Help - Search - Members - Calendar
Full Version: ThreatWork and AVG
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Resolved/Inactive False Postive Issues
gzzrs3
Mar 22 2009, 05:40 PM
I have posted my latest log. I can't see anything about threatwork here, but I'm not the expert!

Four times, now, I have been told that C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware\ThreatWork\Submit\xwpdx20.ocx (and ocx_1, ocx_2, ocx_3)
is a threat. It is my long-time used anti-virus.

I just don't report it but I would be happier if I could find a way to have it ignored. I have read other posts in this forum and tried to use the help there, but it doesn't seem to apply.

I am using Ad-Aware AE if that helps any. I would appreciate any help anyone can give me as I'm afraid that a true threat will show up and that I won't be able to submit it, as it would mean submitting avg incorrectly.



MSG [2572] 2009/03/20 14:11:41: Configure new scan with profile: smart
MSG [2572] 2009/03/20 14:11:41: -> scanning critical objects
MSG [2572] 2009/03/20 14:11:41: -> scanning running processes
MSG [2572] 2009/03/20 14:11:41: -> scanning registry
MSG [2572] 2009/03/20 14:11:41: -> scanning lsp
MSG [2572] 2009/03/20 14:11:41: -> scanning browser hijacks
MSG [2572] 2009/03/20 14:11:41: -> scanning cookies
MSG [2572] 2009/03/20 14:11:41: -> neutralizing rootkits
MSG [2572] 2009/03/20 14:11:41: -> use spyware heuristics
MSG [2572] 2009/03/20 14:11:41: -> use extended engine (avira + heuristics)
MSG [2572] 2009/03/20 14:11:41: -> use mild heuristics for extended engine
MSG [2572] 2009/03/20 14:11:41: -> scan only executables
MSG [2572] 2009/03/20 14:11:41: -> file size limit = 20480 kB (0 = unlimited)
MSG [3184] 2009/03/20 14:25:44: Scan was completed in 842 seconds
MSG [3184] 2009/03/20 14:25:44: Objects processed: 64856, infections detected: 3
ERR [2572] 2009/03/20 16:24:04: SDKController::GetQuarantineList -> Not in idle state
ERR [2572] 2009/03/20 16:24:04: SDKController::GetWhiteList -> Not in idle state
ERR [2572] 2009/03/20 16:24:08: SDKController::GetDefinitonsFileVersion -> Not in idle state
ERR [2572] 2009/03/20 16:24:08: SDKController::GetLatestSuccessfulScanReport -> Not in idle state
MSG [3212] 2009/03/20 16:24:15: Remediating 3 infections
MSG [3212] 2009/03/20 16:24:38: Clean failed for: *advertising*
MSG [3212] 2009/03/20 16:24:38: Infections quarantined: 0, removed: 3, repaired: 0
MSG [3212] 2009/03/20 16:24:38: Infections ignored by remediation: 0 (0 whitelisted, 0 skipped).
ERR [2572] 2009/03/20 16:26:12: SDKController::GetQuarantineList -> Not in idle state
ERR [2572] 2009/03/20 16:26:12: SDKController::GetWhiteList -> Not in idle state
MSG [2572] 2009/03/20 16:26:14: Dumping scan report:
>>> Logfile created: 3/20/2009 14:11:42
>>> Lavasoft Ad-Aware version: 8.0.3
>>> Extended engine version: 8.1
>>> User performing scan: Cathie Gezzer
>>>
>>> *********************** Definitions database information ***********************
>>> Lavasoft definition file: 147.1
>>> Extended engine definition file: 8.1
>>>
>>> ******************************** Scan results: *********************************
>>> Scan profile name: Smart Scan (ID: smart)
>>> Objects scanned: 64856
>>> Objects detected: 3
>>>
>>>
>>> Type Detected
>>> ==========================
>>> Processes.......: 0
>>> Registry entries: 0
>>> Hostfile entries: 0
>>> Files...........: 0
>>> Folders.........: 0
>>> LSPs............: 0
>>> Cookies.........: 3
>>> Browser hijacks.: 0
>>> MRU objects.....: 0
>>>
>>>
>>>
>>> Removed items:
>>> Description: *advertis* Family Name: Cookies Clean status: Success Item ID: 408918 Family ID: 0
>>> Description: *advertising* Family Name: Cookies Clean status: Failed Item ID: 409017 Family ID: 0
>>> Description: *doubleclick* Family Name: Cookies Clean status: Success Item ID: 408875 Family ID: 0
>>>
>>> Scan and cleaning complete: Finished correctly after 842 seconds
>>>
>>> *********************************** Settings ***********************************
>>>
>>> Scan profile:
>>> ID: smart, enabled:1, value: Smart Scan
>>> ID: scancriticalareas, enabled:1, value: true
>>> ID: scanrunningapps, enabled:1, value: true
>>> ID: scanregistry, enabled:1, value: true
>>> ID: scanlsp, enabled:1, value: true
>>> ID: scanads, enabled:1, value: false
>>> ID: scanhostsfile, enabled:1, value: false
