My PC has been very sluggish when surfing the web. I ran Ad-Aware SE Personal and it detected "1 New Critical Object". It has a rating of 9!
The Ad-Aware program does not run a complete scan, it freezes up at the same file each and every time I try to run the program.
So I stopped the program mid-way(pressed the cancel button) as soon as the "critical object" was detected, and quarantined, then deleted the culprit.
Problem is, Ad-Aware program is still freezing up at the same file, even though I deleted the critical object, I still cannot run a full scan!!?
I think it's still there!!
Now when I press cancel (after it freezes up) my "Scan Summary" shows:
Objects Scanned: 1234567890
Objects Ignored: 4
Objects Identifed: 99999
Total New Objects: 99
Total New Objects: 99
Average Tac:
It freezes up during the deep registry scan.
Stops at the same spot each time.
A file in the registry that starts with CLSID\{5E1CC3CCD-4E7F-4619-E476-C6BA1A1F-4481}
Whatever that means???
Please Can You Help??
Full Version: TAC Rating:9!!
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Resolved/Inactive General Support Issues
Hi! Scarlett2339 and thank you for your report on this problem.
I have a few questions:
Which definition file are you running? If you just click on the earth icon in the upper right in ad-aware
then you will be able to download the newest definition file.
The CLASSID that you registered where did you find it ? In the Scan Summary or Negligible Objects list
after running ad-aware? Or did the scan freeze on the value CLSID\{5E1CC3CCD-4E7F-4619-E476-C6BA1A1F-4481} right in front of your eyes before you
pushed the cancel button.
I did some research on this CLASSID and I ask you all this questions because I didn't find the value that you recognized in detection.
How long time did you wait when ad-aware was freezing before you pushed the cancel button ?
And can you please send us the log file from your scan:
1. Run the scan again and if ad-aware freezes again push the cancel button.
2. Then just click next then next again.
3. On the question No objects selected for removal. Continue ? Just Click OK
4. Then you will find a log file in this folder on your harddrive:
5. C:\Documents and Settings\UserName\Application Data\Lavasoft\Ad-Aware\Logs
You will find log files from different dates, ex: ( Ad-Aware log2006-12-04 09-00-00) choose the log file from the date when this problem occured then copy the text inside of it and paste it in this forum.
You can also choose to attach the file here in this forum.
Thank You !
A.Bodahl
Lavasoft Research Team
I have a few questions:
Which definition file are you running? If you just click on the earth icon in the upper right in ad-aware
then you will be able to download the newest definition file.
The CLASSID that you registered where did you find it ? In the Scan Summary or Negligible Objects list
after running ad-aware? Or did the scan freeze on the value CLSID\{5E1CC3CCD-4E7F-4619-E476-C6BA1A1F-4481} right in front of your eyes before you
pushed the cancel button.
I did some research on this CLASSID and I ask you all this questions because I didn't find the value that you recognized in detection.
How long time did you wait when ad-aware was freezing before you pushed the cancel button ?
And can you please send us the log file from your scan:
1. Run the scan again and if ad-aware freezes again push the cancel button.
2. Then just click next then next again.
3. On the question No objects selected for removal. Continue ? Just Click OK
4. Then you will find a log file in this folder on your harddrive:
5. C:\Documents and Settings\UserName\Application Data\Lavasoft\Ad-Aware\Logs
You will find log files from different dates, ex: ( Ad-Aware log2006-12-04 09-00-00) choose the log file from the date when this problem occured then copy the text inside of it and paste it in this forum.
You can also choose to attach the file here in this forum.
Thank You !
A.Bodahl
Lavasoft Research Team
Thank You for helping LS!
I will try my best to answer your questions, I'm still at the elementary stage with computers.
The definitions file is SE1R135 27.11.2006 loaded
I did click the earth icon but "no up-dated components available" so my definition file must be the newest.
I got the "CLSID" by performing full scan. When the scan gets to "Deep scanning local registry" it stops scanning any more objects and won't go any further. It stops on the value CLSID\{5E44E225-A408-11CF-B581-008029601108}
Yes right in front of my eyes, I'm able to read it and copy it down before I push the cancel button. The numbers and letters in this value(if that's what it's called) have changed from when I posted earlier. The one above is the one it stops on now.
I waited quite a few minutes watching for the "objects scanned" number to change, but it didn't change, so then I clicked cancel.
On the "Scanning results page" each time the "critical objects" tab is in the front but no info provided, it's just blank. As is "negligible objects" blank.
