scan in SAFE MODE. Copy the report back here please.
The error reaching the servers through the updater in Adaware is a connection configuration problem on your end. If you are no longer using the proxy software, did you undo the proxy settings and proxy override? These were showing on your HijackThis log posted:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
Sorry for my delay, I fell asleep on the couch. >_<
Updated it as you told me, but there was no *.old file, which I doubt is important.
Using those new definitions, I scanned using Windows' XP SAFE MODE and I got the following log:
In an important note, it ALSO freeze when the "Quarantining Selection" reached 100%.
As for the proxy, I'll try to make it simple. I used JAP ( http://anon.inf.tu-dresden.de/index_en.html ) for a bit, BUT I restored my original settings at the end (with their tool for doing so, it has a "restore browser settings" option), as you could see in the image from my definitions (posted 2 or 3 posts before this one...). Therefore, I doubt that's the problem, since there's also that freezing issue...
Updated it as you told me, but there was no *.old file, which I doubt is important.
Using those new definitions, I scanned using Windows' XP SAFE MODE and I got the following log:
QUOTE
Ad-Aware SE Build 1.06r1
Logfile Created on:sexta-feira, 21 de Julho de 2006 4:13:37
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R115 18.07.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):27 total references
SpyWareNukerXT(TAC index:3):1 total references
Tracking Cookie(TAC index:3):19 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
21-07-2006 4:13:37 - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\Administrador\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\Administrador\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\google\navclient\1.1\history
Description : list of recently used search terms in the google toolbar
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\office\10.0\common\general
Description : list of recently used symbols in microsoft office
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 156
ThreadCreationTime : 21-07-2006 3:11:12
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 256
ThreadCreationTime : 21-07-2006 3:11:23
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 280
ThreadCreationTime : 21-07-2006 3:11:26
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 324
ThreadCreationTime : 21-07-2006 3:11:29
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Aplicação de serviços e controlo
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Todos os direitos reservados.
OriginalFilename : services.exe
#:5 [savedump.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 336
ThreadCreationTime : 21-07-2006 3:11:29
BasePriority : Idle
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Utilitário de gravação de cópia de falha de sistema do Windows NT
InternalName : savedump
LegalCopyright : © Microsoft Corporation. Todos os direitos reservados.
OriginalFilename : savedump.exe
#:6 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 344
ThreadCreationTime : 21-07-2006 3:11:29
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 500
ThreadCreationTime : 21-07-2006 3:11:32
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 552
ThreadCreationTime : 21-07-2006 3:11:33
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 600
ThreadCreationTime : 21-07-2006 3:11:33
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 816
ThreadCreationTime : 21-07-2006 3:11:59
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorador do Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Todos os direitos reservados.
OriginalFilename : EXPLORER.EXE
#:11 [ad-aware.exe]
FilePath : C:\Programas\Ad-Aware SE Personal\
ProcessID : 1016
ThreadCreationTime : 21-07-2006 3:13:27
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:administrador@realmedia.com/
Expires : 01-01-2021 1:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@adserv.sapo[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:979
Value : Cookie:administrador@adserv.sapo.pt/
Expires : 30-12-2037 17:00:00
LastSync : Hits:979
UseCount : 0
Hits : 979
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@www.smartadserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:administrador@www.smartadserver.com/
Expires : 27-11-2010
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@statcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:61
Value : Cookie:administrador@statcounter.com/
Expires : 19-07-2011 17:07:18
LastSync : Hits:61
UseCount : 0
Hits : 61
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@trafficmp[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:45
Value : Cookie:administrador@trafficmp.com/
Expires : 15-07-2007 18:27:14
LastSync : Hits:45
UseCount : 0
Hits : 45
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@real[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:administrador@real.com/
Expires : 15-07-2008 21:28:40
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:47
Value : Cookie:administrador@2o7.net/
Expires : 19-07-2011 19:47:54
LastSync : Hits:47
UseCount : 0
Hits : 47
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@valueclick.ne[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:administrador@valueclick.ne.jp/
Expires : 12-07-2031 3:26:58
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@bravenet[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:22
Value : Cookie:administrador@bravenet.com/
Expires : 17-07-2016 19:37:34
LastSync : Hits:22
UseCount : 0
Hits : 22
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:administrador@mediaplex.com/
Expires : 22-06-2009 1:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:27
Value : Cookie:administrador@weborama.fr/
Expires : 15-07-2008 12:56:34
LastSync : Hits:27
UseCount : 0
Hits : 27
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@tripod[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:administrador@tripod.com/
Expires : 15-07-2007 1:10:52
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@ads.pointroll[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:administrador@ads.pointroll.com/
Expires : 01-01-2010 1:00:00
LastSync : Hits:8
UseCount : 0
Hits : 8
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@edge.ru4[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:administrador@edge.ru4.com/
Expires : 11-07-2036 22:59:48
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@questionmarket[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:33
Value : Cookie:administrador@questionmarket.com/
Expires : 09-09-2007 14:59:48
LastSync : Hits:33
UseCount : 0
Hits : 33
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@tradedoubler[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:24
Value : Cookie:administrador@tradedoubler.com/
Expires : 13-07-2026 17:57:18
LastSync : Hits:24
UseCount : 0
Hits : 24
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:administrador@adtech.de/
Expires : 16-07-2016 4:26:00
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 17
Objects found so far: 44
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
SpyWareNukerXT Object Recognized!