>>> ID: scanmru, enabled:1, value: false
>>> ID: scanbrowserhijacks, enabled:1, value: true
>>> ID: scantrackingcookies, enabled:1, value: true
>>> ID: closebrowsers, enabled:1, value: false
>>> ID: folderstoscan, enabled:1, value:
>>> ID: scanrootkits, enabled:1, value: true
>>> ID: usespywareheuristics, enabled:1, value: true
>>> ID: extendedengine, enabled:1, value: true
>>> ID: useheuristics, enabled:1, value: true
>>> ID: heuristicslevel, enabled:1, value: mild, domain: medium,mild,strict
>>> ID: filescanningoptions, enabled:1
>>> ID: archives, enabled:1, value: false
>>> ID: onlyexecutables, enabled:1, value: true
>>> ID: skiplargerthan, enabled:1, value: 20480
>>>
>>> Scan global:
>>> ID: global, enabled:1
>>> ID: addtocontextmenu, enabled:1, value: true
>>> ID: playsoundoninfection, enabled:1, value: false
>>> ID: soundfile, enabled:0, value: *to be filled in automatically*\alert.wav
>>>
>>> Scheduled scan settings:
>>> ID: mysmartscan, enabled:1, value: my smart scan
>>> ID: time, enabled:1, value: Fri Feb 27 07:27:00 2009
>>> ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
>>> ID: weekdays, enabled:1
>>> ID: monday, enabled:1, value: false
>>> ID: tuesday, enabled:1, value: false
>>> ID: wednesday, enabled:1, value: false
>>> ID: thursday, enabled:1, value: false
>>> ID: friday, enabled:1, value: false
>>> ID: saturday, enabled:1, value: false
>>> ID: sunday, enabled:1, value: false
>>> ID: monthly, enabled:1, value: 27, minvalue: 1, maxvalue: 31
>>> ID: scanprofile, enabled:1, value: smart
>>> ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: fullscanny, enabled:1, value: full scanny
>>> ID: time, enabled:1, value: Wed Feb 25 07:29:00 2009
>>> ID: frequency, enabled:1, value: monthly, domain: daily,monthly,once,systemstart,weekly
>>> ID: weekdays, enabled:1
>>> ID: monday, enabled:1, value: false
>>> ID: tuesday, enabled:1, value: false
>>> ID: wednesday, enabled:1, value: false
>>> ID: thursday, enabled:1, value: false
>>> ID: friday, enabled:1, value: false
>>> ID: saturday, enabled:1, value: false
>>> ID: sunday, enabled:1, value: false
>>> ID: monthly, enabled:1, value: 25, minvalue: 1, maxvalue: 31
>>> ID: scanprofile, enabled:1, value: full
>>> ID: auto_deal_with_infections, enabled:1, value: false
>>>
>>> Update settings:
>>> ID: updates, enabled:1
>>> ID: launchthreatworksafterscan, enabled:1, value: normal, domain: normal,off,silently
>>> ID: displaystatus, enabled:1, value: false
>>> ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
>>> ID: autodetectproxy, enabled:1, value: false
>>> ID: useautoconfigscript, enabled:1, value: false
>>> ID: autoconfigurl, enabled:0, value:
>>> ID: useproxy, enabled:1, value: false
>>> ID: proxyserver, enabled:0, value:
>>> ID: softwareupdates, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
>>> ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
>>> ID: schedules, enabled:1, value: true
>>> ID: updatedaily, enabled:1, value: Daily
>>> ID: time, enabled:1, value: Sat Jan 31 14:05:00 2009
>>> ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
>>> ID: weekdays, enabled:1
>>> ID: monday, enabled:1, value: false
>>> ID: tuesday, enabled:1, value: false
>>> ID: wednesday, enabled:1, value: false
>>> ID: thursday, enabled:1, value: false
>>> ID: friday, enabled:1, value: false
>>> ID: saturday, enabled:1, value: false
>>> ID: sunday, enabled:1, value: false
>>> ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>> ID: scanprofile, enabled:1, value:
>>> ID: auto_deal_with_infections, enabled:1, value: false
>>> ID: updateweekly, enabled:1, value: Weekly
>>> ID: time, enabled:1, value: Sat Jan 31 14:05:00 2009
>>> ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
>>> ID: weekdays, enabled:1
>>> ID: monday, enabled:1, value: true
>>> ID: tuesday, enabled:1, value: false
>>> ID: wednesday, enabled:1, value: false
>>> ID: thursday, enabled:1, value: false
>>> ID: friday, enabled:1, value: false
>>> ID: saturday, enabled:1, value: true
>>> ID: sunday, enabled:1, value: false
>>> ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
>>> ID: scanprofile, enabled:1, value:
>>> ID: auto_deal_with_infections, enabled:1, value: false
>>>
>>> Appearance settings:
>>> ID: appearance, enabled:1
>>> ID: skin, enabled:1, value: Orange.eGL, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
>>> ID: showtrayicon, enabled:1, value: true