Scan Summary tab is blank on the left for target families detected, and on the right side, well you already read that in the first message I posted.
I'll try to send a log file but each time I run a scan and it freezes, I ONLY have a cancel button. When I click cancel, there is no next button? And clicking cancel brings up the "Scanning results" page. Again my only option on that page is cancel which brings me back to the status page again.
I've located the log files. (Couldn't have done that without you!)
The first one is when the problem occured:
Ad-Aware SE Build 1.06r1
Logfile Created on:Saturday, December 02, 2006 7:47:07 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R135 27.11.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WebHancer(TAC index:9):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
12-2-2006 7:47:07 PM - Scan started. (Custom mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 520
ThreadCreationTime : 11-21-2006 6:30:23 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 576
ThreadCreationTime : 11-21-2006 6:30:25 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 600
ThreadCreationTime : 11-21-2006 6:30:26 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 644
ThreadCreationTime : 11-21-2006 6:30:26 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 656
ThreadCreationTime : 11-21-2006 6:30:26 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 804
ThreadCreationTime : 11-21-2006 6:30:27 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 860
ThreadCreationTime : 11-21-2006 6:30:27 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 948
ThreadCreationTime : 11-21-2006 6:30:28 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1004
ThreadCreationTime : 11-21-2006 6:30:28 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1096
ThreadCreationTime : 11-21-2006 6:30:28 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1308
ThreadCreationTime : 11-21-2006 6:30:30 PM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [avgamsvr.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1424
ThreadCreationTime : 11-21-2006 6:30:37 PM
BasePriority : Normal
FileVersion : 7,1,0,365
ProductVersion : 7.1.0.365
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE
#:13 [avgupsvc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1436
ThreadCreationTime : 11-21-2006 6:30:37 PM
BasePriority : Normal
FileVersion : 7,1,0,349
ProductVersion : 7.1.0.349
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE
#:14 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1508
ThreadCreationTime : 11-21-2006 6:30:37 PM
BasePriority : Normal
FileVersion : 6.14.10.5216
ProductVersion : 6.14.10.5216
ProductName : NVIDIA Driver Helper Service, Version 52.16
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 52.16
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe
#:15 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1588
ThreadCreationTime : 11-21-2006 6:30:38 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:16 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1696
ThreadCreationTime : 11-21-2006 6:30:41 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:17 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1956
ThreadCreationTime : 11-21-2006 6:30:42 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:18 [ipodservice.exe]
FilePath : C:\Program Files\iPod\bin\
ProcessID : 368
ThreadCreationTime : 11-21-2006 7:03:00 PM
BasePriority : Normal
FileVersion : 7.0.2.16
ProductVersion : 7.0.2.16
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe
#:19 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 2276
ThreadCreationTime : 11-29-2006 7:16:47 AM
BasePriority : Normal
#:20 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 3852
ThreadCreationTime : 11-29-2006 7:16:48 AM
BasePriority : High
#:21 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 3960
ThreadCreationTime : 12-1-2006 3:24:27 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:22 [mixer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2440
ThreadCreationTime : 12-1-2006 3:24:29 AM
BasePriority : Normal
FileVersion : 1.58
ProductVersion : 1.58
ProductName : Mixer
CompanyName : C-Media Electronic Inc. (www.cmedia.com.tw)
FileDescription : Mixer
InternalName : Mixer
LegalCopyright : Copyright © 1997-2002
LegalTrademarks : NONE
OriginalFilename : Mixer.EXE
Comments : Feng Min-Chih (min_chih@cmedia.com.tw)
#:23 [lvcoms.exe]
FilePath : C:\Program Files\Common Files\Logitech\QCDriver2\
ProcessID : 1520
ThreadCreationTime : 12-1-2006 3:24:29 AM
BasePriority : Normal
FileVersion : 7.2.1.2009
ProductVersion : 7.2.1.2009
ProductName : Logitech ImageStudio
CompanyName : Logitech Inc.
FileDescription : LVCom Server
InternalName : LVComS.exe
LegalCopyright : © 1996-2002 Logitech. All rights reserved.
OriginalFilename : LVComS.exe
#:24 [logitray.exe]
FilePath : C:\Program Files\Logitech\ImageStudio\
ProcessID : 3240
ThreadCreationTime : 12-1-2006 3:24:29 AM
BasePriority : Normal
FileVersion : 7.2.0.1125
ProductVersion : 7.2.0.1125
ProductName : Logitech ImageStudio
CompanyName : Logitech Inc.