Type : File
Data : pshook11.sys
TAC Rating : 3
Category : Misc
Comment :
Object : C:\WINDOWS\SYSTEM32\DRIVERS\
FileVersion : 5.2.3639.0
ProductVersion : 5.2.3639.0
ProductName : Anti-Virus Engine
CompanyName : TrekBlue, LLC
FileDescription : Process Hooks Driver
InternalName : pshook.sys
LegalCopyright : Copyright 2005 TrekBlue
OriginalFilename : pshook.sys
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Definições locais\Temp\Cookies\administrador@weborama[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@adserv.sapo[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Definições locais\Temp\Cookies\administrador@adserv.sapo[2].txt
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 47
Deep scanning and examining files (F:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for F:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 47
Deep scanning and examining files (K:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for K:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 47
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
2 entries scanned.
New critical objects:0
Objects found so far: 47
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 47
4:20:43 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:07:05.625
Objects scanned:144514
Objects identified:20
Objects ignored:0
New critical objects:20
Logfile Created on:sexta-feira, 21 de Julho de 2006 4:13:37
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R115 18.07.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):27 total references
SpyWareNukerXT(TAC index:3):1 total references
Tracking Cookie(TAC index:3):19 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
21-07-2006 4:13:37 - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\Administrador\Application Data\microsoft\office\recent
Description : list of recently opened documents using microsoft office
MRU List Object Recognized!
Location: : C:\Documents and Settings\Administrador\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\google\navclient\1.1\history
Description : list of recently used search terms in the google toolbar
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\internet explorer\main
Description : last save directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\office\10.0\common\general
Description : list of recently used symbols in microsoft office
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\applets\wordpad\recent file list
Description : list of recent files opened using wordpad
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-602162358-1580436667-725345543-500\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 156
ThreadCreationTime : 21-07-2006 3:11:12
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 256
ThreadCreationTime : 21-07-2006 3:11:23
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 280
ThreadCreationTime : 21-07-2006 3:11:26
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 324
ThreadCreationTime : 21-07-2006 3:11:29
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Aplicação de serviços e controlo
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Todos os direitos reservados.
OriginalFilename : services.exe
#:5 [savedump.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 336
ThreadCreationTime : 21-07-2006 3:11:29
BasePriority : Idle
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Utilitário de gravação de cópia de falha de sistema do Windows NT
InternalName : savedump
LegalCopyright : © Microsoft Corporation. Todos os direitos reservados.
OriginalFilename : savedump.exe
#:6 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 344
ThreadCreationTime : 21-07-2006 3:11:29
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 500
ThreadCreationTime : 21-07-2006 3:11:32
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 552
ThreadCreationTime : 21-07-2006 3:11:33
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 600
ThreadCreationTime : 21-07-2006 3:11:33
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 816
ThreadCreationTime : 21-07-2006 3:11:59
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Sistema operativo Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorador do Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Todos os direitos reservados.
OriginalFilename : EXPLORER.EXE
#:11 [ad-aware.exe]
FilePath : C:\Programas\Ad-Aware SE Personal\
ProcessID : 1016
ThreadCreationTime : 21-07-2006 3:13:27
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 27
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@realmedia[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:administrador@realmedia.com/
Expires : 01-01-2021 1:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@adserv.sapo[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:979
Value : Cookie:administrador@adserv.sapo.pt/
Expires : 30-12-2037 17:00:00
LastSync : Hits:979
UseCount : 0
Hits : 979
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@www.smartadserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:administrador@www.smartadserver.com/
Expires : 27-11-2010
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@statcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:61
Value : Cookie:administrador@statcounter.com/
Expires : 19-07-2011 17:07:18
LastSync : Hits:61
UseCount : 0
Hits : 61
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@trafficmp[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:45
Value : Cookie:administrador@trafficmp.com/
Expires : 15-07-2007 18:27:14
LastSync : Hits:45
UseCount : 0
Hits : 45
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@real[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:administrador@real.com/
Expires : 15-07-2008 21:28:40
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:47
Value : Cookie:administrador@2o7.net/
Expires : 19-07-2011 19:47:54
LastSync : Hits:47
UseCount : 0
Hits : 47
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@valueclick.ne[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:administrador@valueclick.ne.jp/
Expires : 12-07-2031 3:26:58
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@bravenet[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:22
Value : Cookie:administrador@bravenet.com/
Expires : 17-07-2016 19:37:34
LastSync : Hits:22
UseCount : 0
Hits : 22
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:administrador@mediaplex.com/
Expires : 22-06-2009 1:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:27
Value : Cookie:administrador@weborama.fr/
Expires : 15-07-2008 12:56:34
LastSync : Hits:27
UseCount : 0
Hits : 27
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@tripod[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:administrador@tripod.com/
Expires : 15-07-2007 1:10:52
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@ads.pointroll[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:8
Value : Cookie:administrador@ads.pointroll.com/
Expires : 01-01-2010 1:00:00
LastSync : Hits:8
UseCount : 0
Hits : 8
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@edge.ru4[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:administrador@edge.ru4.com/
Expires : 11-07-2036 22:59:48
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@questionmarket[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:33
Value : Cookie:administrador@questionmarket.com/
Expires : 09-09-2007 14:59:48
LastSync : Hits:33
UseCount : 0
Hits : 33
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@tradedoubler[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:24
Value : Cookie:administrador@tradedoubler.com/
Expires : 13-07-2026 17:57:18
LastSync : Hits:24
UseCount : 0
Hits : 24
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:administrador@adtech.de/
Expires : 16-07-2016 4:26:00
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 17
Objects found so far: 44
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
SpyWareNukerXT Object Recognized!