>>> ID: language, enabled:1, value: en, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language
>>>
>>> Realtime protection settings:
>>> ID: realtime, enabled:1
>>> ID: processprotection, enabled:1, value: true
>>> ID: registryprotection, enabled:1, value: true
>>> ID: networkprotection, enabled:0, value: false
>>> ID: loadatstartup, enabled:1, value: true
>>> ID: usespywareheuristics, enabled:1, value: true
>>> ID: extendedengine, enabled:1, value: true
>>> ID: useheuristics, enabled:1, value: true
>>> ID: heuristicslevel, enabled:1, value: medium, domain: medium,mild,strict
>>> ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant
>>>
>>>
>>> ****************************** System information ******************************
>>> Computer name: NUCATHIE
>>> Processor name: Intel® Celeron® CPU 2.53GHz
>>> Processor identifier: x86 Family 15 Model 4 Stepping 9
>>> Raw info: processorarchitecture 0, processortype 586, processorlevel 15, processor revision 1033, number of processors 1
>>> Physical memory available: 471486464 bytes
>>> Physical memory total: 1071628288 bytes
>>> Virtual memory available: 1992253440 bytes
>>> Virtual memory total: 2147352576 bytes
>>> Memory load: 56%
>>> Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
>>> Windows startup mode:
>>>
>>> Running processes:
>>> PID: 556 name: \SystemRoot\System32\smss.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 636 name: \??\C:\WINDOWS\system32\csrss.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 668 name: \??\C:\WINDOWS\system32\winlogon.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 712 name: C:\WINDOWS\system32\services.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 748 name: C:\WINDOWS\system32\lsass.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 908 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 1008 name: C:\WINDOWS\system32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY
>>> PID: 1104 name: C:\WINDOWS\System32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 1272 name: C:\WINDOWS\system32\svchost.exe owner: NETWORK SERVICE domain: NT AUTHORITY
>>> PID: 1384 name: C:\WINDOWS\system32\svchost.exe owner: LOCAL SERVICE domain: NT AUTHORITY
>>> PID: 1468 name: C:\WINDOWS\Explorer.EXE owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 1764 name: C:\WINDOWS\system32\spoolsv.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 2012 name: C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 2024 name: C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 124 name: C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 152 name: C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 200 name: C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE owner: SYSTEM domain: NT AUTHORITY
>>> PID: 216 name: C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 264 name: C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE owner: SYSTEM domain: NT AUTHORITY
>>> PID: 424 name: C:\WINDOWS\system32\svchost.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 1312 name: C:\PROGRA~1\AVG\AVG8\avgemc.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 1372 name: C:\PROGRA~1\AVG\AVG8\avgrsx.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 1400 name: C:\PROGRA~1\AVG\AVG8\avgnsx.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 344 name: C:\Program Files\AVG\AVG8\avgcsrvx.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 2056 name: C:\WINDOWS\system32\wbem\wmiprvse.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 2172 name: C:\WINDOWS\System32\alg.exe owner: LOCAL SERVICE domain: NT AUTHORITY
>>> PID: 2752 name: C:\WINDOWS\system32\hkcmd.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 2760 name: C:\WINDOWS\system32\igfxpers.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 2820 name: C:\Program Files\Dell\Media Experience\DMXLauncher.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 3020 name: C:\WINDOWS\System32\DLA\DLACTRLW.EXE owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 3156 name: C:\Program Files\Common Files\AOL\1165510063\ee\AOLSoftware.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 3252 name: C:\Program Files\Common Files\AOL\ACS\AOLDial.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 3264 name: C:\Program Files\Common Files\Real\Update_OB\realsched.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 3368 name: C:\WINDOWS\system32\ctfmon.