FileDescription : ImageStudio Tray Application
InternalName : LogiTray.exe
LegalCopyright : © 1996-2002 Logitech. All rights reserved.
OriginalFilename : LogiTray.exe
#:25 [directcd.exe]
FilePath : C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\
ProcessID : 2884
ThreadCreationTime : 12-1-2006 3:24:29 AM
BasePriority : Normal
FileVersion : 5.3.5.10
ProductVersion : 5.3.5.10
ProductName : DirectCD
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright © 2001-2003, Roxio, Inc.
OriginalFilename : Directcd.exe
#:26 [viewmgr.exe]
FilePath : C:\Program Files\Viewpoint\Viewpoint Manager\
ProcessID : 3756
ThreadCreationTime : 12-1-2006 3:24:30 AM
BasePriority : Normal
FileVersion : 2, 0, 0, 42
ProductVersion : 2, 0, 0, 42
ProductName : Viewpoint Manager
CompanyName : Viewpoint Corporation
FileDescription : ViewMgr
InternalName : Viewpoint Manager
LegalCopyright : Copyright © 2004
OriginalFilename : ViewMgr.exe
Comments : Viewpoint Manager
#:27 [avgcc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 3600
ThreadCreationTime : 12-1-2006 3:24:30 AM
BasePriority : Normal
FileVersion : 7,1,0,406
ProductVersion : 7.1.0.406
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2006, GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE
#:28 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.5.0_03\bin\
ProcessID : 3520
ThreadCreationTime : 12-1-2006 3:24:30 AM
BasePriority : Normal
#:29 [ituneshelper.exe]
FilePath : C:\Program Files\iTunes\
ProcessID : 2084
ThreadCreationTime : 12-1-2006 3:24:31 AM
BasePriority : Normal
FileVersion : 7.0.2.16
ProductVersion : 7.0.2.16
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe
#:30 [jucheck.exe]
FilePath : C:\Program Files\Java\jre1.5.0_03\bin\
ProcessID : 3360
ThreadCreationTime : 12-1-2006 3:24:31 AM
BasePriority : Normal
FileVersion : 5.0.30.7
ProductVersion : 5.0.30.7
ProductName : Java™ 2 Platform Standard Edition 5.0 Update 3
CompanyName : Sun Microsystems, Inc.
FileDescription : Java™ Update Checker
InternalName : Java™ Update Checker
LegalCopyright : Copyright © 2004
OriginalFilename : jucheck.exe
#:31 [devldr32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1760
ThreadCreationTime : 12-1-2006 3:24:32 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 17
ProductVersion : 1, 0, 0, 17
ProductName : Creative Ring3 NT Inteface
CompanyName : Creative Technology Ltd.
FileDescription : DevLdr32
InternalName : DevLdr
LegalCopyright : Copyright © Creative Technology Ltd. 1998-2001
OriginalFilename : DevLdr32.exe
#:32 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3672
ThreadCreationTime : 12-1-2006 4:25:15 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:33 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3652
ThreadCreationTime : 12-1-2006 9:15:04 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:34 [avgwb.dat]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1868
ThreadCreationTime : 12-3-2006 12:35:54 AM
BasePriority : Normal
FileVersion : 7,1,0,406
ProductVersion : 7.1.0.406
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Basic Interface
InternalName : avgwb
LegalCopyright : Copyright © 2006, GRISOFT, s.r.o.
OriginalFilename : AVGWB.EXE
#:35 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3024
ThreadCreationTime : 12-3-2006 12:37:22 AM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WebHancer Object Recognized!
Type : Regkey
Data :
TAC Rating : 9
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-692354800-3237849463-991614033-501\software\microsoft\windows\currentversion\ext\stats\{c900b400-cdfe-11d3-976a-00e02913a9e0}
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 1
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
<STOP>
7:47:46 PM Scan stopped by user
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:00:38.94
Objects scanned:82028
Objects identified:1
Objects ignored:0
New critical objects:1
This log file is from the most recent scan:
I've ran alot more scans since this one, but they're not in the logfile??Dec 03, was not the last scan performed? but it's the most recent file in the log? I don't understand?
I even just ran another scan to be sure; I looked for it but its not there? It should say Dec 04.
I guess it stopped logging them??
This log shows nothing, but there IS something thats causing it to freeze and it does not want to be removed. I think this is serious!!