Type : File
Data : pshook11.sys
TAC Rating : 3
Category : Misc
Comment :
Object : C:\WINDOWS\SYSTEM32\DRIVERS\
FileVersion : 5.2.3639.0
ProductVersion : 5.2.3639.0
ProductName : Anti-Virus Engine
CompanyName : TrekBlue, LLC
FileDescription : Process Hooks Driver
InternalName : pshook.sys
LegalCopyright : Copyright 2005 TrekBlue
OriginalFilename : pshook.sys
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Definições locais\Temp\Cookies\administrador@weborama[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrador@adserv.sapo[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\Administrador\Definições locais\Temp\Cookies\administrador@adserv.sapo[2].txt
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 47
Deep scanning and examining files (F:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for F:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 47
Deep scanning and examining files (K:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for K:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 47
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
2 entries scanned.
New critical objects:0
Objects found so far: 47
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 47
4:20:43 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:07:05.625
Objects scanned:144514
Objects identified:20
Objects ignored:0
New critical objects:20
In an important note, it ALSO freeze when the "Quarantining Selection" reached 100%.
As for the proxy, I'll try to make it simple. I used JAP ( http://anon.inf.tu-dresden.de/index_en.html ) for a bit, BUT I restored my original settings at the end (with their tool for doing so, it has a "restore browser settings" option), as you could see in the image from my definitions (posted 2 or 3 posts before this one...). Therefore, I doubt that's the problem, since there's also that freezing issue...
Do you have SpyWareNukerXT installed? That is what was found. Look in Add/Remove programs in the Control Panel. It is probably best removed from there.
You do now have the latest updates.
I don't know why you cannot connect to the servers but it has to be something in your settings.
You do now have the latest updates.
I don't know why you cannot connect to the servers but it has to be something in your settings.
No, I don't have it, that's probably spyware. I only have Spybot, besides Ad-Aware.
As for the settings, then... how do you explain that my scan freezes when the "Quarantining Selection" reaches 100% ?
Also, how can I fix this? I could post all my settings here, but they are probably stored in a file, no? Or is it in the registery?
As for the settings, then... how do you explain that my scan freezes when the "Quarantining Selection" reaches 100% ?
Also, how can I fix this? I could post all my settings here, but they are probably stored in a file, no? Or is it in the registery?
Your two issues are unrelated, really. The ability to connect to the servers for updates is likely caused from using the proxy software and you need to contact them as to what may be blocking your connection. That would not be the Adaware software causing that problem.
The freezing when trying to quarnatine the SpywareNuker item, may mean that you need to run a scan with Adaware while in SAFE MODE.
How to start the computer in Safe mode
http://service1.symantec.com/SUPPORT/tsgen...src=sec_doc_nam
The freezing when trying to quarnatine the SpywareNuker item, may mean that you need to run a scan with Adaware while in SAFE MODE.
How to start the computer in Safe mode
http://service1.symantec.com/SUPPORT/tsgen...src=sec_doc_nam
LS CalamityJane:
As for the proxy stuff, I'll repeat it again: it is FULLY disabled by now, so I doubt that's the problem. Also, I managed to update after installing it that program, the problems only started after the power went out! With some trouble, I managed to find the scandisk log for after the power went out, here it is:
As seen below, there was some problem in "settings.awc" and "stats.awd", from the application data folder. Can this be the cause of the problem? And, if so, how can I fix it?
However, as for the SAFE MODE thingy, it doesn't work. My last log, posted in this topic, was taken by using SAFE MODE, and while it produced the log, IT ALSO FREEZE! Therefore, SAFE MODE is not the solution, sorry...
As for the proxy stuff, I'll repeat it again: it is FULLY disabled by now, so I doubt that's the problem. Also, I managed to update after installing it that program, the problems only started after the power went out! With some trouble, I managed to find the scandisk log for after the power went out, here it is:
QUOTE
A verificar o sistema de ficheiros em C:
O tipo do sistema de ficheiros é FAT32.
Um dos discos necessita de uma verificaçao de consistência. Pode
cancelar a verificaçao do disco, mas é aconselhável
que continue.
O Windows vai agora verificar o disco.
O número de série do volume é 1C6A-0AD8
\Documents and Settings\Administrador\Application Data\Lavasoft\Ad-Aware\settings.awc a primeira unidade de atribuiçao nao é válida. A entrada será truncada.
\Documents and Settings\Administrador\Application Data\Lavasoft\Ad-Aware\stats.awd a primeira unidade de atribuiçao nao é válida. A entrada será truncada.