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 3824 name: C:\PROGRA~1\AVG\AVG8\avgtray.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 4080 name: C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 716 name: C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 2844 name: C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 3780 name: C:\Program Files\ScreenPrint32 v3\ScreenPrint32.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 3940 name: C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 2052 name: C:\Program Files\America Online 9.0a\waol.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 2332 name: C:\Program Files\Digital Line Detect\DLG.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 2568 name: C:\Program Files\Kana Reminder\Reminder.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 3452 name: C:\Program Files\Common Files\AOL\1165510063\ee\aolsoftware.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 1260 name: C:\WINDOWS\system32\taskmgr.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 2728 name: C:\Program Files\Internet Explorer\IEXPLORE.EXE owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 2296 name: C:\Program Files\America Online 9.0a\shellmon.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 3820 name: C:\Program Files\ePrompter\ePrompter.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 3472 name: C:\Program Files\Trillian\trillian.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 2508 name: c:\program files\common files\aol\1165510063\ee\services\safetyCore\ver210_5_2_1\AOLSP Scheduler.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 2544 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 2916 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 1196 name: C:\WINDOWS\system32\wbem\unsecapp.exe owner: SYSTEM domain: NT AUTHORITY
>>> PID: 3564 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: Cathie Gezzer domain: NUCATHIE
>>> PID: 3068 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe owner: Cathie Gezzer domain: NUCATHIE
>>>
>>> Startup items:
>>> Name: {438755C2-A8BA-11D1-B96B-00A0C90312E1}
>>> imagepath: Browseui preloader
>>> Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
>>> imagepath: Component Categories cache daemon
>>> Name: IgfxTray
>>> imagepath: C:\WINDOWS\system32\igfxtray.exe
>>> Name: HotKeysCmds
>>> imagepath: C:\WINDOWS\system32\hkcmd.exe
>>> Name: Persistence
>>> imagepath: C:\WINDOWS\system32\igfxpers.exe
>>> Name: DMXLauncher
>>> imagepath: C:\Program Files\Dell\Media Experience\DMXLauncher.exe
>>> Name: ISUSPM Startup
>>> imagepath: "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
>>> Name: ISUSScheduler
>>> imagepath: "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
>>> Name: DLA
>>> imagepath: C:\WINDOWS\System32\DLA\DLACTRLW.EXE
>>> Name: sscRun
>>> imagepath: C:\Program Files\Common Files\AOL\1165510063\ee\SSCRun.exe
>>> Name: QuickTime Task
>>> imagepath: "C:\Program Files\QuickTime\qttask.exe" -atboottime
>>> Name: MSKDetectorExe
>>> imagepath: C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
>>> Name: HostManager
>>> imagepath: C:\Program Files\Common Files\AOL\1165510063\ee\AOLSoftware.exe
>>> Name: Adobe Reader Speed Launcher
>>> imagepath: "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
>>> Name: AOLDialer
>>> imagepath: C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
>>> Name: TkBellExe
>>> imagepath: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
>>> Name: AVG8_TRAY
>>> imagepath: C:\PROGRA~1\AVG\AVG8\avgtray.exe
>>> Name: SSBkgdUpdate
>>> imagepath: "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
>>> Name: OpwareSE4
>>> imagepath: "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
>>> Name: WrtMon.exe
>>> imagepath: C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
>>> Name: CanonSolutionMenu
>>> imagepath: C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
>>> Name: CanonMyPrinter
>>> imagepath: C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
>>> Name: Ad-Watch
>>> imagepath: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
>>> Name: ScreenPrint32
>>> imagepath: C:\Program Files\ScreenPrint32 v3\ScreenPrint32.exe -startup
>>> Name: PostBootReminder
>>> imagepath: {7849596a-48ea-486e-8937-a2a3009f31a9}
>>> Name: CDBurn
>>> imagepath: {fbeb8a05-beee-4442-804e-409d6c4515e9}