Ad-Aware SE Build 1.06r1
Logfile Created on:Sunday, December 03, 2006 4:05:20 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R135 27.11.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
None
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
<STOP>
12-3-2006 4:05:20 PM - Scan started. (Full System Scan)
4:05:20 PM Scan stopped by user
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:00:00.0
Objects scanned:0
Objects identified:0
Objects ignored:0
New critical objects:0
Once again,
Thank you for helping Lavasoft
I will try my best to answer your questions, I'm still at the elementary stage with computers.
The definitions file is SE1R135 27.11.2006 loaded
I did click the earth icon but "no up-dated components available" so my definition file must be the newest.
I got the "CLSID" by performing full scan. When the scan gets to "Deep scanning local registry" it stops scanning any more objects and won't go any further. It stops on the value CLSID\{5E44E225-A408-11CF-B581-008029601108}
Yes right in front of my eyes, I'm able to read it and copy it down before I push the cancel button. The numbers and letters in this value(if that's what it's called) have changed from when I posted earlier. The one above is the one it stops on now.
I waited quite a few minutes watching for the "objects scanned" number to change, but it didn't change, so then I clicked cancel.
On the "Scanning results page" each time the "critical objects" tab is in the front but no info provided, it's just blank. As is "negligible objects" blank.
Scan Summary tab is blank on the left for target families detected, and on the right side, well you already read that in the first message I posted.
I'll try to send a log file but each time I run a scan and it freezes, I ONLY have a cancel button. When I click cancel, there is no next button? And clicking cancel brings up the "Scanning results" page. Again my only option on that page is cancel which brings me back to the status page again.
I've located the log files. (Couldn't have done that without you!)
The first one is when the problem occured:
Ad-Aware SE Build 1.06r1
Logfile Created on:Saturday, December 02, 2006 7:47:07 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R135 27.11.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WebHancer(TAC index:9):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
12-2-2006 7:47:07 PM - Scan started. (Custom mode)
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 520
ThreadCreationTime : 11-21-2006 6:30:23 PM
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 576
ThreadCreationTime : 11-21-2006 6:30:25 PM
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 600
ThreadCreationTime : 11-21-2006 6:30:26 PM
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 644
ThreadCreationTime : 11-21-2006 6:30:26 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 656
ThreadCreationTime : 11-21-2006 6:30:26 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 804
ThreadCreationTime : 11-21-2006 6:30:27 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 860
ThreadCreationTime : 11-21-2006 6:30:27 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 948
ThreadCreationTime : 11-21-2006 6:30:28 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1004
ThreadCreationTime : 11-21-2006 6:30:28 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1096
ThreadCreationTime : 11-21-2006 6:30:28 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1308
ThreadCreationTime : 11-21-2006 6:30:30 PM
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [avgamsvr.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1424
ThreadCreationTime : 11-21-2006 6:30:37 PM
BasePriority : Normal
FileVersion : 7,1,0,365
ProductVersion : 7.1.0.365
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Alert Manager
InternalName : avgamsvr
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgamsvr.EXE
#:13 [avgupsvc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1436
ThreadCreationTime : 11-21-2006 6:30:37 PM
BasePriority : Normal
FileVersion : 7,1,0,349
ProductVersion : 7.1.0.349
ProductName : AVG 7.0 Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Update Service
InternalName : avgupsvc
LegalCopyright : Copyright © 2005, GRISOFT, s.r.o.
OriginalFilename : avgupdsvc.EXE
#:14 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1508
ThreadCreationTime : 11-21-2006 6:30:37 PM
BasePriority : Normal
FileVersion : 6.14.10.5216
ProductVersion : 6.14.10.5216
ProductName : NVIDIA Driver Helper Service, Version 52.16
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 52.16
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe
#:15 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1588
ThreadCreationTime : 11-21-2006 6:30:38 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:16 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1696
ThreadCreationTime : 11-21-2006 6:30:41 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:17 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1956
ThreadCreationTime : 11-21-2006 6:30:42 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:18 [ipodservice.exe]
FilePath : C:\Program Files\iPod\bin\
ProcessID : 368
ThreadCreationTime : 11-21-2006 7:03:00 PM
BasePriority : Normal
FileVersion : 7.0.2.16
ProductVersion : 7.0.2.16
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe
#:19 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 2276
ThreadCreationTime : 11-29-2006 7:16:47 AM
BasePriority : Normal
#:20 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 3852
ThreadCreationTime : 11-29-2006 7:16:48 AM
BasePriority : High
#:21 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 3960
ThreadCreationTime : 12-1-2006 3:24:27 AM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE
#:22 [mixer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2440
ThreadCreationTime : 12-1-2006 3:24:29 AM
BasePriority : Normal
FileVersion : 1.58
ProductVersion : 1.58
ProductName : Mixer
CompanyName : C-Media Electronic Inc. (www.cmedia.com.tw)
FileDescription : Mixer
InternalName : Mixer
LegalCopyright : Copyright © 1997-2002
LegalTrademarks : NONE
OriginalFilename : Mixer.EXE
Comments : Feng Min-Chih (min_chih@cmedia.com.tw)
#:23 [lvcoms.exe]
FilePath : C:\Program Files\Common Files\Logitech\QCDriver2\
ProcessID : 1520
ThreadCreationTime : 12-1-2006 3:24:29 AM
BasePriority : Normal
FileVersion : 7.2.1.2009
ProductVersion : 7.2.1.2009
ProductName : Logitech ImageStudio
CompanyName : Logitech Inc.