Erro irrecuperável na pasta \Documents and Settings\Administrador\Definições locais\Temp\AAWTMP.
Converter a pasta num ficheiro (S/N)? Sim
Converter cadeias perdidas em ficheiros (S/N)? Sim
32 KB em 2 ficheiros recuperados.
O Windows efectuou correcçoes no sistema de ficheiros.
50708464 KB de espaço total em disco.
822288 KB em 779 ficheiros ocultos.
61136 KB em 3649 pastas.
19657552 KB em 64853 ficheiros.
30167472 KB disponÃveis.
16384 bytes em cada unidade de atribuiçao
3169279 unidades de atribuiçao no disco.
1885467 unidades de atribuiçao disponÃveis no disco.
Para mais informações, consulte o 'Centro de ajuda e suporte' em http://go.microsoft.com/fwlink/events.asp.
O tipo do sistema de ficheiros é FAT32.
Um dos discos necessita de uma verificaçao de consistência. Pode
cancelar a verificaçao do disco, mas é aconselhável
que continue.
O Windows vai agora verificar o disco.
O número de série do volume é 1C6A-0AD8
\Documents and Settings\Administrador\Application Data\Lavasoft\Ad-Aware\settings.awc a primeira unidade de atribuiçao nao é válida. A entrada será truncada.
\Documents and Settings\Administrador\Application Data\Lavasoft\Ad-Aware\stats.awd a primeira unidade de atribuiçao nao é válida. A entrada será truncada.
Erro irrecuperável na pasta \Documents and Settings\Administrador\Definições locais\Temp\AAWTMP.
Converter a pasta num ficheiro (S/N)? Sim
Converter cadeias perdidas em ficheiros (S/N)? Sim
32 KB em 2 ficheiros recuperados.
O Windows efectuou correcçoes no sistema de ficheiros.
50708464 KB de espaço total em disco.
822288 KB em 779 ficheiros ocultos.
61136 KB em 3649 pastas.
19657552 KB em 64853 ficheiros.
30167472 KB disponÃveis.
16384 bytes em cada unidade de atribuiçao
3169279 unidades de atribuiçao no disco.
1885467 unidades de atribuiçao disponÃveis no disco.
Para mais informações, consulte o 'Centro de ajuda e suporte' em http://go.microsoft.com/fwlink/events.asp.
As seen below, there was some problem in "settings.awc" and "stats.awd", from the application data folder. Can this be the cause of the problem? And, if so, how can I fix it?
However, as for the SAFE MODE thingy, it doesn't work. My last log, posted in this topic, was taken by using SAFE MODE, and while it produced the log, IT ALSO FREEZE! Therefore, SAFE MODE is not the solution, sorry...
I erased "settings.awc" and "stats.awd", reinstalled the whole program AND I am still having my issue, both the update AND the freezing one.
Got rid of the entire proxy thing, and now I generated a new log:
I hope someone can finally fix my problem by now...
Got rid of the entire proxy thing, and now I generated a new log:
QUOTE
Logfile of HijackThis v1.99.1
Scan saved at 1:29:51, on 24-07-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programas\Avast4\aswUpdSv.exe
C:\Programas\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programas\VMware Workstation\vmware-authd.exe
C:\Programas\Ficheiros comuns\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Programas\Avast4\ashMaiSv.exe
C:\Programas\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\DAP\DAP.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Programas\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Programas\Gmail Notifier\gnotify.exe
C:\Programas\Ficheiros comuns\soft602\pdfSaver.exe
C:\Programas\Java\jre1.5.0_06\bin\jusched.exe
C:\Programas\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\Netcount\Netcount.exe
C:\Programas\3M PSNLite\PsnLite.exe
C:\PROGRA~1\3MPSNL~1\PSNGive.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programas\xchat\xchat.exe
C:\Programas\ICQLite\ICQLite.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programas\Internet Explorer\iexplore.exe
C:\Programas\MSN Messenger\msnmsgr.exe
C:\Programas\Hijack This\HJT.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Programas\DAP\DAPIEBar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\WINDOWS\Downloaded Program Files\googlenav.dll
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programas\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programas\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [602PC SUITE PDF Saver] "C:\Programas\Ficheiros comuns\soft602\pdfSaver.exe"
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programas\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programas\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Netcount] C:\Programas\Netcount\Netcount.exe 0
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programas\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Programas\3M PSNLite\PsnLite.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_06\bin\ssv.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {2A0DED63-24F3-4FD6-BEC4-58F8E1F0C205} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/pt-PT/big/1...g/GoogleNav.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{28CAFF9E-11C6-45A8-AF8B-E6342ECDE791}: NameServer = 194.65.100.117
O17 - HKLM\System\CS1\Services\Tcpip\..\{28CAFF9E-11C6-45A8-AF8B-E6342ECDE791}: NameServer = 194.65.100.117
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programas\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programas\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programas\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programas\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Programas\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Programas\Ficheiros comuns\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
Scan saved at 1:29:51, on 24-07-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programas\Avast4\aswUpdSv.exe
C:\Programas\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programas\VMware Workstation\vmware-authd.exe
C:\Programas\Ficheiros comuns\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Programas\Avast4\ashMaiSv.exe
C:\Programas\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\DAP\DAP.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Programas\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Programas\Gmail Notifier\gnotify.exe
C:\Programas\Ficheiros comuns\soft602\pdfSaver.exe
C:\Programas\Java\jre1.5.0_06\bin\jusched.exe
C:\Programas\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programas\Netcount\Netcount.exe
C:\Programas\3M PSNLite\PsnLite.exe
C:\PROGRA~1\3MPSNL~1\PSNGive.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Programas\xchat\xchat.exe