>>> Name: WebCheck
>>> imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
>>> Name: SysTray
>>> imagepath: {35CEC8A3-2BE6-11D2-8773-92E220524153}
>>> Name: WPDShServiceObj
>>> imagepath: {AAA288BA-9A4C-45B0-95D7-94D524869DB5}
>>> Name:
>>> imagepath: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
>>> Name:
>>> location: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
>>> imagepath: C:\Program Files\Digital Line Detect\DLG.exe
>>>
>>> Bootexecute items:
>>> Name:
>>> imagepath: autocheck autochk /r \??\D:
>>> Name:
>>> imagepath: autocheck autochk *
>>> Name:
>>> imagepath: lsdelete
>>>
>>> Running services:
>>> Name: ALG
>>> displayname: Application Layer Gateway Service
>>> Name: AOL ACS
>>> displayname: AOL Connectivity Service
>>> Name: AOL TopSpeedMonitor
>>> displayname: AOL TopSpeed Monitor
>>> Name: AudioSrv
>>> displayname: Windows Audio
>>> Name: avg8emc
>>> displayname: AVG Free8 E-mail Scanner
>>> Name: avg8wd
>>> displayname: AVG Free8 WatchDog
>>> Name: Browser
>>> displayname: Computer Browser
>>> Name: CryptSvc
>>> displayname: Cryptographic Services
>>> Name: DcomLaunch
>>> displayname: DCOM Server Process Launcher
>>> Name: Dhcp
>>> displayname: DHCP Client
>>> Name: Dnscache
>>> displayname: DNS Client
>>> Name: ERSvc
>>> displayname: Error Reporting Service
>>> Name: Eventlog
>>> displayname: Event Log
>>> Name: EventSystem
>>> displayname: COM+ Event System
>>> Name: FastUserSwitchingCompatibility
>>> displayname: Fast User Switching Compatibility
>>> Name: helpsvc
>>> displayname: Help and Support
>>> Name: HidServ
>>> displayname: HID Input Service
>>> Name: IJPLMSVC
>>> displayname: PIXMA Extended Survey Program
>>> Name: ITMRTSVC
>>> displayname: CA Pest Patrol Realtime Protection Service
>>> Name: lanmanserver
>>> displayname: Server
>>> Name: lanmanworkstation
>>> displayname: Workstation
>>> Name: Lavasoft Ad-Aware Service
>>> displayname: Lavasoft Ad-Aware Service
>>> Name: LmHosts
>>> displayname: TCP/IP NetBIOS Helper
>>> Name: MDM
>>> displayname: Machine Debug Manager
>>> Name: Netman
>>> displayname: Network Connections
>>> Name: Nla
>>> displayname: Network Location Awareness (NLA)
>>> Name: PlugPlay
>>> displayname: Plug and Play
>>> Name: PolicyAgent
>>> displayname: IPSEC Services
>>> Name: ProtectedStorage
>>> displayname: Protected Storage
>>> Name: RasMan
>>> displayname: Remote Access Connection Manager
>>> Name: RpcSs
>>> displayname: Remote Procedure Call (RPC)
>>> Name: SamSs
>>> displayname: Security Accounts Manager
>>> Name: Schedule
>>> displayname: Task Scheduler
>>> Name: seclogon
>>> displayname: Secondary Logon
>>> Name: SENS
>>> displayname: System Event Notification
>>> Name: SharedAccess
>>> displayname: Windows Firewall/Internet Connection Sharing (ICS)
>>> Name: ShellHWDetection
>>> displayname: Shell Hardware Detection
>>> Name: Spooler
>>> displayname: Print Spooler
>>> Name: srservice
>>> displayname: System Restore Service
>>> Name: SSDPSRV
>>> displayname: SSDP Discovery Service
>>> Name: stisvc
>>> displayname: Windows Image Acquisition (WIA)
>>> Name: TapiSrv
>>> displayname: Telephony
>>> Name: TermService
>>> displayname: Terminal Services
>>> Name: Themes
>>> displayname: Themes
>>> Name: TrkWks
>>> displayname: Distributed Link Tracking Client
>>> Name: w32time
>>> displayname: Windows Time
>>> Name: WebClient
>>> displayname: WebClient
>>> Name: winmgmt
>>> displayname: Windows Management Instrumentation
>>> Name: wscsvc
>>> displayname: Security Center
>>> Name: wuauserv
>>> displayname: Automatic Updates
>>> Name: WZCSVC
>>> displayname: Wireless Zero Configuration
>>>
>>>
LS Anders
Mar 23 2009, 08:39 AM
Hello gzzrs3

Thank you for reporting this. Could you please clarify when these files are detected and by what as they are not mentioned in the log report (only 3 cookies detected there). The "C:\Documents and Settings\...\Ad-Aware\ThreatWork\Submit\" folder is used when Ad-Aware is submitting files to Threatworks. There should be no files used or running from this folder.

Regards
LS Anders
LS CalamityJane
Apr 11 2009, 03:19 PM
gzzrs3, are you still with us? Could you please read LS Anders' post to you above (post #2 in this topic) and respond if this still an issue outstanding for you?
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2009 Invision Power Services, Inc.