FileDescription : LVCom Server
InternalName : LVComS.exe
LegalCopyright : © 1996-2002 Logitech. All rights reserved.
OriginalFilename : LVComS.exe
#:24 [logitray.exe]
FilePath : C:\Program Files\Logitech\ImageStudio\
ProcessID : 3240
ThreadCreationTime : 12-1-2006 3:24:29 AM
BasePriority : Normal
FileVersion : 7.2.0.1125
ProductVersion : 7.2.0.1125
ProductName : Logitech ImageStudio
CompanyName : Logitech Inc.
FileDescription : ImageStudio Tray Application
InternalName : LogiTray.exe
LegalCopyright : © 1996-2002 Logitech. All rights reserved.
OriginalFilename : LogiTray.exe
#:25 [directcd.exe]
FilePath : C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\
ProcessID : 2884
ThreadCreationTime : 12-1-2006 3:24:29 AM
BasePriority : Normal
FileVersion : 5.3.5.10
ProductVersion : 5.3.5.10
ProductName : DirectCD
CompanyName : Roxio
FileDescription : DirectCD Application
InternalName : DirectCD
LegalCopyright : Copyright © 2001-2003, Roxio, Inc.
OriginalFilename : Directcd.exe
#:26 [viewmgr.exe]
FilePath : C:\Program Files\Viewpoint\Viewpoint Manager\
ProcessID : 3756
ThreadCreationTime : 12-1-2006 3:24:30 AM
BasePriority : Normal
FileVersion : 2, 0, 0, 42
ProductVersion : 2, 0, 0, 42
ProductName : Viewpoint Manager
CompanyName : Viewpoint Corporation
FileDescription : ViewMgr
InternalName : Viewpoint Manager
LegalCopyright : Copyright © 2004
OriginalFilename : ViewMgr.exe
Comments : Viewpoint Manager
#:27 [avgcc.exe]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 3600
ThreadCreationTime : 12-1-2006 3:24:30 AM
BasePriority : Normal
FileVersion : 7,1,0,406
ProductVersion : 7.1.0.406
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Control Center
InternalName : AvgCC
LegalCopyright : Copyright © 2006, GRISOFT, s.r.o.
OriginalFilename : AvgCC.EXE
#:28 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.5.0_03\bin\
ProcessID : 3520
ThreadCreationTime : 12-1-2006 3:24:30 AM
BasePriority : Normal
#:29 [ituneshelper.exe]
FilePath : C:\Program Files\iTunes\
ProcessID : 2084
ThreadCreationTime : 12-1-2006 3:24:31 AM
BasePriority : Normal
FileVersion : 7.0.2.16
ProductVersion : 7.0.2.16
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe
#:30 [jucheck.exe]
FilePath : C:\Program Files\Java\jre1.5.0_03\bin\
ProcessID : 3360
ThreadCreationTime : 12-1-2006 3:24:31 AM
BasePriority : Normal
FileVersion : 5.0.30.7
ProductVersion : 5.0.30.7
ProductName : Java™ 2 Platform Standard Edition 5.0 Update 3
CompanyName : Sun Microsystems, Inc.
FileDescription : Java™ Update Checker
InternalName : Java™ Update Checker
LegalCopyright : Copyright © 2004
OriginalFilename : jucheck.exe
#:31 [devldr32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1760
ThreadCreationTime : 12-1-2006 3:24:32 AM
BasePriority : Normal
FileVersion : 1, 0, 0, 17
ProductVersion : 1, 0, 0, 17
ProductName : Creative Ring3 NT Inteface
CompanyName : Creative Technology Ltd.