C:\Programas\ICQLite\ICQLite.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programas\Internet Explorer\iexplore.exe
C:\Programas\MSN Messenger\msnmsgr.exe
C:\Programas\Hijack This\HJT.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hiperligações
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O1 - Hosts: 64.91.255.87 www.dcsresearch.com
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Programas\DAP\DAPIEBar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\WINDOWS\Downloaded Program Files\googlenav.dll
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programas\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programas\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [602PC SUITE PDF Saver] "C:\Programas\Ficheiros comuns\soft602\pdfSaver.exe"
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programas\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programas\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programas\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Netcount] C:\Programas\Netcount\Netcount.exe 0
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Programas\ICQLite\ICQLite.exe -trayboot
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Programas\3M PSNLite\PsnLite.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Programas\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsimilar.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programas\Java\jre1.5.0_06\bin\ssv.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab
O16 - DPF: {2A0DED63-24F3-4FD6-BEC4-58F8E1F0C205} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/pt-PT/big/1...g/GoogleNav.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secur...loadManager.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{28CAFF9E-11C6-45A8-AF8B-E6342ECDE791}: NameServer = 194.65.100.117
O17 - HKLM\System\CS1\Services\Tcpip\..\{28CAFF9E-11C6-45A8-AF8B-E6342ECDE791}: NameServer = 194.65.100.117
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programas\Ficheiros comuns\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Programas\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programas\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programas\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programas\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programas\Ficheiros comuns\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Programas\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Programas\Ficheiros comuns\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZONELABS\vsmon.exe
I hope someone can finally fix my problem by now...
Here is my entire list of Ad-Aware freezing issues fixes. I hope one of these works! 
One observation recently for the freezing is that certain security software all running at the same time can cause conflicts. A number of Adaware users who also are running the beta version of SpySweeper have reported that disabling SpySweeper during an Adaware scan has resolved that conflict.
To temporarily disable SpySweeper:
Right click the Spy sweeper icon in the notification area (right side) of the system tray and choose shut down.
Try scanning again with Adaware, it should be able to complete the scan.
To re-enable SpySweeper:
Start it again from Start > All programs > Webroot > Spy Sweeper
...............................
If that isn't it, try these various steps.
First, do a disk cleanup to clear the browser cache and other unnecessary files.
Go to Start > Run and type in the box: Cleanmgr
Wait while Windows scans your system for files to delete.
Make sure these 3 are checkmarked and press *ok* to delete them.
Temporary Files
Temporary Internet Files
Recycle Bin
If you are still having a problem, there can be a number of reasons for this issue. Please try these steps next to see if any resolve the problem.
From the Ad-Aware FAQ
Q: Ad-Aware freezes while performing a scan.
A: There are a number of possible reasons behind this problem. To correct:
* First, update to Build 1.06 and download the latest definition file if you have not done so.
* Second, it is highly recommended that you run a disk defragmentation on your computer, then a thorough “Check� or “Scan Disk� depending on your Windows version. Try scanning in safe mode.
* Third, start Ad-Aware scan from the Windows command line. Do as follows:
o Click "Start", then "Run". Next, type the text shown below (including the quotation marks and with the same spacing as shown) for your version of Ad-Aware SE:
"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" /full +procnuke
"C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe" /full +procnuke
"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnukep
o Click “OK�.
o Note: The path above (between the quotes) is the default location of Ad-Aware SE. If you installed your Ad-Aware to a different directory, adjust the path accordingly. For Ad-Aware SE Personal, when the GUI launches, click “Start�, then “Full System Scan�. Click “Next�, then “OK�.
o When the scan is complete, select “Next�. In the “Scanning Results� window, select the "Scan Summary" tab. Check the box next to each "target family" you wish to remove, then click “Next�, then OK�.
* If you still have problems, cancel before the scan reaches the point of stalling -- for example, after 20 objects are detected. Click “Cancel� on your log file. Remove any objects you want and rescan. Again, stop the scan before it reaches the point of stalling and remove any additional objects. Then try a full scan without stopping it. This should work for you now.
If still no joy, try these steps:
Ad-Aware Freezing Issue
http://www.lavasoftsupport.com/index.php?s...amp;hl=Freezing
...........................
Have you ruled out any virus or trojan infections? I would recommend an online scan at one of the following (do a full system scan). The reason for doing an online scan is that some infections will disable your Antivirus installed on your PC to hide it's presence.
If any infections are found, save the log from the scan and post it back here:
eTrust Antivirus Web Scanner
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
(if prompted, please *allow* Active X and the install of software - this is needed to scan your system)
It will take a while to download the updates needed, and then you'll be presented with a screen to scan your system.
Ewido free online scanner
http://www.ewido.net/en/onlinescan/
Trend Micro (PC-cillin) - Free on-line Scan
http://housecall.antivirus.com
Panda's Active Scan
http://www.pandasoftware.com/products/activescan.htm
................
Let us know how you make out on all of the above, or if any of those steps resolve the problem.
One observation recently for the freezing is that certain security software all running at the same time can cause conflicts. A number of Adaware users who also are running the beta version of SpySweeper have reported that disabling SpySweeper during an Adaware scan has resolved that conflict.
To temporarily disable SpySweeper:
Right click the Spy sweeper icon in the notification area (right side) of the system tray and choose shut down.
Try scanning again with Adaware, it should be able to complete the scan.
To re-enable SpySweeper:
Start it again from Start > All programs > Webroot > Spy Sweeper
...............................
If that isn't it, try these various steps.
First, do a disk cleanup to clear the browser cache and other unnecessary files.
Go to Start > Run and type in the box: Cleanmgr
Wait while Windows scans your system for files to delete.
Make sure these 3 are checkmarked and press *ok* to delete them.
Temporary Files
Temporary Internet Files
Recycle Bin
If you are still having a problem, there can be a number of reasons for this issue. Please try these steps next to see if any resolve the problem.
From the Ad-Aware FAQ
Q: Ad-Aware freezes while performing a scan.
A: There are a number of possible reasons behind this problem. To correct:
* First, update to Build 1.06 and download the latest definition file if you have not done so.
* Second, it is highly recommended that you run a disk defragmentation on your computer, then a thorough “Check� or “Scan Disk� depending on your Windows version. Try scanning in safe mode.
* Third, start Ad-Aware scan from the Windows command line. Do as follows:
o Click "Start", then "Run". Next, type the text shown below (including the quotation marks and with the same spacing as shown) for your version of Ad-Aware SE:
"C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Aware.exe" /full +procnuke
"C:\Program Files\Lavasoft\Ad-Aware SE Plus\Ad-Aware.exe" /full +procnuke
"C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" +procnukep
o Click “OK�.
o Note: The path above (between the quotes) is the default location of Ad-Aware SE. If you installed your Ad-Aware to a different directory, adjust the path accordingly. For Ad-Aware SE Personal, when the GUI launches, click “Start�, then “Full System Scan�. Click “Next�, then “OK�.
o When the scan is complete, select “Next�. In the “Scanning Results� window, select the "Scan Summary" tab. Check the box next to each "target family" you wish to remove, then click “Next�, then OK�.
* If you still have problems, cancel before the scan reaches the point of stalling -- for example, after 20 objects are detected. Click “Cancel� on your log file. Remove any objects you want and rescan. Again, stop the scan before it reaches the point of stalling and remove any additional objects. Then try a full scan without stopping it. This should work for you now.
If still no joy, try these steps:
Ad-Aware Freezing Issue
http://www.lavasoftsupport.com/index.php?s...amp;hl=Freezing
...........................
Have you ruled out any virus or trojan infections? I would recommend an online scan at one of the following (do a full system scan). The reason for doing an online scan is that some infections will disable your Antivirus installed on your PC to hide it's presence.
If any infections are found, save the log from the scan and post it back here:
eTrust Antivirus Web Scanner
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
(if prompted, please *allow* Active X and the install of software - this is needed to scan your system)
It will take a while to download the updates needed, and then you'll be presented with a screen to scan your system.
Ewido free online scanner
http://www.ewido.net/en/onlinescan/
Trend Micro (PC-cillin) - Free on-line Scan
http://housecall.antivirus.com
Panda's Active Scan
http://www.pandasoftware.com/products/activescan.htm
................
Let us know how you make out on all of the above, or if any of those steps resolve the problem.
Ok, I am trying those. Here are the results:
- I don't have Spysweeper installed (I have Spybot, but it is never on at the time of the scan);
- I fully cleaned my system using "Cleanmgr", removed all items that appeared in there. Then, I tried to scan again, same problem;
- In the "From the Ad-Aware FAQ" section, I have yet to try those. I'll be defraging during the night, and tomorrow I'll post the results here;
- As for the virus problem, I had already thought about it. Scanned with "Avast", no problem found. Scanned with Kaspersky's online scanner, it found 2 virus, which I removed. I just installed "eTrust Antivirus Web Scanner", scanned, and got no virus. Tried the ewido one, got a whole bunch of tracking cookies, and this:
...
Maybe I didn't explained myself right, but I'll try again. In the freezing issue (yeah, the "updating" one is sill occuring >_< ), it doesn't happen during the scan, but on the quarentining section, when it hits 100%.
In this image, you can see where it freezes. When it reaches this position, I can leave it like that and it will never continue, I've tried for at least 30 minutes, and it doesn't advance...