FileDescription : DevLdr32
InternalName : DevLdr
LegalCopyright : Copyright © Creative Technology Ltd. 1998-2001
OriginalFilename : DevLdr32.exe
#:32 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3672
ThreadCreationTime : 12-1-2006 4:25:15 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:33 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3652
ThreadCreationTime : 12-1-2006 9:15:04 AM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:34 [avgwb.dat]
FilePath : C:\PROGRA~1\Grisoft\AVGFRE~1\
ProcessID : 1868
ThreadCreationTime : 12-3-2006 12:35:54 AM
BasePriority : Normal
FileVersion : 7,1,0,406
ProductVersion : 7.1.0.406
ProductName : AVG Anti-Virus System
CompanyName : GRISOFT, s.r.o.
FileDescription : AVG Basic Interface
InternalName : avgwb
LegalCopyright : Copyright © 2006, GRISOFT, s.r.o.
OriginalFilename : AVGWB.EXE
#:35 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3024
ThreadCreationTime : 12-3-2006 12:37:22 AM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
WebHancer Object Recognized!
Type : Regkey
Data :
TAC Rating : 9
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-692354800-3237849463-991614033-501\software\microsoft\windows\currentversion\ext\stats\{c900b400-cdfe-11d3-976a-00e02913a9e0}
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 1
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
<STOP>
7:47:46 PM Scan stopped by user
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:00:38.94
Objects scanned:82028
Objects identified:1
Objects ignored:0
New critical objects:1
This log file is from the most recent scan:
I've ran alot more scans since this one, but they're not in the logfile??Dec 03, was not the last scan performed? but it's the most recent file in the log? I don't understand?
I even just ran another scan to be sure; I looked for it but its not there? It should say Dec 04.
I guess it stopped logging them??
This log shows nothing, but there IS something thats causing it to freeze and it does not want to be removed. I think this is serious!!
Ad-Aware SE Build 1.06r1
Logfile Created on:Sunday, December 03, 2006 4:05:20 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R135 27.11.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
None
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
<STOP>
12-3-2006 4:05:20 PM - Scan started. (Full System Scan)
4:05:20 PM Scan stopped by user
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:00:00.0
Objects scanned:0
Objects identified:0
Objects ignored:0
New critical objects:0
Once again,
Thank you for helping Lavasoft
Hi Again! 
I recognized that the WebHancer Object which ad-aware flagged for in your scan from december 02 it is a bad ClassID.
WebHancer Object Recognized!
Type : Regkey
Data :
TAC Rating : 9
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-692354800-3237849463-991614033-501\software\microsoft\windows\currentversion\ext\stats\{c9
00b400-cdfe-11d3-976a-00e02913a9e0
This is not a false positive issue. A false positive is a file that we have in detection that shouldn't be there.
I suggest you post a new topic here:
http://www.lavasoftsupport.com/index.php?showforum=61
this forum is called Post your support issues here.
Thank You for your report on this.
A.Bodahl
Lavasoft Research Team
I recognized that the WebHancer Object which ad-aware flagged for in your scan from december 02 it is a bad ClassID.
WebHancer Object Recognized!
Type : Regkey
Data :
TAC Rating : 9
Category : Data Miner
Comment :
Rootkey : HKEY_USERS
Object : S-1-5-21-692354800-3237849463-991614033-501\software\microsoft\windows\currentversion\ext\stats\{c9
00b400-cdfe-11d3-976a-00e02913a9e0
This is not a false positive issue. A false positive is a file that we have in detection that shouldn't be there.
I suggest you post a new topic here:
http://www.lavasoftsupport.com/index.php?showforum=61
this forum is called Post your support issues here.
Thank You for your report on this.
A.Bodahl
Lavasoft Research Team
This poster is now getting help in this topic:
http://www.lavasoftsupport.com/index.php?showtopic=5114
We'll proceed in that one
I'll close this thread and move to resolved so we don't have more than one going at once
Thanks for taking a look at this LS Albin. She really does have Webhancer so we'll take it from there
(this is not a False Positive)
http://www.lavasoftsupport.com/index.php?showtopic=5114
We'll proceed in that one
I'll close this thread and move to resolved so we don't have more than one going at once
Thanks for taking a look at this LS Albin. She really does have Webhancer so we'll take it from there
(this is not a False Positive)
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.