- I don't have Spysweeper installed (I have Spybot, but it is never on at the time of the scan);
- I fully cleaned my system using "Cleanmgr", removed all items that appeared in there. Then, I tried to scan again, same problem;
- In the "From the Ad-Aware FAQ" section, I have yet to try those. I'll be defraging during the night, and tomorrow I'll post the results here;
- As for the virus problem, I had already thought about it. Scanned with "Avast", no problem found. Scanned with Kaspersky's online scanner, it found 2 virus, which I removed. I just installed "eTrust Antivirus Web Scanner", scanned, and got no virus. Tried the ewido one, got a whole bunch of tracking cookies, and this:
QUOTE
Name: Adware.NewDotNet
Path: C:\Documents and Settings\Administrador\Definições locais\Temp\SHNT288.exe
Risk: Medium
Path: C:\Documents and Settings\Administrador\Definições locais\Temp\SHNT288.exe
Risk: Medium
...
Maybe I didn't explained myself right, but I'll try again. In the freezing issue (yeah, the "updating" one is sill occuring >_< ), it doesn't happen during the scan, but on the quarentining section, when it hits 100%.
In this image, you can see where it freezes. When it reaches this position, I can leave it like that and it will never continue, I've tried for at least 30 minutes, and it doesn't advance...
Try this one:
* If you still have problems, cancel before the scan reaches the point of stalling -- for example, after 20 objects are detected. Click “Cancel� on your log file. Remove any objects you want and rescan. Again, stop the scan before it reaches the point of stalling and remove any additional objects. Then try a full scan without stopping it. This should work for you now.
Caution on NewDotNet. If this program is on your computer, removal should ONLY be done via the methods in this link:
http://www.newdotnet.com/removal.html
Removing NewDotNet via any other method may cause you to lose your ability to connect to the internet.
* If you still have problems, cancel before the scan reaches the point of stalling -- for example, after 20 objects are detected. Click “Cancel� on your log file. Remove any objects you want and rescan. Again, stop the scan before it reaches the point of stalling and remove any additional objects. Then try a full scan without stopping it. This should work for you now.
Caution on NewDotNet. If this program is on your computer, removal should ONLY be done via the methods in this link:
http://www.newdotnet.com/removal.html
Removing NewDotNet via any other method may cause you to lose your ability to connect to the internet.
Completed the fragmentation scan a couple hours ago, it didn't worked like that, either.
Now, about the new one, I cancelled after getting 12 tracking cookies AND the freezing issue still occurs, when I try to quarantine them.
As for NewDotNet, I removed it "normally" (I mean, I just used that scanner's option for removal) and my connection still works. Yey!
Now, about the new one, I cancelled after getting 12 tracking cookies AND the freezing issue still occurs, when I try to quarantine them.
As for NewDotNet, I removed it "normally" (I mean, I just used that scanner's option for removal) and my connection still works. Yey!
Have you run the CHKDISK as described here:
http://www.lavasoftsupport.com/index.php?s...amp;hl=Freezing
http://www.lavasoftsupport.com/index.php?s...amp;hl=Freezing
Sorry for the delay, I wasn't at home these days.
Yes, I used that method for the CHKDISK, but I didn't try the rootkit revealer and the other program. Should I try those?
Yes, I used that method for the CHKDISK, but I didn't try the rootkit revealer and the other program. Should I try those?
All known issues causing the freezing are in this list posted above in this post:
http://www.lavasoftsupport.com/index.php?s...ost&p=10854
So, yes if you haven't run the rootkit scanners, try that and let's see the results.
http://www.lavasoftsupport.com/index.php?s...ost&p=10854
So, yes if you haven't run the rootkit scanners, try that and let's see the results.
I had already tried those solutions, as stated before.
With "RootkitRevealer", the scan never ends (I've idled, turned I.E. and
Messenger off, and made it scan), it seems to freeze while scanning HKLM\System\WPA\Signing-Hash-XKRMQ[something here].
Using the "BlackLight" one, nothing was found.
Next, I will try another time the ewido online scanner. Wish me luck!
With "RootkitRevealer", the scan never ends (I've idled, turned I.E. and
Messenger off, and made it scan), it seems to freeze while scanning HKLM\System\WPA\Signing-Hash-XKRMQ[something here].
Using the "BlackLight" one, nothing was found.
Next, I will try another time the ewido online scanner. Wish me luck!
Hmmmm, RootkitRevealer also freezes.
This is a long shot, but it won't hurt anything to run it. If no problems are found it will tell you. If a correction needs to be made it will fix it.
Download FIXPATH2.ZIP.
http://internet.cybermesa.com/~bstewart/files/fixpath2.zip
Extract the files to a folder in C:\, like C:\FIXPATH2.
RUNNING THE PROGRAM:
* Open a command prompt window by going to start > run and copy and type: cmd
In the command prompt, type: cd C:\ and press Enter
So you should get C:\>
Then type: cd FIXPATH2 and press Enter
So you should get: C:\>fixpath2
Then type: FIXPATH.EXE and press Enter
* It will display some preliminary information, and ask if it should continue and check for errors. Click Yes.
* If it successfully updates the Path value in the registry, you will need to
reboot for the change to take effect. !! This is really important !!
This is a long shot, but it won't hurt anything to run it. If no problems are found it will tell you. If a correction needs to be made it will fix it.
Download FIXPATH2.ZIP.
http://internet.cybermesa.com/~bstewart/files/fixpath2.zip
Extract the files to a folder in C:\, like C:\FIXPATH2.
RUNNING THE PROGRAM:
* Open a command prompt window by going to start > run and copy and type: cmd
In the command prompt, type: cd C:\ and press Enter
So you should get C:\>
Then type: cd FIXPATH2 and press Enter
So you should get: C:\>fixpath2
Then type: FIXPATH.EXE and press Enter
* It will display some preliminary information, and ask if it should continue and check for errors. Click Yes.
* If it successfully updates the Path value in the registry, you will need to
reboot for the change to take effect. !! This is really important !!
Ok, this is what I got:
I think everything went fine, and yes, I was logged in as Administrator. I rebooted, and Ad-aware still freezes at the end. Any more ideas?
Anyway, back to the original problem, I can't update yet and the program is unusable, due to the freezing bug when quarantining. Do you think I should try using an older version of Ad-aware, and wait till the next one (or a beta) is released?
QUOTE
C:\fixpath2>fixpath
FIXPATH 2.0 - © 2004 by Bill Stewart (bstewart@iname.com)
The system path is stored in the Path value in the following registry key:
HKLM\System\CurrentControlSet\Control\Session Manager\Environment
The Path registry value must be of type REG_EXPAND_SZ and must contain, at a
minimum, the following directories:
%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\Wbem
If either of these conditions are false, then the Path is not correct. This
program attempts to correct both of these problems, if found.
You must be logged on as a user with sufficient permissions to update the Path.
You may run this program without user interaction by specifying /Q on the
command line.
Check for errors and attempt to repair now? (Y/N) Y
The registry value type is correct (REG_EXPAND_SZ).
The minimum required directories were found in the Path.
C:\fixpath2>
FIXPATH 2.0 - © 2004 by Bill Stewart (bstewart@iname.com)
The system path is stored in the Path value in the following registry key:
HKLM\System\CurrentControlSet\Control\Session Manager\Environment
The Path registry value must be of type REG_EXPAND_SZ and must contain, at a
minimum, the following directories:
%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\Wbem
If either of these conditions are false, then the Path is not correct. This
program attempts to correct both of these problems, if found.
You must be logged on as a user with sufficient permissions to update the Path.
You may run this program without user interaction by specifying /Q on the
command line.
Check for errors and attempt to repair now? (Y/N) Y
The registry value type is correct (REG_EXPAND_SZ).
The minimum required directories were found in the Path.
C:\fixpath2>
I think everything went fine, and yes, I was logged in as Administrator. I rebooted, and Ad-aware still freezes at the end. Any more ideas?
Anyway, back to the original problem, I can't update yet and the program is unusable, due to the freezing bug when quarantining. Do you think I should try using an older version of Ad-aware, and wait till the next one (or a beta) is released?
Yours was correct, so that's not it:
QUOTE
The registry value type is correct (REG_EXPAND_SZ).
The minimum required directories were found in the Path.
The minimum required directories were found in the Path.
Hum, yeah. :-\ Any more ideas, LS CalamityJane ?
And like I said before, back to the original problem, I can't update yet and the program is unusable, due to the freezing bug when quarantining. Do you think I should try using an older version of Ad-aware, and wait till the next one (or a beta) is released?
And like I said before, back to the original problem, I can't update yet and the program is unusable, due to the freezing bug when quarantining. Do you think I should try using an older version of Ad-aware, and wait till the next one (or a beta) is released?
It is something on your end, Mykas0 that is not allowing the download of updates. I noticed you are using a download accelerator. Or perhaps the VMware?
As for the freezing during quarantine issue, I've not found answer on your issue. Perhaps it is having a problem deleting that SpyNuker key. Is it still find that one? Could you copy those results back here and perhaps we could try deleting it manually.
As for the freezing during quarantine issue, I've not found answer on your issue. Perhaps it is having a problem deleting that SpyNuker key. Is it still find that one? Could you copy those results back here and perhaps we could try deleting it manually.
VMWare has been around for ages (I use it to run Linux and other system at the same time I'm running my Native Windows XP), and so is "Download Acelerator Plus", so I don't understand how that could be the problem, since I didn't even changed anything about it.
As for SpyNuker, where did we see that before? I don't remember, do you? :|
As for SpyNuker, where did we see that before? I don't remember, do you? :|
I'm having the identical problem. I'm sure this is of no help to you, other than letting you know that you are not the only one, so at least it's not something obscure and specific to your computer.
I've been able to manually update the file and copy it in to the folder, but not do it automatically.
I've been able to manually update the file and copy it in to the folder, but not do it automatically.
Hum, cool. Hopefully, someone will find out how to fix it
I just wanted to report that both my problems are now fixed. However, I haven't got a clue on how they got fixed: yesterday, I simply got home, used Ad-aware, clicked the update button and IT WORKED. So, I did the usual scan and at the end it didn't freeze.
FIXED, no idea how, though... -_-
FIXED, no idea how, though... -_-
I missed seeing your reply here! So glad to hear that you finally got it resolved
Since it seems you're all set now, I'll go ahead and move this topic to the "Resolved" section (read onlyl).
Should you have any further issues, please feel free to start a new topic
Since it seems you're all set now, I'll go ahead and move this topic to the "Resolved" section (read onlyl).
Should you have any further issues, please feel free to start a new topic